Michael Leone on Thu, 11 Jul 2002 12:04:19 -0400


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Trouble setting up an internal DNS server 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ratza-fratza-damn-fricking-BIND9 ...

Anyway ... I had set up an internal DNS server for my company using 
BIND 8.2.3 (using RH 6.0), and it was working fine. I'm now replacing 
that hardware with a machine running Libranet 2.0 and BIND v9.2.1, 
but I'm having troubles getting it to be authorative for my domain.

Here's /etc/bind/named.conf:

options {
        directory "/var/cache/bind";
        forwarders{
                207.245.82.2;
                204.71.16.211;
        };
};
zone "." {
        type hint;
        file "/etc/bind/db.root";
};
zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};
zone "contributionship.com" {
        type master;
        file "/var/cache/bind/contributionship.com.hosts";
        notify no;
};
zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};
zone "1.168.192.in-addr.arpa" {
        type master;
        file "/var/cache/bind/reverse_lookup";
        notify no;
};

Note that it says it is master for "contributionship.com".

Here's part of the "contributionship.com..hosts" file:

$TTL    38400
@               IN      SOA     ns.contributionship.com. 
hostmaster.contributionship.com. (
                        2002070903
                        3H
                        1H
                        7D
                        640M
                        )
@               IN      TXT     "Contributionship.com  internal DNS"
@               IN      NS      ns
@               IN      MX      10      exchange

localhost       IN      A       127.0.0.1
exchange        IN      A       192.168.1.14
gw              IN      A       192.168.1.1
pix515          IN      A       192.168.1.2
ns              IN      A       192.168.1.3
ns              IN      MX      10      exchange
handyman        IN      CNAME   ns
switch2         IN      A       192.168.1.5
ciscoswitch1    IN      A       192.168.1.6

and so on, for all hosts.

When I start it up, it seems to realize that it's supposed to be 
authoritative for contributionship.com:

Jul 11 11:30:57 handyman named[970]: starting BIND 9.2.1
Jul 11 11:30:57 handyman named[970]: using 1 CPU
Jul 11 11:30:57 handyman named[972]: loading configuration from 
'/etc/bind/named.conf'
Jul 11 11:30:57 handyman named[972]: /etc/bind/named.conf:21: option 
'multiple-cnames' is obsolete
Jul 11 11:30:57 handyman named[972]: no IPv6 interfaces found
Jul 11 11:30:57 handyman named[972]: listening on IPv4 interface lo, 
127.0.0.1#53
Jul 11 11:30:57 handyman named[972]: listening on IPv4 interface 
eth0, 192.168.1.3#53
Jul 11 11:30:57 handyman named[972]: command channel listening on 
127.0.0.1#953
Jul 11 11:30:57 handyman named[972]: zone 0.in-addr.arpa/IN: loaded 
serial 1
Jul 11 11:30:57 handyman named[972]: zone 127.in-addr.arpa/IN: loaded 
serial 1
Jul 11 11:30:57 handyman named[972]: 
/var/cache/bind/reverse_lookup:1: no TTL specified; using SOA MINTTL 
instead
Jul 11 11:30:58 handyman named[972]: zone 1.168.192.in-addr.arpa/IN: 
loaded serial 2002071101
Jul 11 11:30:58 handyman named[972]: zone 255.in-addr.arpa/IN: loaded 
serial 1
Jul 11 11:30:58 handyman named[972]: dns_master_load: 
/var/cache/bind/contributionship.com.hosts:206: 
handyman.contributionship.com: CNAME and other data
Jul 11 11:30:58 handyman named[972]: zone contributionship.com/IN: 
loading master file /var/cache/bind/contributionship.com.hosts: CNAME 
and other data
Jul 11 11:30:58 handyman named[972]: zone localhost/IN: loaded serial 
1
Jul 11 11:30:58 handyman named[972]: running

But when I try and lookup any host in contributionship.com, it fails:

mjl@handyman:/var/cache/bind$ nslookup switch2
Note:  nslookup is deprecated and may be removed from future 
releases.
Consider using the `dig' or `host' programs instead.  Run nslookup 
with the  `-sil[ent]' option to prevent this message from appearing.
Server:         127.0.0.1
Address:        127.0.0.1#53

** server can't find switch2: NXDOMAIN

mjl@handyman:/var/cache/bind$ nslookup switch2.contributionship.com
Note:  nslookup is deprecated and may be removed from future 
releases.
Consider using the `dig' or `host' programs instead.  Run nslookup 
with the  `-sil[ent]' option to prevent this message from appearing.
Server:         127.0.0.1
Address:        127.0.0.1#53

** server can't find switch2.contributionship.com: SERVFAIL


/etc/resolv.conf:

domain contributionship.com
search contributionship.com
nameserver 127.0.0.1
nameserver 192.168.1.3
nameserver 207.245.82.2
nameserver 204.71.16.211


So what am I missing? Why isn't it finding 
"switch2.contributionship.com" as 192.168.1.5?



-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4 -- QDPGP 2.68 
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBPS2rPJq0HvZapbzfEQJ8YgCcC5Dlo7OOTPcTQi37qyt3Yu3+lGkAn3Op
X24WlXxyxQXj8TwhkHpxkg0a
=g1ft
-----END PGP SIGNATURE-----

______________________________________________________________________
Philadelphia Linux Users Group       -      http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion  -  http://lists.phillylinux.org/mail/listinfo/plug