[PLUG] Re: BIND troubleshooting / help

Tom Diehl on Sun, 3 Aug 2003 20:35:24 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Re: BIND troubleshooting / help

From: Tom Diehl <tdiehl@rogueind.com>

To: PLUG listserv <plug@lists.phillylinux.org>

Subject: [PLUG] Re: BIND troubleshooting / help

Date: Sun, 3 Aug 2003 20:34:50 -0400 (EDT)

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

On Sun, 3 Aug 2003, kaze wrote: > As part of a bigger project I am bringing up three authoritative name > servers running BIND 9.2.1 on Red Hat 9. I committed to do this as a way to > really force myself to learn more Linux stuff. While somewhat frustrating > ("rndc-confgen -a" slowed me down for a while) it is working. > > I have three boxes, ns1, ns2, and ns3, where ns3 is the master. All are > authoritive though the register's and root server's records don't point to > them yet - the domains these guys will serve DNS for are currently being > handled by the ISP's DNS. > > They all work O.K. (I ftp'ed the zone files from ns3 to ns1 and ns2.) > Changes/updates to ns3 do NOT get copied to the others though. > > snip of ns3's named.conf: > zone "gh-systems.com" { > type master; > file "gh-systems.com.zone"; > }; > > snip of ns1 and ns2's named.conf where 10.10.10.213 is ns3: > zone "gh-systems.com" { > type slave; > file "gh-systems.com.zone"; > masters { 10.10.10.213; }; > }; > > Is there some way to force a zone transfer? rndc reload will reload any zones with newer zone info than what the nameserver already had. This is based on the serial number of the zone. Are all of the nameservers authoritive for the zones. If not transfers will not occur. > rndc status, named-checkconf, and named-checkzone all say everything is > fine... > > I read the docs Redhat provides, and the nice "BIND 9 Administrator > Reference Manual.pdf" Suggest getting the cricket book. It is the bible for bind. Make sure you get the latest version. > > Also should my /etc/resolv.conf be simply "nameserver 127.0.0.1"? What about > forwarders, they don't seem to work for me either. On the local machine you can use either 127.0.0.1 or the ip address for the interface that talks to the real world. On an external machine you must use the ip address of the nameserver. > Is there a detailed with examples howto out there for this stuff?: > 28800 ; refresh > 7200 ; retry > 604800 ; expire > 86400 ; ttl In the cricket book :-) I use: $TTL 86400 @ IN SOA ns1.rogueind.com. hostmaster.rogueind.com. ( 2003070300 ; Serial 2h ; the zone every 3 hours 1h ; if refresh failed retry every 1hour 2w ; If no refresh for 2 weeks expire the zone. 1h ) ; Negative caching ttl 1 hour Also you need port 53 tcp and udp open to the outside world if the nameservers are to be authoritive for a domain. You must have all of the nameservers listed in the zone file for automatic transfers to work. If you post the whole zone file and your /etc/named.conf I will take a look for you. You can send it to me privately if you like. HTH, -- ......Tom Registered Linux User #14522 http://counter.li.org tdiehl@rogueind.com My current SpamTrap -------> mtd123@rogueind.com _________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

References:

[PLUG] BIND troubleshooting / help
From: "kaze" <kaze@voicenet.com>

Prev by Date: Re: [PLUG] BIND troubleshooting / help

Next by Date: RE: [PLUG] BIND troubleshooting / help

Previous by thread: RE: [PLUG] BIND troubleshooting / help

Next by thread: [PLUG] IPtables and forwarding latency

Index(es):

Date

Thread