RE: [PLUG] BIND troubleshooting / help

Martin DiViaio on Mon, 4 Aug 2003 07:23:15 -0400

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [PLUG] BIND troubleshooting / help

From: Martin DiViaio <scatterbrained@usermail.com>

To: plug@lists.phillylinux.org

Subject: RE: [PLUG] BIND troubleshooting / help

Date: Mon, 4 Aug 2003 07:21:46 -0400 (EDT)

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

> --> Try from a shell on ns1 and ns2: > --> > --> dig @ns3 gh-systems.com axfr > --> > --> If you get the complete zone file from ns3 then chances are > --> everything is > --> set up correctly on ns3 and the problem is somewhere on ns1 and ns2. > --> > --> Read the top of the dig report carefully. It will give you some > --> important > --> debugging information (like the server it's actually talking to). > > Great idea. Works! (Works with @<IP Address> and @<FQDN>, but not with > @ns3 - I think this is due to my lack of DNS search suffixes though?) Are you SURE that ns3 is the server responding to dig? dig will fall back on servers configured in /etc/resolv.conf if the server that is listed after the @ is unreachable. Read the lines before the SOA record. It will tell you what server it is actually calling. > --> Check /var/log/messages for messages from named and named-xfer. > --> These will > --> generally tell you why zones are not transfering. > > refresh failure: failure trying master 10.10.10.213#53 timed out > > (This is the correct IP address as Cisco NAT is at work here.) But the axfr > worked... Dumb question: Can you ping ns3 from ns1 and ns2? > --> Check the permissions on the directory where named is trying to > --> write the > --> new zone file. Check the permissions on the files themselves. Both the > --> directory and the zonefiles should be writable by the user > --> named runs as. > > ns1: > drwxr-xr-x /var/named > -rw-r--r-- /var/named/ all .zone files > > ns3: > drwxr-xr-x /var/named > -rw------- /var/named/ all .zone files > > I think (from top) named runs as named. Not sure about how permissions work. Who owns these files? As I said, the user that named runs as must have write access to the directory and files. > --> rndc reload will reload any zones with newer zone info than > --> what the nameserver > --> already had. This is based on the serial number of the zone. > --> > --> Are all of the nameservers authoritive for the zones. If not > --> transfers will not occur. > > I think so, all the zone files start: > $TTL86400 > @ IN SOA ns3.... What is the ENTIRE SOA record? From the @ to the close parenthesis after the timing numbers? _________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

Follow-Ups:

RE: [PLUG] BIND troubleshooting / help
From: "kaze" <kaze@voicenet.com>

References:

RE: [PLUG] BIND troubleshooting / help
From: "kaze" <kaze@voicenet.com>

Prev by Date: RE: [PLUG] BIND troubleshooting / help

Next by Date: RE: [PLUG] BIND troubleshooting / help

Previous by thread: RE: [PLUG] BIND troubleshooting / help

Next by thread: RE: [PLUG] BIND troubleshooting / help

Index(es):

Date

Thread