|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Re: BIND troubleshooting / help
|
On Sun, 3 Aug 2003, kaze wrote:
> As part of a bigger project I am bringing up three authoritative name
> servers running BIND 9.2.1 on Red Hat 9. I committed to do this as a way to
> really force myself to learn more Linux stuff. While somewhat frustrating
> ("rndc-confgen -a" slowed me down for a while) it is working.
>
> I have three boxes, ns1, ns2, and ns3, where ns3 is the master. All are
> authoritive though the register's and root server's records don't point to
> them yet - the domains these guys will serve DNS for are currently being
> handled by the ISP's DNS.
>
> They all work O.K. (I ftp'ed the zone files from ns3 to ns1 and ns2.)
> Changes/updates to ns3 do NOT get copied to the others though.
>
> snip of ns3's named.conf:
> zone "gh-systems.com" {
> type master;
> file "gh-systems.com.zone";
> };
>
> snip of ns1 and ns2's named.conf where 10.10.10.213 is ns3:
> zone "gh-systems.com" {
> type slave;
> file "gh-systems.com.zone";
> masters { 10.10.10.213; };
> };
>
> Is there some way to force a zone transfer?
rndc reload will reload any zones with newer zone info than what the nameserver
already had. This is based on the serial number of the zone.
Are all of the nameservers authoritive for the zones. If not transfers will not occur.
> rndc status, named-checkconf, and named-checkzone all say everything is
> fine...
>
> I read the docs Redhat provides, and the nice "BIND 9 Administrator
> Reference Manual.pdf"
Suggest getting the cricket book. It is the bible for bind. Make sure you get the
latest version.
>
> Also should my /etc/resolv.conf be simply "nameserver 127.0.0.1"? What about
> forwarders, they don't seem to work for me either.
On the local machine you can use either 127.0.0.1 or the ip address for the interface
that talks to the real world.
On an external machine you must use the ip address of the nameserver.
> Is there a detailed with examples howto out there for this stuff?:
> 28800 ; refresh
> 7200 ; retry
> 604800 ; expire
> 86400 ; ttl
In the cricket book :-)
I use:
$TTL 86400
@ IN SOA ns1.rogueind.com. hostmaster.rogueind.com. (
2003070300 ; Serial
2h ; the zone every 3 hours
1h ; if refresh failed retry every 1hour
2w ; If no refresh for 2 weeks expire the zone.
1h ) ; Negative caching ttl 1 hour
Also you need port 53 tcp and udp open to the outside world if the nameservers
are to be authoritive for a domain. You must have all of the nameservers listed
in the zone file for automatic transfers to work. If you post the whole zone file
and your /etc/named.conf I will take a look for you. You can send it to me
privately if you like.
HTH,
--
......Tom Registered Linux User #14522 http://counter.li.org
tdiehl@rogueind.com My current SpamTrap -------> mtd123@rogueind.com
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|