Jeff Abrahamson on 7 Jun 2004 14:30:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] DNS question (config reality check) 

My internal DNS mysteriously stopped working this morning.  It only
affected unqualified local machine names.

I got things mostly working by adding a couple lines to /etc/hosts.
But I'd like to figure out what went wrong and what I should really do
about it.

My /etc/resolv.conf file says this:

    search purple.com
    nameserver 192.168.0.5
    nameserver 192.168.0.254
    nameserver 192.168.0.6

I added a domain line this morning, doesn't seem to have made a
difference.

On 192.168.0.5, where most of this should happen, /etc/resolv.conf
says

    search purple.com
    nameserver 127.0.0.1
    nameserver 204.183.80.2
    nameserver 204.183.80.3

Then I have db.purple:

    $TTL    3D
    @       IN      SOA     diderot.purple.com. root.localhost.  (
					  2004060700 ; Serial
					  28800      ; Refresh
					  14400      ; Retry
					  3600000    ; Expire
					  86400 )    ; Minimum

		    IN      NS      diderot.purple.com.
    localhost       IN      A       127.0.0.1

    uucp            IN      CNAME   diderot
    mail            IN      CNAME   diderot
    smtp            IN      CNAME   diderot
    pop             IN      CNAME   diderot
    web             IN      CNAME   diderot
    diderot         IN      A       192.168.0.5
    asterix         IN      A       192.168.0.6
    music           IN      A       192.168.0.7
    gw              IN      A       192.168.0.254
    puddle          IN      A       216.158.45.183
    www             IN      A       153.104.63.227
    list            IN      A       153.104.63.228
    list            IN      MX      10 ftp.ece.villanova.edu.

/var/daemon.log shows that this is being loaded correctly, so I'm
wondering if anyone sees anything obvious that might have caused a
failure.

Here's the signature of the problem (one failed dig, one successful).
Seems that it's querying the wrong name server when I don't qualify.

    jeff@asterix:jeff $ dig diderot

    ; <<>> DiG 9.2.4rc2 <<>> diderot
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39941
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;diderot.                       IN      A

    ;; AUTHORITY SECTION:
    .                       9620    IN      SOA     A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2004060601 1800 900 604800 86400

    ;; Query time: 1 msec
    ;; SERVER: 192.168.0.5#53(192.168.0.5)
    ;; WHEN: Mon Jun  7 10:27:06 2004
    ;; MSG SIZE  rcvd: 100

    jeff@asterix:jeff $ dig diderot.purple.com

    ; <<>> DiG 9.2.4rc2 <<>> diderot.purple.com
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29154
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;diderot.purple.com.            IN      A

    ;; ANSWER SECTION:
    diderot.purple.com.     259200  IN      A       192.168.0.5

    ;; AUTHORITY SECTION:
    purple.com.             259200  IN      NS      diderot.purple.com.

    ;; ADDITIONAL SECTION:
    diderot.purple.com.     259200  IN      A       192.168.0.5

    ;; Query time: 2 msec
    ;; SERVER: 192.168.0.5#53(192.168.0.5)
    ;; WHEN: Mon Jun  7 10:27:09 2004
    ;; MSG SIZE  rcvd: 82

    jeff@asterix:jeff $

-- 
 Jeff

 Jeff Abrahamson  <http://www.purple.com/jeff/>
 GPG fingerprint: 1A1A BA95 D082 A558 A276  63C6 16BF 8C4C 0D1D AE4B

 A cool book of games, highly worth checking out:
 http://www.amazon.com/exec/obidos/ASIN/1931686963/purple-20

Attachment: signature.asc
Description: Digital signature