Confused server?

Kevin Darcy kcd at daimlerchrysler.com
Wed Aug 2 00:52:03 UTC 2000


Jason Williams wrote:

> Well..   I may have fixed the problem just by messing around with some of
> the settings i was using to try and get it to xfer to the slave.
>
> fubaria.net.  IN   NS  ns2.fubaria.net

The lack of a trailing period on the right-hand side of that record was probably
causing named to misparse it.

> that was a line i had commented out, and everything seems to work without a
> hitch after that,   I got that bit of info from a firend who has setup a
> few DNS's before, so i was hoping that would be an informed source... guess
> he and I were both wrong..   not biggie.

If you want ns2 to properly function as a registered slave, then you really need
an NS record for it in the zone.

> As for errors?   there were none in any logs...      while i'm replying,
> what kind of error might that line above produce?   Syntax error would have
> shown up in the messages file.

It's syntactically correct; it shouldn't have produced any errors at all. I'm not
at all sure why it would have caused the zone to not load properly. If you want to
pursue this further, could you post the whole zone file (or at least the first
part of it, including that entry and maybe a few lines below it)? I'm also curious
why you weren't logging any problems. How is your logging configured?


- Kevin

> Thanks,
> Jason Williams
>
> At 07:32 PM 8/1/2000 -0400, Kevin Darcy wrote:
>
> >There are no load errors on the master server? Are you sure? Check your
> >logging
> >configuration and/or syslog configuration; maybe the errors are being written
> >some place unexpected. Short of a load error, I've never known a server
> >configured as master for a zone to not answer authoritatively for it. And I've
> >never known a nameserver to *silently* fail to load a zone file either.
> >
> >Just to be sure, though, you could always start the server up in debug mode...
> >
> >
> >- Kevin
> >
> >Jason Williams wrote:
> >
> > > Thanks for the bit of information,  But still the problem remains that i
> > > still cannot get the Slave server ns2.fubaria.net to ask ns.fubaria.net for
> > > updates due to the fact that named-xfer is reporting that ns.fubaria.net is
> > > not an AA server.    and named is not reporting any errors of any kind when
> > > loading in /var/log/messages or /var/adm/messages.
> > >
> > > Jason Williams
> > >
> > > At 07:11 PM 8/1/2000 -0400, Kevin Darcy wrote:
> > >
> > > >You are misreading nslookup's output. "Authoritative answers can be found
> > > >from" is just nslookup's best *guess* as to what servers would give
> > > >authoritative answers for the zone; certainly nslookup has not gone
> > through
> > > >and verified that each one is in fact answering authoritatively for it --
> > > >that would be a lot of work for little gain. So it is quite common for a
> > > >non-authoritatively-answering server -- a so-called "lame" server -- to
> > > >appear in this section of the output. Technically, the "Authoritative
> > > >answers can be found from" section of nslookup's output is just a
> > rendering
> > > >of the "Authority" section of the DNS response.
> > > >
> > > >The more important piece of information in that output is
> > "Non-authoritative
> > > >answer". Technically, this means the "AA" (Authoritative Answer) flag was
> > > >not set in the response packet. If this response came from a server which
> > > >has defined the zone as a "master" zone, then it means the server didn't
> > > >load the zone properly. Look in your logs for the cause, most likely some
> > > >sort of syntax error.
> > > >
> > > >Note that "dig" is generally considered to be a better DNS troubleshooting
> > > >tool than "nslookup". It clearly delineates between sections of a
> > response,
> > > >for example, instead of misleading people with mushy "Authoritative
> > answers
> > > >can be found from" types of verbiage. It also clearly shows the flags
> > > >associated with DNS queries and responses, including the presence or
> > absence
> > > >of the AA flag.
> > > >
> > > >
> > > >- Kevin
> > > >
> > > >Jason Williams wrote:
> > > >
> > > > > I believe i have a confused server..     For some reason (probably
> > > > > misconfiguration)  my master DNS for my domain is set to both a
> > > > > authoritive, and non-authoritive server.  because of this i can't
> > get the
> > > > > slave DNS to replicate the zone.
> > > > >
> > > > > here is what nslookup gives me.
> > > > >
> > > > > nslookup -query=any fubaria.net
> > > > > Server:  localhost
> > > > > Address:  127.0.0.1
> > > > >
> > > > > Non-authoritative answer:
> > > > > fubaria.net     nameserver = NS.fubaria.net
> > > > > fubaria.net     nameserver = NS2.fubaria.net
> > > > > fubaria.net     internet address = 208.37.196.64
> > > > >
> > > > > Authoritative answers can be found from:
> > > > > fubaria.net     nameserver = NS.fubaria.net
> > > > > fubaria.net     nameserver = NS2.fubaria.net
> > > > > NS.fubaria.net  internet address = 208.37.196.64
> > > > > NS2.fubaria.net internet address = 208.37.196.65
> > > > >
> > > > > if anyone can give light to this error/misconfig,  Please inform me.
> > > > >
> > > > > Thanks,
> > > > > Jason Williams






More information about the bind-users mailing list