newbie HELP: DNS server replacement

Kevin Darcy kcd at daimlerchrysler.com
Wed Jun 28 20:00:16 UTC 2000


slowthinker at hotmail.com wrote:

> Before you ask, I have scanned thru my brand-new DNS and BIND 2nd ed,
> and other resources on the web before posting this newbie question.

Oh, dear. The latest edition is 3rd Edition, which covers BIND 8. Second
Edition is still useful for general information, but if you're running
BIND 8, 3rd Edition is far preferable.

> Presently, my company's domain (say mydomain.com) is served by our ISP's
> DNS servers.
>
> Now, I have been asked to set up our own DNS servers for mydomain.com. I
> have done this by creating necessary files needed for DNS. However, I
> need to test that my DNS servers really work *before* switching from
> ISP's DNS to mine.
>
> Question is: how do I test my servers *before* switching the DNS
> servers? Is it even possible to do so?

> E.g.
>
> % nslookup oracle.com <my DNS IP addr>
>
> Is this supposed to work? [it does not work for me].

Yes, it should work, as long as your client can talk to the nameserver and
as long as the nameserver is functional.

> % nslookup oracle.com 216.38.141.127
> DNS request timed out.
>     timeout was 2 seconds.
> *** Can't find server name for address 216.38.141.127: Timed out
> *** Default servers are not available
> Server:  UnKnown
> Address:  216.38.141.127
> DNS request timed out.
>     timeout was 2 seconds.
> DNS request timed out.
>     timeout was 2 seconds.
> *** Request to UnKnown timed-out

This could be a nameserver, a network, or a firewall problem. Check the
usual things: nameserver is running, something is listening on port 53,
anything unusual in the syslog output, etc. Does it work if you query the
local nameserver from the bastion host itself, i.e. using the loopback
address? If everything checks out from a nameserver perspective, start
looking for network connectivity issues between the client and the bastion
host, or between the bastion host and the Internet, or for firewall rules
that might be blocking DNS packets.


- Kevin




More information about the bind-users mailing list