primairy DNS taken over ?

Kevin Darcy kcd at daimlerchrysler.com
Tue Nov 21 05:50:17 UTC 2000 

Apparently zone transfers have broken. ns2.widexs.net is reporting a serial
number of 2000101912 for the zone.

Oh, and you should be upgrading to p7 rather than p5.


- Kevin


RJHM van den Bergh wrote:

> When I reboot the server all seems to be allright for a while
> but after some time the primairy dns does change.
> when I do a dig on the slave it reports another primairy DNS server.
>
> Rob,
> rvdb at comweb.nl
>
> "RJHM van den Bergh" <rvdb at comweb.nl> wrote in message
> news:974670103.14580.0.pluto.c29fe22b at news.demon.nl...
> > Hi,
> >
> > I need some help because I'm not that experianced in setting up DNS.
> >
> > I've registered a domain cardio-zevenaar.com
> > Everything worked fine.
> >
> > But after a day the DNS reported another IP number for cardio-zevenaar.com
> >
> > I'm using someone else DNS server as slave.
> > So I don't have access to their configuration files.
> >
> > dig on the slave ns2.widexs.net reports
> > ns1.widexs.nl as primairy
> > ns2.widexs.net as secundairy
> > Which isn't correct.
> >
> > The whois database (NetWorkSolutions) reports the correct thing
> > alpha.comweb.nl
> > ns2.widexs.net
> >
> > The question is:
> > How is it possible that someone takes over my primairy DNS server
> > while (asumed) the root glue record points to my primairy DNS server ?
> >
> > I more think this somewhere is a mis configuration.
> >
> > After some time everything changed back to normal.
> > dig reported the correct thing.
> > Only one strange thing remains.
> > 20-Nov-2000 00:09:25.051 notify: info: Sent NOTIFY for "comweb.nl IN SOA"
> > (comweb.n
> > l); 1 NS, 1 A
> > 20-Nov-2000 00:09:25.052 notify: info: Received NOTIFY answer from
> > 212.204.207.192
> > for "comweb.nl IN SOA"
> > 20-Nov-2000 00:09:39.251 notify: info: Sent NOTIFY for
> "cardio-zevenaar.com
> > IN SOA"
> >  (cardio-zevenaar.com); 1 NS, 1 A
> > I do not get a notify back from the cardio-zevenaar.com
> >
> > Any sugestion on the cause of this or where to start looking ?
> > If you need more information let me know.
> >
> > (I'm running bind-8.2.2-p3)
> > (Should upgrade to p5)
> >
> > Rob,
> > rvdb at comweb.nl
> >
> >
> > Here are my configuration files.
> > -----------------------
> > named.conf
> >
> > options {
> >         directory "/var/named";
> >         /*
> >          * If there is a firewall between you and nameservers you want
> >          * to talk to, you might need to uncomment the query-source
> >          * directive below.  Previous versions of BIND always asked
> >          * questions using port 53, but BIND 8.1 uses an unprivileged
> >          * port by default.
> >          */
> >         // query-source address * port 53;
> > };
> >
> > logging {
> >    channel my_file
> >    {
> >      file "log.msgs" versions 3 size 10k;
> >      severity debug 99;
> >      print-category yes;
> >      print-severity yes;
> >      print-time yes;
> >    };
> >    category default { my_file; };
> >    category lame-servers { my_file; };
> >    category os { my_file; };
> >    category security { my_file; };
> >    category xfer-out { my_file; };
> > };
> >
> >
> > // IP nummers assigned 212.204.205.91-100
> >
> > zone "." {
> >         type hint;
> >         file "named.ca";
> > };
> >
> > zone "0.0.127.in-addr.arpa" {
> >         type master;
> >         file "named.local";
> > };
> >
> > zone "comweb.nl" {
> >         notify yes;
> >         type master;
> >         file "named.comweb.nl";
> > };
> >
> > zone "cardio-zevenaar.com" {
> >         notify yes;
> >         type master;
> >         file "named.cardio-zevenaar.com";
> > //      allow-transfer { 212.204.207.192; };
> > };
> >
> > zone "91.205.204.212.in-addr.arpa" {
> >         notify yes;
> >         type master;
> >         file "named.reverse91";
> > };
> >
> > ----------------------
> >
> > cardio-zevenaar.com. IN SOA alpha.comweb.nl. root.comweb.nl. (
> >    2000111515 ; serial , todays date +todays serial #
> >    8H        ; refresh , seconds
> >    2H        ; retry , seconds
> >    1W        ; expire seconds
> >    1D )      ; minimum, seconds
> > ;
> >   NS alpha.comweb.nl.      ; Inet address of server
> >   NS ns2.widexs.net. ;
> >   MX 10 mail.comweb.nl. ; Primairy Mail Exchanger
> > ;                         Omited a Secondary Mail exchanger
> > localhost       A       127.0.0.1
> > mail            A       212.204.205.91
> > cardio-zevenaar.com.             A      212.204.205.93
> > *.cardio-zevenaar.com.           A      212.204.205.93
> > ;
> >
> > -----------------------
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >

More information about the bind-users mailing list