primairy DNS taken over ?
Kevin Darcy
kcd at daimlerchrysler.com
Tue Nov 21 05:50:17 UTC 2000
Apparently zone transfers have broken. ns2.widexs.net is reporting a serial
number of 2000101912 for the zone.
Oh, and you should be upgrading to p7 rather than p5.
- Kevin
RJHM van den Bergh wrote:
> When I reboot the server all seems to be allright for a while
> but after some time the primairy dns does change.
> when I do a dig on the slave it reports another primairy DNS server.
>
> Rob,
> rvdb at comweb.nl
>
> "RJHM van den Bergh" <rvdb at comweb.nl> wrote in message
> news:974670103.14580.0.pluto.c29fe22b at news.demon.nl...
> > Hi,
> >
> > I need some help because I'm not that experianced in setting up DNS.
> >
> > I've registered a domain cardio-zevenaar.com
> > Everything worked fine.
> >
> > But after a day the DNS reported another IP number for cardio-zevenaar.com
> >
> > I'm using someone else DNS server as slave.
> > So I don't have access to their configuration files.
> >
> > dig on the slave ns2.widexs.net reports
> > ns1.widexs.nl as primairy
> > ns2.widexs.net as secundairy
> > Which isn't correct.
> >
> > The whois database (NetWorkSolutions) reports the correct thing
> > alpha.comweb.nl
> > ns2.widexs.net
> >
> > The question is:
> > How is it possible that someone takes over my primairy DNS server
> > while (asumed) the root glue record points to my primairy DNS server ?
> >
> > I more think this somewhere is a mis configuration.
> >
> > After some time everything changed back to normal.
> > dig reported the correct thing.
> > Only one strange thing remains.
> > 20-Nov-2000 00:09:25.051 notify: info: Sent NOTIFY for "comweb.nl IN SOA"
> > (comweb.n
> > l); 1 NS, 1 A
> > 20-Nov-2000 00:09:25.052 notify: info: Received NOTIFY answer from
> > 212.204.207.192
> > for "comweb.nl IN SOA"
> > 20-Nov-2000 00:09:39.251 notify: info: Sent NOTIFY for
> "cardio-zevenaar.com
> > IN SOA"
> > (cardio-zevenaar.com); 1 NS, 1 A
> > I do not get a notify back from the cardio-zevenaar.com
> >
> > Any sugestion on the cause of this or where to start looking ?
> > If you need more information let me know.
> >
> > (I'm running bind-8.2.2-p3)
> > (Should upgrade to p5)
> >
> > Rob,
> > rvdb at comweb.nl
> >
> >
> > Here are my configuration files.
> > -----------------------
> > named.conf
> >
> > options {
> > directory "/var/named";
> > /*
> > * If there is a firewall between you and nameservers you want
> > * to talk to, you might need to uncomment the query-source
> > * directive below. Previous versions of BIND always asked
> > * questions using port 53, but BIND 8.1 uses an unprivileged
> > * port by default.
> > */
> > // query-source address * port 53;
> > };
> >
> > logging {
> > channel my_file
> > {
> > file "log.msgs" versions 3 size 10k;
> > severity debug 99;
> > print-category yes;
> > print-severity yes;
> > print-time yes;
> > };
> > category default { my_file; };
> > category lame-servers { my_file; };
> > category os { my_file; };
> > category security { my_file; };
> > category xfer-out { my_file; };
> > };
> >
> >
> > // IP nummers assigned 212.204.205.91-100
> >
> > zone "." {
> > type hint;
> > file "named.ca";
> > };
> >
> > zone "0.0.127.in-addr.arpa" {
> > type master;
> > file "named.local";
> > };
> >
> > zone "comweb.nl" {
> > notify yes;
> > type master;
> > file "named.comweb.nl";
> > };
> >
> > zone "cardio-zevenaar.com" {
> > notify yes;
> > type master;
> > file "named.cardio-zevenaar.com";
> > // allow-transfer { 212.204.207.192; };
> > };
> >
> > zone "91.205.204.212.in-addr.arpa" {
> > notify yes;
> > type master;
> > file "named.reverse91";
> > };
> >
> > ----------------------
> >
> > cardio-zevenaar.com. IN SOA alpha.comweb.nl. root.comweb.nl. (
> > 2000111515 ; serial , todays date +todays serial #
> > 8H ; refresh , seconds
> > 2H ; retry , seconds
> > 1W ; expire seconds
> > 1D ) ; minimum, seconds
> > ;
> > NS alpha.comweb.nl. ; Inet address of server
> > NS ns2.widexs.net. ;
> > MX 10 mail.comweb.nl. ; Primairy Mail Exchanger
> > ; Omited a Secondary Mail exchanger
> > localhost A 127.0.0.1
> > mail A 212.204.205.91
> > cardio-zevenaar.com. A 212.204.205.93
> > *.cardio-zevenaar.com. A 212.204.205.93
> > ;
> >
> > -----------------------
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
More information about the bind-users
mailing list