nslookup Unix to windows problem

Tue Nov 20 01:35:33 UTC 2001

Your nameserver is vulnerable to root exploit. Upgrade immediately. See
http://www.isc.org/products/BIND/bind-security.html

What do you mean by "address 10.0.2.10/24" and "address 10.0.4.15/24"?
Prefix notation denotes networks/subnetworks, not addresses (arguably a /32
prefix amounts to the same thing in IPv4, but a /24 prefix does not).

Also, is this Win2K server hardcoded to use this BIND nameserver
*exclusively* for name resolution? If not, then I'm not surprised it can't
find names in the "zzzz" domain, since that is not a valid TLD (top-level
domain). Similarly, since you haven't delegated anything below "zzzz", then
the Win2K nameserver would likely have trouble finding those subzones
too...

- Kevin

silveraud wrote:

> I have been trying to set up Bind 8.2.2p7 on central.zzzz, with address
> 10.0.2.10/24 and have been unable to do an nslookup on a windows 2000
> server, windserv.zzzz with an address of 10.0.4.15/24.  Can anybody help
> correct the configuration(s) below (db.cache was excluded)?  Also, do I
> need to configure anything unusual on my windows server to prevent
> ?unapproved update? in my syslog?
>
> Thanks for your assistance in advance.
>
> Contents of named.conf:
>
> options {
>  directory "/usr/local/etc";
> };
>
> controls {
>  unix "/etc/ndc" perm 0600 owner 0 group 0;
> };
>
> zone "0.0.127.IN-ADDR.ARPA" in {
>  type master;
>  file "db.127.0.0";
>  notify no;
> };
>
> zone "windserv.zzzz" in {
>  type master;
>  file "db.windserv.zzzz";
>         check-names ignore;
>         allow-update {localnets;};
> };
>
> zone "zzzz" in {
>  type master;
>  file "db.zzzz";
> };
>
> zone "2.0.10.IN-ADDR.ARPA" in {
>  type master;
>  file "db.10.0.2";
>  check-names ignore;
>  allow-update {localnets;};
> };
>
> zone "4.0.10.IN-ADDR.ARPA" in {
>  type master;
>  file "db.10.0.4";
> };
>
> zone "_msdcs.windserv.zzzz" {
>  type master;
>  file "db._msdcs.windserv.zzzz";
>  check-names ignore;
>  allow-update {localnets;};
> };
>
> zone "_sites.windserv.zzzz" {
>  type master;
>  file "db._sites.windserv.zzzz";
>  check-names ignore;
>  allow-update {localnets;};
> };
>
> zone "_tcp.windserv.zzzz" {
>  type master;
>  file "db._tcp.windserv.zzzz";
>  check-names ignore;
>  allow-update {localnets;};
> };
>
> zone "_udp.windserv.zzzz" {
>  type master;
>  file "db._udp.windserv.zzzz";
>  check-names ignore;
>  allow-update {localnets;};
> };
>
> zone "." in {
>  type hint;
>  file "db.cache";
> };
>
> Contents of db.zzzz:
>
> $TTL 86400
> @ IN  SOA central.zzzz. root.central.zzzz. ( 1 10800 3600 604800 86400 )
>
>   IN  NS  central.zzzz.
>
> localhost            IN  A     127.0.0.1
> central              IN  A     10.0.2.10
> central              IN  MX    10 central.zzzz.
>
> Contents of db.windserv.zzzz:
>
> $TTL 86400
> windserv.zzzz. IN  SOA central.zzzz. root.central.zzzz. ( 1 10800 3600
> 604800 86400 )
>                 IN  NS  central.zzzz.
>
> windserv.zzzz  IN  A     10.0.4.15
> windserv.zzzz  IN  MX    10 windserv.zzzz.
>
> Contents of db._msdcs.windserv.zzzz, db._sites.windserv.zzzz,
> db._tcp.windserv.zzzz, db._udp.windserv.zzzz:
>
> $TTL 86400
> @ IN  SOA central.zzzz. root.central.zzzz. ( 1 10800 3600 604800 86400 )
>
>   IN  NS  central.zzzz.
>
> Contents of db.127.0.0:
>
> $TTL 86400
> @ IN  SOA central.zzzz. root.central.zzzz. ( 1 10800 3600 604800 86400 )
>
>   IN  NS  central.zzzz.
>
> 0.0.127.IN-ADDR.ARPA.           IN  NS     central.zzzz.
> 1.0.0.127.IN-ADDR.ARPA.        IN  PTR     localhost.
>
> Contents of db.10.0.2
>
> $TTL 86400
> @ IN  SOA central.zzzz. root.central.zzzz. ( 2 10800 3600 604800 86400 )
>
>   IN  NS  central.zzzz.
>
> 10.2.0.10.IN-ADDR.ARPA.     IN  PTR  central.zzzz.
>
> Contents of db.10.0.4:
>
> $TTL 86400
> @ IN  SOA central.zzzz. root.central.zzzz. ( 2 10800 3600 604800 86400 )
>
>   IN  NS  central.zzzz.
>
> 15.4.0.10.IN-ADDR.ARPA.     IN  PTR     windserv.zzzz.