DNS tutor needed

Simon Waters Simon at wretched.demon.co.uk
Fri Apr 12 19:31:42 UTC 2002


scratch wrote:
> 
> I am teaching myself Linux system admin, and need some help with DNS. I am
> running a Redhat 7.2 server with Bind 9.1.3, and have successfully (I think)
> set up my server to be the primary DNS for my.own.domain, and primary DNS
> for a.virtual.domain.

For future reference we don't hide our domain names around here
unless absolutely necessary. Life is easier with the genuine
text, cut and paste, no end of typos get found that way, and we
can always query things remotely and spot sillies.

> $TTL    259200

Rather generous default TTL, sound remote server will honour
this and cache data for 3 days, great when everything is stable
if that is what you want, but whilst setting up.....

> @               IN      SOA     server.my.own.domain.     my.email.address.
> (
>                                 20020103015     ; serial

This serial is too big, serial number arithmetic leaves just
enough room for YYYYMMDDNN, changing these is a pain, but better
do it now, then wonder why when you query the serial in future
it doesn't show the number you entered.

>                                 3600            ; refresh       - 1 hour
>                                 3600            ; retry         - 1 hour

BIND 8 use to complain at this refresh < 2 * retry......

Check you log files.... Is named-checkzone happy with the file.

>                                 604800          ; expire        - 7 days
>                                 7200 )          ; default_ttl   - 2 hours

That's negative TTL not default.
 
>                 IN      NS      server.my.own.domain.
>                 IN      NS      ns2.nameserver.net.nz.
> 
> www             IN      A       my.ip.address
> @                 IN      A       my.ip.address
> @                 IN      MX      5       server.my.own.domain.

> I've contacted the registrar to get the NS info at root server level
> corrected, and am hoping this will solve these errors. (Will it?)

Yes the errors could all be due to ns1 being delegated from what
you describe... Get it sorted and test again.

I test all zones of importance to me routinely with a cron job
running doc, it is amazing how frequently people manage to speed
the decay of perfectly set up DNS servers... 

Many people seem to take the view if it works then it must be
right, which is why we end up with so many... "my primary DNS
server stopped, and all name resolution for the domain stopped"
queries here.... So make testing part of the DNS maintenance
routine.


More information about the bind-users mailing list