Weird DNS Problems

D McDonald renski at sdf.lonestar.org
Wed Dec 15 11:55:00 UTC 2004


Sorry if this is a repeat, I signed up with renski at freeshell.org, and then tried to send it out as renski at sdf

Hi All,

About a week ago we switched the DNS server of our domain saturncorp.com to ns.saturncorp.com. It's a redhat
machine running bind 9.2.3. However it now seems that on some DNS servers are unable to resolve some addresses.
For example on one isp www.saturncorp.com works fine (non-auth), but ftp.saturncorp.com doesnt work. It appears
that some of these servers are running on cache alone, im not sure. This is only the second BIND server ive set
up, and the first was a internal server. Below is my config file..

// generated by named-bootconf.pl
// edited by Darren on Sept 9th, 2004
//      added logging
//      changed security slightly
// edited by Lee on 9/14/04
//      added fordwarding
// editedby Darren on 1st of Dec, '04
//      added SOA tweaks
//      added localhost domain (Apprently this is 'required')
//      added PID file path

// To begin with, define groups of IPs for reference later
//   perhaps as zone transfer peers or something
// Trusted (for updates later on)
acl trusted_ips {
  none;
};

acl users {
  any;
};


// Now define specific options for the DNS system
options {

        /* forwarding */
        /* this is where you put the ISP's DNS systems ... best to use root servers */
        forwarders { 12.127.16.68; 12.127.17.72; };

        /*security*/
        /* this means anybody can query us */
        allow-query { users; };

        /* Don't reply to version queries, none of anybody's business */
        version "Not Currently Available";

        /*SOA*/
        /*Limits Caching, apprently required for a SOA server*/
        recursion no;

        /*PID file (Process ID file*/
        pid-file "/var/named/named.pid";
};

logging {
  channel default_syslog {
    /* this means create 20 log files that are 1MB in size before rolling over and updating */
    /* most current would then be /var/named/log/log, oldest would be /var/named/log/log.020 */
    file "/var/named/log/log" versions 20 size 1M;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
    };
  channel query_log {
    file "/var/named/log/qlog" versions 5 size 1M;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
    };

  category lame-servers {null;}; //might want to turn this on later
  category config   {default_syslog;};
  category update   {default_syslog;};
  category xfer-in  {default_syslog;};
  category xfer-out {default_syslog;};
  category security {default_syslog;};
  category queries  {query_log;};
};

// Zone Records

zone "saturncorp.com" IN {
        type master;
        file "/var/named/saturncorp.com.zone";
};

// required localhost
zone "localhost" IN {
        type master;
        file "/var/named/localhost.zone";
        allow-update{none;};
};

Here is saturncorp.com.zone..

$TTL 43200
@ IN    SOA     12.23.213.25 sysop at saturncorp.com.      (
                                14 ; serial
                                600 ; refresh, 2 minutes (TEMP VALUE FOR TESTING)
                                60 ; retry (TEMP)
                                3600000 ; expire
                                43200 ; ttl, 12 hours MAX for caching (TEMP)
                                )
@               IN      A       12.23.213.10
                IN      NS      12.23.213.25
                IN      MX      1       saturn3.saturncorp.com.
saturn3         IN      A       12.23.213.3
saturn4         IN      A       12.23.213.3  ; this is not a typo
; saturn1                       12.23.213.5  ; internal use only
; WVC WWW                       12.23.213.7
www             IN      A       12.23.213.10
smartsystem     IN      A       12.23.213.15
ns              IN      A       12.23.213.25
ns2             IN      A       12.23.213.26
webplus2        IN      A       12.23.213.42
webplus3        IN      A       12.23.213.43
; lpar3 also                    12.23.213.61
lpar3           IN      A       12.23.213.63
lpar4           IN      A       12.23.213.64
lpar1ftp        IN      A       12.23.213.71
lpar3ftp        IN      A       12.23.213.73
lpar4ftp        IN      A       12.23.213.74
ftp3            IN      A       12.23.213.98
ftp2            IN      A       12.23.213.99
lpar1           IN      A       12.23.213.100
ftp             IN      A       12.23.213.101
vr              IN      A       12.23.213.9

If you set the server as your dns server it works fine, and ive checked the domain under whois,
and the first listed server is ns.saturncorp.com. I just dont get it. If anyone can see
something im doing wrong, id be most grateful.

Thanks,

Renski
-- 
renski at sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org



More information about the bind-users mailing list