Need help with DNS configuration for my domain...

Tim tefnz at netscape.net
Fri Dec 16 11:06:41 UTC 2005


On Thu, 15 Dec 2005 18:49:07 -0600, Michael Sullivan wrote:

> I set up my BIND configuration using "DNS and BIND, 4th Edition" from
> O'Reilly.  I'm using bind-bind-9.2.5-r6. I was following the examples in
> Chapter 4, substituting my domain for
> the example one.  However, when I use my new DNS server the only thing
> that works correctly is digging 0.0.127.in-addr.arpa.  Every other query
> gets me either NXDOMAIN or SERVFAIL. 

Does that include dig requests for data on the internet?  What happens if
you run "dig www.google.com any"?

Have you checked the syslog when you try to start named, or get it to
re-read its configuration? named logs everything to syslog unless you
explicitly set up alternative channels in named.conf.  Looking at the zone
files, I can see some immediate issues that are fatal for the relevant
zones.  The key items are:

1: the presence of CNAME records as well as other data, in the
   forward zone.

2: Data out of zone in the reverse zone:
   - the CNAME records are one part of tha
   - the reverse zone name is wrong.


> Here's the /etc/hosts file I want
> my DNS config based off of:
> 
> 127.0.0.1   localhost.localdomain localhost
> 192.168.1.4 catherine.espersunited.com catherine
> 192.168.1.3 camille.espersunited.com camille
> 192.168.1.2 bullet.espersunited.com bullet
> 
> 
> Here's /etc/bind/named.conf:
> 
> options {
>         directory "/etc/bind";
>         pid-file "/var/run/named/named.pid";
>         };
> 
> zone "espersunited.com" in {
>         type master;
>         file "db.espersunited.com";
>         };
> 
> zone "2.1.168.192.in-addr.arpa." in {
Should be the first 3 octets (192.168.1) reversed, not the full reversed
IP address of the host bullet. An IPV4 reverse zone is octet-oriented, so
the correct zone name should be
	zone "1.168.192.in-addr.arpa." in {
 
>         type master;
>         file "db.2.1.168.192";
And the file name should match (except that I would name the file with the
IP address in standard order, as "db.192.168.1"):
      file "db.1.168.192";  
>         };
> 
> zone "0.0.127.in-addr.arpa." in {
>         type master;
>         file "db.127.0.0";
>         };
> 
> zone "." in {
>         type hint;
>         file "db.cache";
>         };
> 
> 
> 
> Here's /etc/bind/db.espersunited.com:
> 
> $TTL 3h
> espersunited.com.  IN SOA bullet.espersunited.com. michael.bullet.espersunited.com. (
> 
>    1    ;Serial
>    3h   ;Refresh after 3 hours
>    1h   ;Retry after one hour
>    1w   ;Expire after one week
>    1h ) ;Negative caching TTL of 1 hour
> 
> ;Name server(s)
> espersunited.com. IN NS bullet.espersunited.com.
> 
> ;Host addresses
> 
> localhost.espersunited.com.     IN A 127.0.0.1
> bullet.espersunited.com.        IN A 192.168.1.2
> camille.espersunited.com.       IN A 192.168.1.3
> catherine.espersunited.com.     IN A 192.168.1.4
> 
> ;Aliases
Get rid of these. They are not permitted.  The zone is almost certainly
failing to load with error "CNAME records and other data" (the other data 
is the "A" records above, which you want). You would have entries here 
for services hosted on one of the servers. Thus you might have
	 www.espersunited.com. IN	CNAME bullet.espersunited.com.

>
> bullet.espersunited.com.        IN CNAME bullet.espersunited.com.
> camille.espersunited.com.       IN CNAME camille.espersunited.com.
> catherine.espersunited.com.     IN CNAME catherine.espersunited.com.
> 
> 
> Here's db.127.0.0:
> 
> $TTL 3h
> 0.0.127.in-addr.arpa. IN SOA bullet.espersunited.com.
> michael.bullet.espersunited.com. (
> 
>    1    ;Serial
>    3h   ;Refresh after 3 hours
>    1h   ;Retry after one hour
>    1w   ;Expire after one week
>    1h ) ;Negative caching TTL of 1 hour
> 
> ;Name servers
> 0.0.127.in-addr.arpa.   IN NS bullet.espersunited.com.
> 
> ;Host addresses
> 
> 1.0.0.127.in-addr.arpa. IN PTR  localhost.
> 
> 

Is the following line a typo?  The named.conf entry is "db.2.1.168.192",
 and I suggest it be called "db.1.168.192" or "db.192.168.1".
> Here's db.db.2.1.168.192:

> 
> $TTL 3h
> 2.1.168.192.in-addr.arpa. IN SOA bullet.espersunited.com.
> michael.bullet.espersunited.com. (

As above, the zone name should be the first 3 octets reversed.  So the SOA
record should read:

1.168.192.in-addr.arpa. IN SOA bullet.espersunited.com. michael.bullet.espersunited.com. (


> 
>    1    ;Serial
>    3h   ;Refresh after 3 hours
>    1h   ;Retry after one hour
>    1w   ;Expire after one week
>    1h ) ;Negative caching TTL of 1 hour
> 
> ;Name servers
> 2.1.168.192.in-addr.arpa.       IN NS bullet.espersunited.com.
> 
> ;Host addresses
> 
> 2.1.168.192.in-addr.arpa.       IN PTR  bullet.espersunited.com.
> 3.1.168.192.in-addr.arpa.       IN PTR  camille.espersunited.com.
> 4.1.168.192.in-addr.arpa.       IN PTR  catherine.espersunited.com.
> 

Delete the aliases.  This zone will have been rejected because these
records do NOT belong in the zone. 

> ;Aliases
> 
> bullet.espersunited.com.        IN CNAME bullet.espersunited.com.
> camille.espersunited.com.       IN CNAME camille.espersunited.com.
> catherine.espersunited.com.     IN CNAME catherine.espersunited.com.
> 
> 
[db.cache deleted]
> 
> I hope the information I've provided will help you to assist me with
> this problem...
> -Michael Sullivan-


Hope this helps.


Tim



More information about the bind-users mailing list