DSL/DNS Confusion
Flash Love
flashl at cox.net
Fri Feb 25 04:32:02 UTC 2005
Barry Margolin wrote:
> In article <cvljor$2cnv$1 at sf1.isc.org>, Flash Love <flashl at cox.net>
> wrote:
>
>> I am struck after working on my DSL/DNS configuration for a couple of
>> months. I have read and re-read Bind Admin Manual, what seems like
>> hundreds of posts, visited various DNS tutorial sites and made numerous
>> attempts to adapt the examples.
>>
>> I am simply at a point where I do not know what else to try or do. I have
>> not been able to resolve, these errors:
>>
>> Feb 24 15:10:58 roxie named[7212]: zone benu.widge.org/IN: refresh:
>> failure trying master 64.49.244.135#53: timed out
>> Feb 24 15:11:43 roxie last message repeated 3 times
>> Feb 24 15:11:43 roxie named[7212]: zone benu.widge.org/IN: refresh: retry
>> limit for master 64.49.244.135#53 exceeded
>> Feb 24 15:01:16 roxie named[7212]: zone blackdiamond.widge.org/IN:
>> refresh: failure trying master 64.49.244.135#53: timed outFeb 24 15:01:46
>> roxie last message repeated 2 times
>> Feb 24 15:01:46 roxie named[7212]: zone blackdiamond.widge.org/IN:
>> refresh: retry limit for master 64.49.244.135#53 exceeded
>>
>> (This dns host allows transfers and the (allow) flag is on and points
>> back to the external ip address. I have checked firewall and it appears
>> to be OK and the command line axfr works. )
>
> Maybe you have some options on the slave that are causing problems.
>
>>
>> And, how to correctly configure the domains: benu/blackdiamond.widge.org
>> and rescue911design.com to use the dynamically assigned ip on eth1.
>> Presently, I have simply entered the external ip address in the
>> benu/blackdiamon.widge.org and rescue911design.com zone files.
>
> You can use the dynamic update protocol of DNS. See the "nsupdate"
> command.
>
>>
>> My goal is to set up:
>>
>> Home lan = blkdiamonds.lan w/ 192.168.2/24 (eth0)
>> Web = benu.widge.org w/ dynamic ip (eth1)
>> Web = blackdiamond.widge.org w/ dynamic ip (eth1)
>> Web = rescue911design.com w/dynamic ip (eth1)
>>
>> All files are at http://www.blackdiamond.widge.org:82/bind_files. A nudge
>> into
>> the path of success will greatly be appreciated.
>
> I'm getting "Connection refused" when I try to connect to port 82 there.
>
==========================================
0.0.127.in-addr.arpa.hosts
==========================================
$TTL 86400
@ IN SOA roxie.blkdiamonds.lan. root.blkdiamonds.lan. (
200410104 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
IN NS ns1.blkdiamonds.lan.
IN NS ns2.blkdiamonds.lan.
1 IN PTR localhost.
==========================================
2.168.192.in-addr.arpa.hosts
==========================================
$TTL 86400 ; 1 day
@ IN SOA www.blkdiamonds.lan. root.blkdiamonds.lan. (
2005021103 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
IN NS ns1.blkdiamonds.lan.
IN NS ns2.blkdiamonds.lan.
2 IN PTR ftp.blkdiamonds.lan.
IN PTR ns1.blkdiamonds.lan.
IN PTR www.blkdiamonds.lan.
IN PTR roxie.blkdiamonds.lan.
113 IN PTR I9EZ64K6SL0.blkdiamonds.lan.
138 IN PTR ns2.blkdiamonds.lan.
138 IN PTR 4X7II6FO4Y.blkdiamonds.lan.
138 IN PTR mail2.blkdiamonds.lan.
==========================================
benu.widge.org.hosts
==========================================
$TTL 259200 ; 3 days
@ IN SOA ns1.benu.widge.org. hostmaster.benu.widge.org. (
2005021807 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS ns1.widge.net.
NS ns2.widge.net.
NS ns1
benu.widge.org. MX 10 mail1
benu.widge.org. MX 20 mail2
$TTL 259200 ; 3 days
$ORIGIN benu.widge.org.
localhost A 127.0.0.1
@ A 68.1.99.29
roxie A 68.1.99.29
mail1 A 68.1.99.29
ns1 A 68.1.99.29
HINFO "Pentium" "Fedora 2.0"
mail2 A 192.168.2.138
HINFO "Pentium" "Win2K"
ftp CNAME roxie
www CNAME roxie
==========================================
bind.hosts
==========================================
; @(#)db.bind v1.2 25 JAN 2001 Rob Thomas robt at cymru.com
;
$TTL 1D
@ 1D CHAOS SOA localhost. root.localhost. (
2004100601 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
CHAOS NS localhost.
version.bind. CHAOS TXT "BIND 9.1.3+robhacks"
authors.bind. CHAOS TXT "are better coders than I. :)"
==========================================
blackdiamond.widge.org.hosts
==========================================
$TTL 259200 ; 3 days
@ IN SOA ns1.blackdiamond.widge.org. hostmaster.blackdiamond.widge.org. (
2005021807 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS ns1.widge.net.
NS ns2.widge.net.
NS ns1
blackdiamond.widge.org. MX 10 mail1
blackdiamond.widge.org. MX 20 mail2
$TTL 259200 ; 3 days
$ORIGIN blackdiamond.widge.org.
localhost A 127.0.0.1
roxie A 68.1.99.29
mail1 A 68.1.99.29
ns1 A 68.1.99.29
HINFO "Pentium" "Fedora 2.0"
mail2 A 192.168.2.138
HINFO "Pentium" "Win2K"
ftp CNAME roxie
www CNAME roxie
==========================================
blkdiamonds.lan.hosts
==========================================
$ttl 259200
@ IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
2005022001
28800
7200
2419200
86400 )
IN NS ns1.blkdiamonds.lan.
IN NS ns2.blkdiamonds.lan.
blkdiamonds.lan. IN MX 10 mail1.blkdiamonds.lan.
blkdiamonds.lan. IN MX 20 mail2.blkdiamonds.lan.
TXT "Black Diamonds LAN"
localhost IN A 127.0.0.1
ns1.blkdiamonds.lan. IN A 192.168.2.2
HINFO "Pentium" "Fedora 2.0"
ns2.blkdiamonds.lan. IN A 192.168.2.138
HINFO "Pentium" "Win 2K"
$ORIGIN blkdiamonds.lan.
ns2 IN A 192.168.2.138
roxie IN A 192.168.2.2
mail1 IN A 192.168.2.2
mail2 IN A 192.168.2.138
4X7II6FO4Y IN A 192.168.2.138
ftp IN CNAME ns1.blkdiamonds.lan.
www IN CNAME ns1.blkdiamonds.lan.
==========================================
named.broadcast
==========================================
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
==========================================
named.ca
==========================================
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.cache
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: Jan 29, 2004
; related version of root zone: 2004012900
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File
==========================================
named.ip6.local
==========================================
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
==========================================
named.local
==========================================
$TTL 86400
@ IN SOA roxie.blkdiamonds.lan. root.blkdiamonds.lan. (
2005021101 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.blkdiamonds.lan.
IN NS ns2.blkdiamonds.lan.
1 IN PTR localhost.
==========================================
named.zero
==========================================
$TTL 86400
@ IN SOA localhost root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
==========================================
rescue911design.com.hosts
==========================================
$TTL 259200 ; 3 days
@ IN SOA ns1.rescue911design.com. hostmaster.rescue911design.com. (
2005021807 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS ns1.dnsexit.com
NS ns2.dnsexit.com
NS ns1
NS ns2
rescue911design.com. MX 10 mail1
rescue911design.com. MX 20 mail2
$TTL 259200 ; 3 days
$ORIGIN rescue911design.com.
localhost A 127.0.0.1
@ A 68.1.99.29
roxie A 68.1.99.29
mail1 A 68.1.99.29
ns1 A 68.1.99.29
HINFO "Pentium" "Fedora 2.0"
ns2 A 192.168.2.138
HINFO "Pentium" "Win2K"
mail2 A 192.168.2.138
ftp CNAME roxie
www CNAME roxie
==========================================
named.conf
==========================================
//
// named.conf for Red Hat caching-nameserver
//
acl mynet {
192.168.2.2;
192.168.2.138;
127.0.0.1;
};
acl widge {
64.49.244.135;
66.216.81.145;
};
acl dnsexit {
12.96.164.72; 65.75.162.90;
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
allow-query { "mynet"; };
minimal-responses no;
notify no;
transfer-format many-answers;
version "Guess";
zone-statistics yes;
};
include "/etc/rndc.key";
logging {
channel "default_syslog" {
syslog local2;
severity debug 3;
};
channel "audit_log" {
file "audit_log";
severity debug 10;
print-time yes;
print-category yes;
print-severity yes;
};
category default { default_syslog; };
category general { default_syslog; };
category security { audit_log; default_syslog; };
category config { default_syslog; };
category resolver { audit_log; };
category xfer-in { audit_log; };
category xfer-out { audit_log; };
category notify { audit_log; };
category client { audit_log; };
category network { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
category dnssec { audit_log; };
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 port 953 allow { localhost; }
keys { rndckey; };
};
view "HomeLan" {
match-clients { mynet; };
recursion yes;
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
allow-query { mynet; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
allow-query { mynet; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
allow-query { mynet; };
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN
{
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
zone "blkdiamonds.lan" {
type master;
file "blkdiamonds.lan.hosts";
update-policy {
grant * self * A TXT;
};
allow-query { mynet; };
allow-transfer { mynet; };
};
zone "2.168.192.in-addr.arpa" {
type master;
file "2.168.192.in-addr.arpa.hosts";
update-policy {
grant * self * A TXT;
};
allow-query { mynet; };
allow-transfer { mynet; };
};
zone "benu.widge.org" in {
type slave;
file "benu.widge.org.hosts";
masters { 64.49.244.135; 66.216.81.145; };
notify no;
};
zone "blackdiamond.widge.org" in {
type slave;
file "blackdiamond.widge.org.hosts";
masters { 64.49.244.135; 66.216.81.145; };
notify no;
};
zone "rescue911design.com" in {
type slave;
file "rescue911design.com.hosts";
masters { 12.96.164.72; 65.75.162.90; };
notify no;
};
};
view "HomeExt" {
recursion no;
zone "benu.widge.org" in {
type slave;
file "benu.widge.org.hosts";
masters { 64.49.244.135; 66.216.81.145; };
notify no;
};
zone "blackdiamond.widge.org" in {
type slave;
file "blackdiamond.widge.org.hosts";
masters { 64.49.244.135; 66.216.81.145; };
notify no;
};
zone "rescue911design.com" in {
type slave;
file "rescue911design.com.hosts";
masters { 12.96.164.72; 65.75.162.90; };
notify no;
};
};
==========================================
/etc/resolv.conf
==========================================
; generated by /sbin/dhclient-script
search blkdiamond.lan
nameserver 127.0.0.1
nameserver 68.105.161.20
nameserver 68.1.18.25
nameserver 68.10.16.30
More information about the bind-users
mailing list