DNS Catastrophic Failure

Kevin Darcy kcd at daimlerchrysler.com
Tue Mar 14 21:38:56 UTC 2006


Eric,
          It's not clear to me what the symptoms of your problem are. Is 
it that DNS *resolution* for your own local clients is not working, that 
DNS *hosting* of your domains to the Internet-at-large is not working, 
or some combination of the two?

                                                                         
                                                   - Kevin

Eric Ray wrote:

>Help!  We recently moved our primary BIND 9.x DNS server from one ISP to
>another.  This server is the master zone server for all of my domains
>(500-1,000).  I also have two secondary name servers as well.  When we
>moved the primary server, DNS almost came to a grinding halt.  I know
>that some queries were going through, but not an acceptable rate.  We
>are a Voice over IP company and obviously depend on DNS heavily.  I am
>attaching the configuration files of the master (ns3) and one of the
>secondary (ns2).  I also am attaching zone files for the primary domain
>preferreddesigns.com.  It serves as the SOA and NS records for the other
>domains.  Please help! Thanks.
> 
>
>Snippet of named.conf on ns2 (secondary):
>
> 
>
>options {
>
>      directory "/var/named";
>
>      /*
>
>       * If there is a firewall between you and nameservers you want
>
>       * to talk to, you might need to uncomment the query-source
>
>       * directive below.  Previous versions of BIND always asked
>
>       * questions using port 53, but BIND 8.1 uses an unprivileged
>
>       * port by default.
>
>       */
>
>      // query-source address * port 53;
>
>recursion yes;
>
>};
>
> 
>
>// 
>
>// a caching only nameserver config
>
>// 
>
>controls {
>
>      inet 127.0.0.1 allow { localhost; } keys { rndckey; };
>
>};
>
>zone "." IN {
>
>      type hint;
>
>      file "named.ca";
>
>};
>
> 
>
>zone "localhost" IN {
>
>      type master;
>
>      file "localhost.zone";
>
>      allow-update { none; };
>
>};
>
> 
>
>zone "0.0.127.in-addr.arpa" IN {
>
>      type master;
>
>      file "named.local";
>
>      allow-update { none; };
>
>};
>
>zone "1staugusta.com" IN {
>
>      type slave;
>
>      file "/var/named/1staugusta.com.dns";
>
>      masters {216.104.149.101;};
>
>      };
>
> 
>
> 
>
>zone "240.180.206.in-addr.arpa" {
>
>      type slave;
>
>      file "secondary/240.180.206.in-addr.arpa.dns";
>
>      masters {216.104.149.101;};
>
>      };
>
> 
>
>zone "241.180.206.in-addr.arpa" {
>
>      type slave;
>
>      file "secondary/241.180.206.in-addr.arpa.dns";
>
>      masters {216.104.149.101;};
>
>      };
>
> 
>
>zone "242.180.206.in-addr.arpa" {
>
>      type slave;
>
>      file "secondary/242.180.206.in-addr.arpa.dns";
>
>      masters {216.104.149.101;};
>
>      };
>
> 
>
>zone "245.180.206.in-addr.arpa" {
>
>      type slave;
>
>      file "secondary/245.180.206.in-addr.arpa.dns";
>
>      masters {216.104.149.101;};
>
>      };
>
> 
>
> 
>
>zone "250.180.206.in-addr.arpa" {
>
>      type slave;
>
>      file "250.180.206.in-addr.arpa.dns";
>
>      masters {
>
>            216.104.149.101;
>
>            };
>
>      };
>
> 
>
>zone "2kmarchitects.com" IN {
>
>      type slave;
>
>      file "/var/named/2kmarchitects.com.dns";
>
>      masters {216.104.149.101;}; options {
>
>      directory "/var/named";
>
> 
>
> 
>
>Snipet of ns3 (primary):
>
> 
>
>      /*
>
>       * If there is a firewall between you and nameservers you want
>
>       * to talk to, you might need to uncomment the query-source
>
>       * directive below.  Previous versions of BIND always asked
>
>       * questions using port 53, but BIND 8.1 uses an unprivileged
>
>       * port by default.
>
>       */
>
>      // query-source address * port 53;
>
>recursion no;
>
>statistics-file "/var/named/ns3stats";
>
>};
>
> 
>
> 
>
>// 
>
>// a caching only nameserver config
>
>// 
>
>controls {
>
>      inet 127.0.0.1 allow { localhost; } keys { rndckey; };
>
>};
>
>zone "localhost" IN {
>
>      type master;
>
>      file "localhost.zone";
>
>      allow-update { none; };
>
>};
>
> 
>
>zone "0.0.127.in-addr.arpa" IN {
>
>      type master;
>
>      file "named.local";
>
>      allow-update { none; };
>
>};
>
>zone "1staugusta.com" IN {
>
>      type master;
>
>      file "/var/named/1staugusta.com.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "149.104.216.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/149.104.216.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.128.0/24; };
>
>      };
>
> 
>
>zone "240.180.206.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/240.180.206.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "241.180.206.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/241.180.206.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "242.180.206.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/242.180.206.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "245.180.206.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/245.180.206.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "249.180.206.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/249.180.206.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "250.180.206.in-addr.arpa" IN {
>
>      type master;
>
>      file "/var/named/250.180.206.in-addr.arpa.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "2kmarchitects.com" IN {
>
>      type master;
>
>      file "/var/named/2kmarchitects.com.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
>zone "401kanalytics.com" IN {
>
>      type master;
>
>      file "/var/named/401kanalytics.com.dns";
>
>      allow-transfer {127.0.0.1; 192.168/16; 206.180/16;
>216.104.149.0/24; };
>
>      };
>
> 
>
> 
>
>      };
>
> 
>
> 
>
>Snipet of domain preferreddesigns.com:
>
> 
>
>@     IN    SOA   ns3.preferreddesigns.com.
>administrator.preferreddesigns.com. (
>
>                  93
>
>                  900
>
>                  600
>
>                  86400
>
>                  3600 )
>
> 
>
>;
>
>;  Zone NS records
>
>;
>
> 
>
>@                 NS    ns2.preferreddesigns.com.
>
>@                       NS    ns3.preferreddesigns.com.
>
>@                       NS    ns4.preferreddesigns.com.
>
> 
>
>;
>
>;  Zone records
>
>;
>
> 
>
>@                       A     216.104.149.67
>
>@                       MX    5     smtp.accessonetech.com.
>
>@                 MX    5     smtp2.accessonetech.com.
>
>anne                    A     216.104.149.116
>
>anne2                   A     216.104.149.117
>
>cache1                  A     206.180.240.118
>
>cache2                  A     206.180.240.119
>
>christine               A     216.104.149.115
>
>hiab                    A     206.180.240.16
>
>larry                   A     206.180.245.1
>
>larrylinux              A     206.180.245.1
>
> 
>
> 
>
> 
>
>
>
>
>
>
>  
>




More information about the bind-users mailing list