domain.comX, domain.comXX
Ryan McCain
Ryan.McCain at dss.state.la.us
Tue Aug 21 20:30:16 UTC 2007
It looks like it isn't re-populating w/ the X|XX|XXX record names. I have no idea why named.conf changed the zone filenames..
Thanks.
>>> On Tue, Aug 21, 2007 at 2:40 PM, in message
<46CAF949.5D1A.003A.0 at dss.state.la.us>, "Ryan McCain"
<Ryan.McCain at dss.state.la.us> wrote:
> That is surely strange. I will delete the X|XX|XXX files. Make sure the
> named.conf doesnt refer to any X|XX|XXX and restart named. I'll see if they
> re-populate.
>
> Thanks, Ryan
>
>
>>>> On Tue, Aug 21, 2007 at 1:21 PM, in message
> <46CB2D41.1030306 at mailnetwork.co.uk>, "Andy Shellam (Mailing Lists)"
> <andy.shellam-lists at mailnetwork.co.uk> wrote:
>> Hi Ryan,
>>
>> It looks like what someone previously suggested, that the
>> "domainX|XX|XXX" files are duplicated zone files that either someone's
>> used, perhaps for testing purposes, or to secure a previous zone while
>> some change was being made, or maybe by some automated process? I must
>> admit off the top of my head, I can't think of any automated process
>> that would do this.
>>
>> If you take, for example, the zone "citigroup.net" - your
>> "citigroup.netXX" file is the current live file (as specified by
>> named.conf).
>>
>> There is something to be gathered looking at the dates - these new files
>> starting appearing somewhere between the 17th and 21st August, according
>> to your file list (as the old ones were last modified on the 17th.)
>> They all look the same size, though, so it's unlikely anything's changed
>> within the files themselves, although I'd use a comparison tool (such as
>> diff or WinMerge just to be sure.)
>>
>> My first port of call would be to look at what was running on the server
>> on the 17th August, and also what's special about the zones that have
>> got an "X|XX|XXX" brother, compared to those that haven't.
>>
>> Andy.
>>
>> Ryan McCain wrote:
>>> Sorry for the late response.
>>>
>>> I will respond to everyones questions in this email to save congestion in
>> the list.
>>>
>>> -We are using BIND 9.3.2-17.4 on SLES 10 (kernel 2.6.16.21-0.8-bigsmp)
>>>
>>> - I am the only one who is touching DNS on secondary server in question.
>> There are Windows admins who could be adding DNS records on the primary
>> server. I can't imagine them creating duplicate zones though.
>>>
>>> - Here is a directory listing of the zones on the secondary server. Notice
>> the X and XX zone files..
>>> -rw-r--r-- 1 named named 319 2007-08-21 12:56 0.in-addr.arpa
>>> -rw-r--r-- 1 named named 1535 2007-08-17 11:40 114.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 1535 2007-08-21 12:46 114.10.in-addr.arpaX
>>> -rw-r--r-- 1 named named 2049 2007-08-21 12:48 115.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 941 2007-08-21 12:55 116.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 323 2007-08-21 12:55 117.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 1263 2007-08-21 12:53 118.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 3655 2007-08-21 12:57 119.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 17566 2007-08-21 12:45 120.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 1581 2007-08-21 12:50 121.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 2275 2007-08-21 12:49 122.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 827 2007-08-21 12:57 123.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 3589 2007-08-21 12:48 124.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 1388 2007-08-21 12:54 125.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 2749 2007-08-21 12:56 126.10.in-addr.arpa
>>> -rw-r--r-- 1 named named 369 2007-08-21 12:57 127.in-addr.arpa
>>> -rw-r--r-- 1 named named 431 2007-08-17 11:16 citigroup.net
>>> -rw-r--r-- 1 named named 431 2007-08-17 11:18 citigroup.netX
>>> -rw-r--r-- 1 named named 431 2007-08-21 12:47 citigroup.netXX
>>> -rw-r--r-- 1 named named 42065 2007-08-21 12:22 dss.state.la.us
>>> -rw-r--r-- 1 named named 3568 2007-08-21 12:22 dss.state.la.us.jnl
>>> -rw-r--r-- 1 named named 411 2007-08-17 11:18 ebtadmin.jpmorganchase.com
>>> -rw-r--r-- 1 named named 411 2007-08-21 12:55 ebtadmin.jpmorganchase.comX
>>> -rw-r--r-- 1 named named 418 2007-08-21 12:54 familiesla.com
>>> -rw-r--r-- 1 named named 808 2007-08-21 12:54 familiesla.com.jnl
>>> -rw-r--r-- 1 named named 425 2007-08-17 11:23 fostercare.la.gov
>>> -rw-r--r-- 1 named named 425 2007-08-17 11:37 fostercare.la.govX
>>> -rw-r--r-- 1 named named 425 2007-08-17 11:40 fostercare.la.govXX
>>> -rw-r--r-- 1 named named 425 2007-08-21 12:56 fostercare.la.govXXX
>>> -rw-r--r-- 1 named named 439 2007-08-17 11:28 fostercare.louisiana.gov
>>> -rw-r--r-- 1 named named 439 2007-08-17 11:40 fostercare.louisiana.govX
>>> -rw-r--r-- 1 named named 439 2007-08-21 12:53 fostercare.louisiana.govXX
>>>
>>> - Finally, below is my named.conf file....
>>>
>>> # Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
>>> # All rights reserved.
>>> #
>>> # Author: Frank Bodammer, Lars Mueller <lmuelle at suse.de>
>>> #
>>> # /etc/named.conf
>>> #
>>> # This is a sample configuration file for the name server BIND 9. It works
>> as
>>> # a caching only name server without modification.
>>> #
>>> # A sample configuration for setting up your own domain can be found in
>>> # /usr/share/doc/packages/bind/sample-config.
>>> #
>>> # A description of all available options can be found in
>>> # /usr/share/doc/packages/bind/misc/options.
>>>
>>> options {
>>>
>>> # The directory statement defines the name server's working
>> directory
>>>
>>> directory "/var/lib/named";
>>>
>>> # Write dump and statistics file to the log subdirectory. The
>>> # pathenames are relative to the chroot jail.
>>>
>>> dump-file "/var/log/named_dump.db";
>>> statistics-file "/var/log/named.stats";
>>>
>>> # The forwarders record contains a list of servers to which queries
>>> # should be forwarded. Enable this line and modify the IP address
>> to
>>> # your provider's name server. Up to three servers may be listed..
>>>
>>> #forwarders { 192.0.2.1; 192.0.2.2; };
>>>
>>> # Enable the next entry to prefer usage of the name server declared
>> in
>>> # the forwarders section.
>>>
>>> #forward first;
>>>
>>> # The listen-on record contains a list of local network interfaces to
>>> # listen on. Optionally the port can be specified. Default is to
>>> # listen on all interfaces found on your system. The default port
>> is
>>> # 53.
>>>
>>> #listen-on port 53 { 127.0.0.1; };
>>>
>>> # The listen-on-v6 record enables or disables listening on IPv6
>>> # interfaces. Allowed values are 'any' and 'none' or a list of
>>> # addresses.
>>>
>>> listen-on-v6 { any; };
>>>
>>> # The next three statements may be needed if a firewall stands
>> between
>>> # the local server and the internet.
>>>
>>> #query-source address * port 53;
>>> #transfer-source * port 53;
>>> #notify-source * port 53;
>>>
>>> # The allow-query record contains a list of networks or IP addresses
>>> # to accept and deny queries from. The default is to allow queries
>>> # from all hosts.
>>>
>>> #allow-query { 127.0.0.1; };
>>>
>>> # If notify is set to yes (default), notify messages are sent to
>> other
>>> # name servers when the the zone data is changed. Instead of
>> setting
>>> # a global 'notify' statement in the 'options' section, a separate
>>> # 'notify' can be added to each zone definition.
>>>
>>> notify no;
>>> include "/etc/named.d/forwarders.conf";
>>> };
>>>
>>> # To configure named's logging remove the leading '#' characters of the
>>> # following examples.
>>> #logging {
>>> # # Log queries to a file limited to a size of 100 MB.
>>> # channel query_logging {
>>> # file "/var/log/named_querylog"
>>> # versions 3 size 100M;
>>> # print-time yes; // timestamp log entries
>>> # };
>>> # category queries {
>>> # query_logging;
>>> # };
>>> #
>>> # # Or log this kind alternatively to syslog.
>>> # channel syslog_queries {
>>> # syslog user;
>>> # severity info;
>>> # };
>>> # category queries { syslog_queries; };
>>> #
>>> # # Log general name server errors to syslog.
>>> # channel syslog_errors {
>>> # syslog user;
>>> # severity error;
>>> # };
>>> # category default { syslog_errors; };
>>> #
>>> # # Don't log lame server messages.
>>> # category lame-servers { null; };
>>> #};
>>>
>>> # The following zone definitions don't need any modification. The first one
>>> # is the definition of the root name servers. The second one defines
>>> # localhost while the third defines the reverse lookup for localhost.
>>>
>>> zone "." in {
>>> type hint;
>>> file "root.hint";
>>> };
>>>
>>> zone "localhost" in {
>>> type master;
>>> file "localhost.zone";
>>> };
>>>
>>> zone "0.0.127.in-addr.arpa" in {
>>> type master;
>>> file "127.0.0.zone";
>>> };
>>>
>>> # Include the meta include file generated by createNamedConfInclude. This
>>> # includes all files as configured in NAMED_CONF_INCLUDE_FILES from
>>> # /etc/sysconfig/named
>>>
>>> include "/etc/named.conf.include";
>>>
>>> ###Forward Records
>>> zone "familiesla.com" in {
>>> masters { 172.20.11.237; };
>>> file "slave/familiesla.com";
>>> type slave;
>>> };
>>> logging {
>>> category default { log_syslog; };
>>> channel log_syslog { syslog; };
>>> };
>>> zone "dss.state.la.us" in {
>>> masters { 172.20.11.237; };
>>> file "slave/dss.state.la.us";
>>> type slave;
>>> };
>>> zone "citigroup.net" in {
>>> masters { 172.20.11.237; };
>>> file "slave/citigroup.netXX";
>>> type slave;
>>> };
>>> zone "ebtadmin.jpmorganchase.com" in {
>>> masters { 172.20.11.237; };
>>> file "slave/ebtadmin.jpmorganchase.comX";
>>> type slave;
>>> };
>>> zone "fostercare.la.gov" in {
>>> masters { 172.20.11.237; };
>>> file "slave/fostercare.la.govXXX";
>>> type slave;
>>> };
>>> zone "fostercare.louisiana.gov" in {
>>> masters { 172.20.11.237; };
>>> file "slave/fostercare.louisiana.govXX";
>>> type slave;
>>> };
>>>
>>>
>>> ###Reverse Records
>>>
>>> zone "114.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/114.10.in-addr.arpaX";
>>> type slave;
>>> };
>>> zone "115.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/115.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "116.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/116.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "117.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/117.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "118.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/118.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "119.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/119.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "120.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/120.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "121.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/121.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "122.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/122.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "123.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/123.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "124.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/124.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "125.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/125.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "126.10.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/126.10.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "127.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/127.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "0.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/0.in-addr.arpa";
>>> type slave;
>>> };
>>> zone "1.168.in-addr.arpa" in {
>>> masters { 172.20.11.237; };
>>> file "slave/1.168.in-addr.arpa";
>>> type slave;
>>> };
>>>
>>>
>>>
>>>>>> On Fri, Aug 17, 2007 at 6:30 PM, in message
>>>>>>
>>> <DE3D6118-4D2E-49A4-9124-0614390C57FB at swcp.com>, Bill Larson <wllarso at swcp.com>
>>> wrote:
>>>
>>>> On Aug 17, 2007, at 5:02 PM, Kevin Darcy wrote:
>>>>
>>>>
>>>>> Ryan McCain wrote:
>>>>>
>>>>>> I noticed a few of the zones I pull down have the main zone file,
>>>>>> domain.com, then a few others, domain.comX, domain.comXX, etc.
>>>>>> Can someone explain what is going on here or forward me to the
>>>>>> appropriate link to read about this.
>>>>>>
>>>>>> I googled for "bind comXX" and nothing came up.
>>>>>>
>>>> I'd take a guess that someone created some additional zones, possibly
>>>> for internal use or maybe testing.
>>>>
>>>> Ryan, why not post your named.conf file? This isn't anything
>>>> standard, so you are making us do some heavy duty crystal ball gazing
>>>> while trying to help you out.
>>>>
>>>> Bill Larson
>>>>
>>>>
>>>>> Hmmm... What version of BIND is this? My initial thought was that
>>>>> these
>>>>> were temporary zone files of some sort, but BIND 9 uses the
>>>>> "tmp-XXXXXXXXXX" template for its temp files (see the #define TEMPLATE
>>>>> in lib/isc/unix/file.c), and I've verified this with truss on a
>>>>> Solaris box:
>>>>>
>>>>> /2: open("tmp-QJkiFMUAqe", O_RDWR|O_CREAT|O_EXCL, 0666) = 9
>>>>>
>>>>> I suppose an older version of BIND (8 or 4) might have formed temp
>>>>> names
>>>>> by just appending Xs to the the zone name, but I don't specifically
>>>>> remember that convention.
>>>>>
>>>>> Are you sure the "XX" filenames aren't defined anywhere in your
>>>>> named.conf?
>>>>>
>>>>> - Kevin
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>> !DSPAM:37,46cb2a7a107505884010870!
>>>
>>>
>>>
>>>
More information about the bind-users
mailing list