Wits end

Kevin Darcy kcd at chrysler.com
Fri Apr 18 18:29:03 UTC 2008 

Bob,
We didn't "blow off" /etc/resolv.conf. Your earlier posts were along the 
lines of "I'm trying to learn how to set up a nameserver and to document 
the process". /etc/resolv.conf *doesn't*affect* the operation of a 
nameserver, only the name resolution of the local host, so it seemed 
irrelevant to what you were trying to accomplish.

It wasn't until the "Wit's End" post at approximately 5pm yesterday, 
that it became clear you even had a specific *problem*. And, even then, 
you "anonymized" the contents of /etc/resolv.conf by saying you had 
"nameserver xx.xx.xx.xx" in the file. How are we supposed to diagnose 
"xx.xx.xx.xx"? Perhaps we should start giving "anonymized" solutions to 
"anonymized" problem descriptions, e.g. "change xxx in your named.conf 
to yyy" and have the posters *guess* at what we're talking about. Would 
that work better?

Maybe your next documentation project should be "how to maximize the 
effectiveness of getting information from technical mailing lists". More 
people need to learn how to do that.

In any case, populating /etc/resolv.conf is part of *Operating*System* 
configuration, not nameserver configuration _per_se_. A precondition for 
having a properly-functioning webserver or nameserver or mail server, or 
anything that provides a service over the network to clients, is to have 
a properly-configured *server*, OS-wise, including networking 
capability, so /etc/resolv.conf should have already been taken care of, 
long before you installed BIND or Apache or whatever. How did that step 
get botched in whatever process you were following?

- Kevin



Bob Hoffman wrote:
> Well, after a two dayer on it...Got it. 
> Bind was never the problem.
>
> My previous posts earlier this month and with the people who I got involved
> all kind of blew off the resolv.conf file. I kept asking about its
> importance and whether it was right. They all brushed it aside.
>
> Bind was fine, bind was great the 200 ways I did it. But the resolution of a
> webserver deals with the resolv.conf and not bind. However, to a newbie, the
> books do not make that very plain or clear. In my experience, I would say
> the server resolving itself is the most important aspect of the whole dns.
> Without it, you cannot do much.
>
> I had added my nameserver ip to resolv and nothing else. So the server was
> not resolving itself (127.0.0.1) and all that. Luckily two people last night
> finally said 'hey, did you check your resolv? One even said he bet the 'time
> out' was about 30 seconds (it was) and it was due to resolv. At the same
> time as those mails came in I installed 'caching-nameserver rpm' and it
> rewrote my resolv.conf making it work.
>
> I know resolv and hosts and stuff like that are not part of the bind
> package. Most texts gloss over or completely ignore just how important it is
> probably figuring a DNS book would cover it. And the DNS books just gloss
> over it a bit but do not go into much detail assuming other texts like
> apache and linux would go over it.
>
> Well...the first thing I would do in a debug is look at local host
> resolution before anything else. Once that is out of the way I would check
> for internet connection issues and disable firewall to make sure nothing is
> stopping it (or just check firewall tables).
> Then I would go over bind and look for errors and such. If bind does not
> show errors (which mine never did unless I was playing with it) it most
> likely IS NOT bind that is at issue, it is probably resolv (as my issue was
> resolution).
>
> So....I got the resolv file doen properly now dns is fine. Lou helped to
> make sure it was right on and that is it.
>
> One writer said that he knew the problem immediately, so I am sharing it
> with everyone. If you try to resolve something using dig or wget or
> whatever, and bind is not causing errors, yet the cursor just sorta hangs
> for a bit and then says time out...usually about 30 seconds...it is not
> bind, it is a local resolution problem (assuming you have tried other sites
> too and you can connect to internet.)
>
> SO you people reading. Bind is pretty easy actually (I know everything about
> it now...lol), it is the set up of files outside of bind that you need to
> worry about first. Resolv, hosts, and just making sure, even with named off,
> that your local host resolves itself fine. This is something you should do
> first and foremost. After you get it resolving right, then turn on named and
> play with it.
>
> And never, never hire someone to make it work unless they are willing to go
> over that first. In fact, I would ask them some of the steps they would go
> through in setting up your bind or debugging it. If they do not even mention
> localhost resolution or checking stuff like that out, just do not hire them.
>
> I find bind/dns, host resolution, nameservers in general, and the whole kit
> and kaboodle is such a wide field that it is hard for people to even
> understand your question sometimes. A person can be able to hook 500
> computers together in network and do it quick and well but not know the
> first thing about how nameservers/bind deal with email related resolve
> issues. I found people who could probably decompile and add functions to
> bind, but could not tell you the first thing about how recursion and dns on
> the same server works.
>
> The field of what is done with a computer server and how resolution
> interacts with various programs and ways of configuring is so vast. And for
> each 'way of doing things' you are attempting, you will find people
> completley against it and call you crazy, people who do not understand what
> you want to do and call you nuts, and rarely find someone that is actually
> good at that particular field of it.
>
> It was a trial for sure. But after having read the books back to front a few
> times I think I pretty much know bind well...it was the non-bind that got
> me.
>
> Remember, make sure hsot resolves itself before wasting time (and money) on
> bind. Someone should add that to the text books. In big red letters. 
>
>   
>> -----Original Message-----
>> From: bind-users-bounce at isc.org 
>> [mailto:bind-users-bounce at isc.org] On Behalf Of Mark Elkins
>> Sent: Friday, April 18, 2008 3:10 AM
>> To: bind-users at isc.org
>> Subject: Re: Wits end
>>
>>
>> On Thu, 2008-04-17 at 17:03 -0400, Bob Hoffman wrote:
>>     
>>> Okay, so I tried offering up to 50 dollars an hour to help 
>>>       
>> me set up a 
>>     
>>> simple nameserver, but no takers.
>>>
>>> I really need some help. My first time doing it.
>>>       
>> In all the replies so far - no one suggested running Bind in 
>> Debug mode.. (ie - with '-g' )
>>
>> Start up bind (if its not already running).
>>
>> Find out its command line...
>>
>> (ps ax | grep named)
>> I get "/usr/sbin/named -u named -n 1"
>>
>> Kill the process and restart with the original command but 
>> add the "-g"
>> flag .. ie   /usr/sbin/named -u named -n 1 -g (in my case)
>>
>> Now all logging (and errors) come to the screen. Queries 
>> should also show.
>>
>> Not fixing the problem - but may indicate the problem - wrong 
>> filename - etc.
>> -- 
>>   .  .     ___. .__      Posix Systems - Sth Africa
>>  /| /|       / /__       mje at posix.co.za  -  Mark J Elkins, Cisco CCIE
>> / |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496
>>     
>
>
>
>
>

More information about the bind-users mailing list