<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE></TITLE>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.5626" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=578181513-24032009><FONT face=Verdana
color=#0000ff size=2>Mani,</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=578181513-24032009><FONT face=Verdana
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=578181513-24032009><FONT face=Verdana
color=#0000ff size=2>With recursion enabled, your abc.com server is both
authoritative (for the zones configured in named.conf) and caching. If you
want it to be purely authoritative, you'll need to disable
recursion. But if you want to be able to query it for the root
server (which is why you started this thread), you're going to have to allow
recursion for at least your internal hosts because the server is
not authoritative for ".". Why are you wanting to be able <SPAN
class=578181513-24032009><FONT face=Verdana color=#0000ff size=2>to query it for
the root server? </FONT></SPAN></FONT></SPAN><SPAN
class=578181513-24032009><FONT face=Verdana color=#0000ff size=2>To want to
be able to query a purely authoritative server for something for which
it is not authoritative is a bit of a self-contradiction.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=578181513-24032009><FONT face=Verdana
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=578181513-24032009><FONT face=Verdana
color=#0000ff size=2>Ben</FONT></SPAN></DIV><BR>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> bind-users-bounces@lists.isc.org
[mailto:bind-users-bounces@lists.isc.org] <B>On Behalf Of </B>T
MANIKANDAN-PKXR74<BR><B>Sent:</B> Tuesday, March 24, 2009 12:52
AM<BR><B>To:</B> bind-users@lists.isc.org<BR><B>Subject:</B> RE: Root Server
Simulation Communication Problem<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=375364805-24032009><FONT face=Arial
color=#0000ff size=2>Hi Ben,</FONT></SPAN></DIV>
<DIV> </DIV>
<DIV><SPAN class=375364805-24032009></SPAN><FONT face=Arial><FONT
color=#0000ff><FONT size=2>T<SPAN class=375364805-24032009>hanks for reply now
my root server (rootns.man) is responding to abc.com. after enabling the
recursion to Yes in abc.com server, now my question is, Is my abc.com still
called authoritative Name server or a caching name server I was intend to set
up a authoritative name server, and hope by enabling recursion iam still
authoritative server.</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT face=Arial><FONT color=#0000ff><FONT size=2><SPAN
class=375364805-24032009></SPAN></FONT></FONT></FONT> </DIV>
<DIV><FONT face=Arial><FONT color=#0000ff><FONT size=2><SPAN
class=375364805-24032009>Regards</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT face=Arial><FONT color=#0000ff><FONT size=2><SPAN
class=375364805-24032009>Mani</SPAN></FONT></FONT></FONT></DIV>
<DIV><BR></DIV>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> Ben Bridges
[mailto:bbridges@springnet.net] <BR><B>Sent:</B> Friday, March 20, 2009 8:35
PM<BR><B>To:</B> T MANIKANDAN-PKXR74;
bind-users@lists.isc.org<BR><B>Subject:</B> RE: Root Server Simulation
Communication Problem<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=109093214-20032009><FONT face=Verdana
color=#0000ff size=2>You have recursion disabled on your abc.com server, and I
believe that is preventing your query from succeeding. My
understanding is that the contents of the root hints file are not stored in
the server's cache (which means, I think, that they are not themselves
returned in response to queries for those records). Since you have
recursion disabled on abc.com, it is never using its root hints to query
your root server (rootns.man) for the NS and A records for the root zone
(which sounds obfuscated, but it is done that way because the root servers
themselves have the most current list of servers for the root
zone).</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=109093214-20032009><FONT face=Verdana
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=109093214-20032009><FONT face=Verdana
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left>
<HR tabIndex=-1>
</DIV>
<DIV dir=ltr align=left><FONT face=Tahoma size=2><B>From:</B>
bind-users-bounces@lists.isc.org [mailto:bind-users-bounces@lists.isc.org]
<B>On Behalf Of </B>T MANIKANDAN-PKXR74<BR><B>Sent:</B> Friday, March 20, 2009
8:30 AM<BR><B>To:</B> bind-users@lists.isc.org<BR><B>Subject:</B> Root Server
Simulation Communication Problem<BR></FONT><BR></DIV>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV></DIV>
<DIV dir=ltr align=left><FONT face=Arial><FONT size=2>Hi,<BR><BR> I am
trying to set up lab which replicates the root server also. ( DNS with Root
server simulation for Intranet),</FONT></FONT></DIV>
<DIV><FONT face=Arial><FONT size=2>Basically I have two servers one abc.com
as authoritative server and the other rootns.man acting as root server.
running BIND 9 on both.</FONT></FONT><FONT face=Arial><FONT size=2><SPAN
class=798352813-20032009> </SPAN></FONT></FONT></DIV>
<P><BR><FONT face=Arial size=2> I have done the following things in my
named.conf file<BR><BR></FONT><FONT size=2><FONT face=Arial><FONT
color=#0000ff>options {<BR>directory "/var/named";<BR>recursion
no;<BR>};<BR><BR>zone "." {<BR>type hint;<BR>file "root";<BR>};<BR><BR>zone
"abc.com" IN {<BR>type master;<BR>file "forward";<BR>};<BR><BR>zone
"10.168.192.in-addr.arpa" IN {<BR>type master;<BR>file
"reverse";<BR>};<BR></FONT><BR></FONT></FONT><FONT size=2><FONT
face=Arial><STRONG><U>My root File (Points to another DNS acting as Root
server let us call rootns.man)<BR></U></STRONG><BR></FONT></FONT><FONT
size=2><FONT face=Arial><FONT
color=#0000ff>.
86400
IN NS
rootns.man.<BR>rootns.man.
86400
IN A
1.2.3.4</FONT><BR><BR></FONT></FONT><FONT size=2><FONT
face=Arial><STRONG><U>My Forward and reverse
file<BR></U></STRONG><BR></FONT></FONT><FONT size=2><FONT face=Arial><FONT
color=#0000ff>$TTL 3600<BR>@ IN SOA abc.com. root.abc.com.
(<BR>
42 ;
serial<BR>
3H ;
refresh<BR>
15M ;
retry<BR>
1W ;
expiry<BR>
1D) ;
minimum<BR>
IN NS abc.com.<BR>abc.com. IN A 192.168.10.12<BR><BR><BR>$TTL 3600<BR>@ IN
SOA abc.com.
root.abc.com.(<BR>
42 ;
serial<BR>
3H ;
refresh<BR>
15M ;
retry<BR>
1W ;
expiry<BR>
1D) ; minimum<BR><BR> IN NS abc.com.<BR>12 IN
PTR abc.com.<BR></FONT><BR></FONT></FONT><FONT size=2><FONT
face=Arial><STRONG><U>In the other DNS server rootns.man (acting root
server)<BR></U></STRONG><BR></FONT></FONT><FONT size=2><FONT
face=Arial><FONT color=#0000ff>zone "." IN {<BR>type master;<BR>file
"forward";<BR>};<BR></FONT><BR><BR></FONT></FONT><FONT size=2><FONT
face=Arial><STRONG><U>Forward file in roons.man
server<BR><BR></U></STRONG><BR></FONT></FONT><FONT size=2><FONT
face=Arial><FONT color=#0000ff>$TTL
86400<BR>@
IN SOA rootns.man
root.rootns.man (<BR>
42
; serial (d.
adams)<BR>
3H
;
refresh<BR>
15M
;
retry<BR>
1W
;
expiry<BR>
1D )
;
minimum<BR>.
IN NS
rootns.man.<BR>rootns.man. IN A
1.2.3.4</FONT><FONT
color=#0000ff> </FONT></FONT></FONT></P>
<P><FONT face=Arial size=2></FONT> </P>
<P><FONT face=Arial size=2><STRONG>Once completing this I have a minor
problem that is my abc.com server is not able to determine the root server
(rootns.man) IP address. attached the DIG output from abc.com server. can
any one please help me in resolving this issue.</STRONG></FONT></P>
<P><FONT face=Arial size=2><STRONG></STRONG></FONT> </P>
<P><FONT face=Arial size=2>Regards</FONT></P>
<P><FONT face=Arial
size=2>Mani</FONT></P></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>