DNS Newbie Help!

Okay, for the last week, I've read 2 books, and google'd my butt off, including searching the DNS part of the forum to death (or it seems), and I'm still baffled. It could be because I'm looking at too many things, so hopefully instead of making guesses, someone can help.

I'm running RedHat 9 with Bind 9.2 and I'm trying to get my own name servers up.. I've followed the examples in the books, replacing their domain with mine, and I still can't get it to work.

Here is what I was aiming for:

mindsquad.com = 216.240.135.204 (works - explanation below)
ns1.mindsquad.com = 216.240.135.205
ns2.mindsquad.com = 216.240.135.206
mail.mindsquad.com = 216.240.135.207

All pointing to the same machine (I know the reprocussions, and I plan on taking that risk until I can get another computer up for ns2...)

Here is a link to my zone files. These are just a copy, they aren't my actual zones, but maybe I have something wrong?

Currently my domain is being pointed to my providers NS because I can't get my own name servers to ping. OpenSRS won't let me change NS until they can ping it too... so that's why you'll be able to get to mindsquad.com.

When I try to ping ns1.mindsquad.com I get a "could not be found error" but when I'm at the console I get:

[drsprite@web drsprite]$ host ns1.mindsquad.com
ns1.mindsquad.com has address 216.240.135.205
[drsprite@web drsprite]$ host -t PTR 216.240.135.206
206.135.240.216.in-addr.arpa domain name pointer ns2.mindsquad.com.

So it appears as though it's working from localhost.

Maybe everything is fine and it takes more than 2 days to replicate? or maybe I've forgotten something?? ahh!!??? hehe

Please help!

Thanks!

Delete this from your named.conf

****************************
zone "ns2.mindsquad.com" IN {
type master;
file "ns2.mindsquad.zone";
};

zone "ns1.mindsquad.com" IN {
type master;
file "ns1.mindsquad.zone";
};
***************************
Delete the two associated zone files. those 2 HOSTS are handled by the "mindsquad.com" DOMAIN or ZONE. You almost NEVER specify hosts in the named.conf. That is the job of the zone file. This change breaks nothing, and might not solve anything. It is just more efficient.

After making the above change and confirming that it didn't solve anything, explain to me how you are setup. You say that all those IP's point to the same machine? You really have multiple IP addresses and a single router or computer handles all those interfaces? And ARE you using a router or is this mega machine directly connected to the internet all by its lonesome?

After I make the change, do I have to wait for a replication time, or should be be instant?

I have a linux machine at a provider that's connected to a 5gb fiber line. I have 16 static ip's all pointing to the machine, .204 - 219. As for their infrastructure, I don't know how they have it setup exactly. I'm almost certain it's on a router.

I've made the change and restarted the named service so it would update. I didn't make a change to the zones, should I change the serial numbers?

I do have reverse authority on my providers name servers that point to ns1 and ns2... (in case that was your next question).

Thanks!

Okay, I found your examples at http://www.dollardns.net/bind/ and I've modified them to suit my domain. The updated files are at the same location as above.

I'm not sure if these files are good for STARTING a name server, or if they are to be used with people who have already created that step, but I've moved the old config files to /zone/old so that I could keep a copy to reference, and restarted the named service with the new files in place. From the localhost, I was able to nslookup and ping all 4 IPs/hosts...


Please take a look at the updated files at www.mindsquad.com/zone - hopefully, this will fix everything.

Do you see any discrepancies? How long does it take to replicate changes like this? 24-48 hours?

I've changed the serial numbers as well...

I can ping www.mindsquad.com and mail.mindsquad.com - except mail.mindsquad.com is coming up as .204, when it should be .207... That change is reflected in these new updated files.

I'm not feeling too confident with myself...so suggestions/reassurance would help! hehe

Thanks again

http://www.dollardns.net/cgi-bin/dn...=AXFR&submit=DS

That's a zone transfer of your reverse zone. As you can see the primary server in the SOA record is improperly configured.

I also pulled a list of hosts for your domain here:

http://www.dollardns.net/cgi-bin/dn...&lr=1&submit=DS

When I saw it it was:

mindsquad.com NS ns1.calpop.com
mindsquad.com NS ns2.calpop.com

ns1.calpop.com A 216.240.130.2
ns2.calpop.com A 216.240.150.2

So apparently it hasn't updated yet. You can check the above link anytime to see if it has.

Yeah, I can't change my name servers at the registrar level until I can get ns1.mindsquad.com and ns2.mindsquad.com to ping because OpenSRS needs to verify they exist before they will allow the change over (they must ping it too).

So if you think everything looks good in my current zone files (www.mindsquad.com/zone) (that's the impression I got, since you didn't offer a way to fix them??).... then I'm sure it's just a waiting game now before I can change it at the registrar level...

Well, I've checked both of your server IP's and they return DNS responses and pings so that's all good.

So what's this OpenSRS thing and how can I check it out so that I can understand why they mess with ping at all.

OpenSRS is the registrar of my domain. It's the top level where you specify all the contact information, including name servers, when you do a whois on my domain. Some people have their domains through yahoo.com or network solutions... mine is through OpenSRS which is managed by Tucows.

When I try to add ns1.mindsquad.com to my domain as a nameserver (and remove ns1.calpop.com) using their web interface management utility, I get the following error: Unable to add nameservers: Command failed: unable to verify existence of nameserver ns1.mindsquad.com - Which tells me that;

A) My DNS settings are incorrect
or
B) Everything looks good, I just have to wait longer for it to replicate so that they can "verify it's existence"...

Last night I did make the change using your example files from your website, so I think now I have to wait to see if they were successful or not. But I don't know... otherwise I wouldn't be asking so many questions... hehe

From a command prompt on my computer at home I get:
nslookup ns1.mindsquad.com
Server: boston1-qwest.bellatlantic.net
Address: 151.203.0.84

*** boston1-qwest.bellatlantic.net can't find ns1.mindsquad.com: Non-existent do
main

From the mindsquad.com localhost I get:
[drsprite@web drsprite]$ nslookup -sil ns1.mindsquad.com
Server: 216.240.135.205
Address: 216.240.135.205#53

Name: ns1.mindsquad.com
Address: 216.240.135.205

that's what I thought. They don't ping your servers to verify their existance. You need to register your name server domains. You need to find where you can specify the name server domains and IP's so that they know the address to send to clients to get to your servers. So find the place you can register or 'create' your name server domains.

Well, if my provider granted me reverse dns authority on their ns, for my ns1 and ns2, wouldn't that be registering the name servers?

If not, where else could/should I do it?

Let me explain why it is necessary so that you may understand.

You have registered "mindsquad.com" and you wish to use "ns1.mindsquad.com" and "ns2.mindsquad.com" as your DNS servers. You try to enter those domains as your hosts, but what are their IPs? When joe wants to resolve "www.mindsquad.com" they ask the root DNS servers where to look. So joe finds out he needs to go to ns1.mindsquad.com. But where is that? It must resolve that domain too. But when it tries, it is told to look at ns1.mindsquad.com. As you can see that doesn't work. So not everything must be on the host servers only. The root servers themselves must know your IP. They must know the IP for ns1.mindsquad.com and ns2.mindsquad.com. But who is going to put that information there? Your registrar. So it is your registrar who must know your domains AND your IPs of your DNS servers.

If you can't figure out how to create or register your name servers with your registrar, then you must contact them. There is no other way for you to use dns servers with hosts based on your domain.

Oh okay... after looking at my registrars manager web applet, there's a small link at the very bottom of the page to "If you want to create or modify a nameserver which is based on mindsquad.com click here."

I HATE when they make things hard to find... lol... I added the name servers, and I was able to add them to my manager. Jeez, had I known (or understood better how it worked) it was THAT easy, I would've saved myself some trouble.

Have you looked at my new zone files? Do they look good?

If so, then I think I may finally be all set, and this week's headache can go away!

I've already checked out your server's zones and they appear fine.

Awesome. Now I just have to wait for the replication time, and that will be the true test. I'm already a step ahead of where I was before I signed up for here.

Thanks man, you've been a great help!

This is music to my ears.. (or to my eyes?):
Domain name: MINDSQUAD.COM
Domain servers in listed order:
NS1.MINDSQUAD.COM - 216.240.135.205
NS2.MINDSQUAD.COM - 216.240.135.206

That's from the whois... hehe, now it's another waiting game.

Thanks again!

Excellent. Looks good! I