DNS problem

I think, i have a problem with my dns configuration. This is what i get when i type a few commands for checking my dns, where my full hostname is server.mydomain.com and ip is 192.168.1.1( i didn't include my real domain but that is ofcourse not necessary)


[root@server root]# host server
Host server not found: 3(NXDOMAIN)

[root@server root]# host 192.168.1.1
Host 1.1.168.192.in-addr.arpa not found: 2(SERVFAIL)

[root@server root]# host mydomain.com
Host mydomain.com not found: 2(SERVFAIL)

[root@server root]# nslookup server
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 192.168.1.1
Address: 192.168.1.1#53

** server can't find server: NXDOMAIN

[root@server root]# nslookup 192.168.1.1
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 192.168.1.1
Address: 192.168.1.1#53

** server can't find 1.1.168.192.in-addr.arpa: NXDOMAIN

[root@server root]# nslookup mydomain.com
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 192.168.1.1
Address: 192.168.1.1#53

** server can't find mydomain.com: SERVFAIL

[root@server root]# dig server

; <<>> DiG 9.2.2-P3 <<>> server
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;server. IN A

;; AUTHORITY SECTION:
. 10431 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2003112501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Nov 26 09:20:54 2003
;; MSG SIZE rcvd: 99
[root@server root]# dig 192.168.1.1

; <<>> DiG 9.2.2-P3 <<>> 192.168.1.1
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26844
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;192.168.1.1. IN A

;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2003112501 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Nov 26 09:21:24 2003
;; MSG SIZE rcvd: 104

[root@server root]# dig mydomain.com

; <<>> DiG 9.2.2-P3 <<>> mydomain.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 30477
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mydomain. IN A

;; Query time: 1 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Nov 26 09:21:56 2003
;; MSG SIZE rcvd: 40

All of which simply says there's no DNS server running on 192.168.1.1

Do you expect there to be a DNS server on that IP address? If so, then your DNS server needs to be started and or configured.

If not, then you need to configure your system to know where the real DNS resolver is located. You can usually just edit /etc/resolv.conf -- but there's normally a cleaner way to configure your system's DNS resolution. (I have no idea how to configure your system.)

I disagree. Both nslookup and dig agrees that they queried 192.168.1.1 and got responses. Host doesn't even say.

The server lookup is invalid and was not found according to all utilities.

The second two lookups were valid, but according to all three utilities "mydomain.com" is incorectly configured and returned SERVFAIL's probably due to syntax error in the zone file.

host seems to think that 192.168.1.1 (the arpa address) is SERVFAIL'ing as well, however the other two utilities think it simply doesn't exist. I trust the other 2 utilities more. You probably don't have a reverse IP mapping zone for the 192.168.1.1 address.

Since a dns server was never specified, 192.168.1.1 was used as default which suggests that resolv.conf is already properly configured.

OK...But what is wrong. I configured reverse lookup.Here are the files, from /var/named
one called bahadoer.zone and one 192.168.1.rev both are mentioned in /etc/named.conf, maybe there is a syntax error

bahadoer.zone:
$ORIGIN .
$TTL 3600 ; 1 hour
bahadoer.homelinux.com IN SOA server.bahadoer.homelinux.com. root.server.bahadoer.homelinux.com. (
1 ; serial
21600 ; refresh (6 hours)
1800 ; retry (30 minutes)
604800 ; expire (1 week)
3600 ; minimum (1 hour)
)
NS server.bahadoer.homelinux.com.
A 192.168.1.1
;MX 10 mail.bahadoer.homelinux.com.
TXT "Bahadoer Homelinux com"
$ORIGIN bahadoer.homelinux.com.
; Static Adresses
$TTL 259200 ; 3 days
gateway A 192.168.1.254
fw A 192.168.1.254
www A 192.168.1.1
;proxy A 192.168.1.1
pdc A 192.168.1.1
ns1 A 192.168.1.1
dhcp A 192.168.1.1
;mail A 192.168.1.1
;As you can see, you can put a hostname in your domain with any address
;dmz1 A 172.16.1.2
; This file will be automatically updated when a DHCP assigns an address
$TTL 600 ; 10 minutes

and for 192.168.1.rev
$ORIGIN .
$TTL 259200 ; 3 days
1.168.192.in-addr.arpa IN SOA server.bahadoer.homelinux.com. root.server.bahadoer.homelinux.com. (
1 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS server.bahadoer.homelinux.com.
$ORIGIN 1.168.192.in-addr.arpa.
; Static Addresses
$TTL 259200 ; 3 days
; 192.168.1.254 is my default gateway/firewall (US Robotics)
; Notice you can have multiple names for each IP address
254 PTR gateway.bahadoer.homelinux.com.
PTR fw.bahadoer.homelinux.com.
; 192.168.1.1 is my internal web/firewall/proxy/pdc/mail/dhcp server
; (a linux machine)
1 PTR www.bahadoer.homelinux.com.
PTR proxy.bahadoer.homelinux.com.
PTR dhcp.bahadoer.homelinux.com.
PTR pdc.bahadoerhomelinux.com.
; PTR mail.bahadoer.homelinux.com.
PTR bahadoer.homelinux.com.
; This file will be automatically updated when DHCP issues an address
$TTL 600 ; 10 minutes

Nothing I can't stand more about messily formatted zone files. I took the liberty to completely reformat them. I encountered a possible syntax error in both concerning the SOA record where the closing parentheses may have been ignored cause it came after the comment symbol.

[link removed: see: http://www.dollardns.net/bind/]

I changed the zone name of this file cause its content was entirely bahadoer.homelinux.com records. There were no "bahadoer.com" records in the zone file. If you added this file in named.conf as "bahadoer.com" zone file then it will fail. The changes I made has not in any way changed the data.

[link removed: see: http://www.dollardns.net/bind/]

I kept this file's data the same as well, however while multiple PTR records for a single IP is legal, it is not supported by resolver clients and is actually discouraged.

Sorry SilentRage, for that scrappy format of the file. After changing the zone file and rev file, how can i check if everything is working allright?

the best way is to check your dns remotely. So follow the following instructions.

Click here:
http://www.dollardns.net/cgi-bin/dn...=AXFR&submit=DS

My script will tell you that of course it can't send queries to your private server, so it'll provide a link to use your public IP instead. Click that link and verify that your entire zone was returned properly.

Click here to test your reverse zone
http://www.dollardns.net/cgi-bin/dn...=AXFR&submit=DS

P.S. for the above links to work you must have port 53 TCP open

OK. tried the link and this what i got
'62.234.41.131' returned error: Server Failure

No Answer Records

No Authority Records

No Additional Records

not good i think

and for the rev lookup

'62.234.41.131' returned error: Not Authenticated

No Answer Records

No Authority Records

No Additional Records

i didnot check any of the boxes

Not good indeed. Let's take a look at your named.conf.

here it is

// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "bahadoer.homelinux.com" IN {
type master;
file "bahadoer.homelinux.com.zone";
allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.rev";
allow-update { none; };
};
include "/etc/rndc.key";

Well things look pretty good there. Check your syslog for named errors on startup if you're in linux, or Event Viewer if you're in windows.

I'm using fedora linux. I can't find the logfiles for named. Searched in /var/named , /etc, /etc/log.d. Where can I see the path notation of the logfiles of named?

I only know so much about linux. All I know is that bind sends various messages to the syslog deamon which is linux's system logger. In searching I found the path to the syslog program, but not the path to the actual log file, or a means to read the log file.

But here's an alternative way of reading that information. Shut down bind, then start it using the -g option.

although we changed the file name from bahadoer.zone to bahadoer.homelinux.com.zone, named still tries to load bahadoer.zone. I have changed the name in /etc/named.conf as you told me before in the previous postings.Could this be the reason for the error?


[root@server root]# tail -f /var/log/messages
Nov 29 09:21:48 server named[6165]: no IPv6 interfaces found
Nov 29 09:21:48 server named[6165]: zone bahadoer.homelinux.com/IN: loading master file bahadoer.zone: file not found
Nov 29 15:21:48 server named: named reload succeeded
Nov 29 09:30:18 server named[6165]: loading configuration from '/etc/named.conf'
Nov 29 09:30:18 server named[6165]: no IPv6 interfaces found
Nov 29 15:30:18 server named: named reload succeeded
Nov 29 09:30:47 server named[6165]: loading configuration from '/etc/named.conf'
Nov 29 09:30:47 server named[6165]: no IPv6 interfaces found
Nov 29 15:30:47 server named: named reload succeeded