Page 2 - RH9 linux server need help with setup!

Your server1.phatgears.com can't be reached, period.

why do you think I'm writing on this forum?



If you can't provide an intelligent answer, please - just don't reply at all. Thanks.

Sincerely,
Andy

Just because you didn't see known errors in your log does not mean your BIND is up and running properly. I already said dozen times, it can't be reached ON MY END, what other indication do you want me to tell you? Just because you can reach it locally doesn't mean everyone else can. Being able to log in via ssh tells nothing as BIND ain't sshd.
Go reread what I said in my last two post:Your fvcking attitude towards helpers tells me not to give you futher help. Enough said.

No need to get so mad because you can't figure out what's going on. It's okay. I didn't mean for you to stress so much. Have some Christmas spirit. Enjoy the holidays.

I layed out in detail what my log message looks like as well as my firewall setup. Telling me that I can't see errors in there, without pointing out what, is another lame comment - please save the lame comments.

As far as you saying "reaching it locally" is just wrong. I'm not accessing it locally. As a matter of fact, the server is in San Diego and I'm up in LA.

Lastly, I do apologize for the previous post if my "attitude" seemed unadequate to you, but that's not to say that yours was any better. Moreover, I do thank you for your responses, however, don't reply to my posts if it gets your panties all up in a bunch. Just relax and pick it.

Merry Christmas freebsd.

Sincerely,
Andy

I just tested your *.131 and *.135 IP's.

Both IP's respond to pings
A trace route on both IP's produce a slightly different route at the end which suggests that maybe both IP's isn't being directed to the same computer. But this is not a certain thing.

A UDP request to *.131 port 53 returned a "Port Unreachable" ICMP packet which says that there is nothing bound to that port. TCP requests time out.

A UDP request to *.135 port 53 times out, and a TCP request is forcefully rejected which suggests that a firewall is NOT blocking the way, but rather that the server is not running or the *.135 box is not the same box as the one you setup BIND on.

Do you connect to this IP in any way to "login"? Or is it another IP that you login to? Can you login with the *.135 IP if it is the *.131 IP that you login to?

"my securitylevel is set to medium right now, and I could log onto the server via ssh. Do you suggest that I take down any security/firewall on my server?"

It doesn't hurt, but there are other troubles besides firewalls we need to worry about.

Who was the thread starter? Who is asking for help? Who can't figure out what's going on? You mother fvcker. If I got access to your box, I'd have figured out the problem in no time. You are just being the dummy seeking for help here.

All you mentioned about the firewall was that securitylevel is set to medium. You did not mention what kind of firewall, who in the world knows how restrictive that medium is. That said, you should have provided your firewall ruleset but you failed to do so. That's why I told you to look for the firewall problem then you replied with why do you think I'm writing on this forum?.

I already told you to do 3 things but you repeatedly ignored my suggestions:
1) allow-transfer { 206.13.28.11; 206.13.29.11; }; in your phatgears.com zone
2) IN NS ns1.pbi.net.
IN NS ns2.pbi.net.
3) your BIND is either not up and running or there's a firewall in between blocking DNS queries implies your server1.phatgears.com can't be reached
Like I said, being able to access your server via ssh tells nothing. We need to be able to send DNS query to your BIND.

Fvck off. Never forget that you are the one asking for free help and I don't get paid to help you. You need to know your position here.

freeBSd:
plz... I told you to pick your pantie - not shove it all the way up.
plz... just don't respond to my posts
plz... no profanity. I'm not here to cyber-bang. If you must curse, have some balls to spell it out correctly.
___________________________________

SilentRage:
the ip, .135 is a lame server. I only have .131 setup.
Like you mentioned, firewall is not the problem here (I took down the firewall and didn't help any).
It could possibly be that rndc.conf is not setup correctly on my server. I have done some research on it, and it seems as though a lot of RH9 users are having problems with it.
"rndc stats" gives me "connection refused" and sometimes,
gives me stats like:

+++ Statistics Dump +++ (1072407274)
success 0
referral 0
nxrrset 0
nxdomain 0
recursion 0
failure 0
--- Statistics Dump --- (1072407274)

-----------
"rndc status" is refused as well but once in a while it will spit out something like:
zones 5
.....
server is up and running
-----------
yet, even when I get no error from rndc commands, server1.phatgears.com still can't be reached.

well, I should go back to more reading and researching, but let me know if you have any suggestions. Thank you.

sincerely,
Andy

well I'm not done with you yet. You say you login to the server. Well let's test your dns server locally.

enter this at the ssh or telnet commandline on your server:

dig @127.0.0.1 yahoo.com

All we're doing here is verifying that the server is running. Tell me what response you get.

[root@phatgears /]# dig @127.0.0.1 yahoo.com

; <<>> DiG 9.2.1 <<>> @127.0.0.1 yahoo.com
;; global options: printcmd
;; connection timed out; no servers could be reached

--------------

Does this ring a bell for you? hope it does... Thanks for the help.

Sincerely,
Andy

Well goodness, BIND isn't even running. In that case execute named with the -g option. Something like the following except with the correct path.

/usr/sbin/named -g

Paste for me the response you get.

[root@phatgears /]# named -g
Dec 28 01:25:50.796 starting BIND 9.2.1 -g
Dec 28 01:25:50.797 using 1 CPU
Dec 28 01:25:50.808 loading configuration from '/etc/named.conf'
Dec 28 01:25:50.851 no IPv6 interfaces found
Dec 28 01:25:50.852 listening on IPv4 interface lo, 127.0.0.1#53
Dec 28 01:25:50.854 binding TCP socket: address in use
Dec 28 01:25:50.854 listening on IPv4 interface eth0, 66.126.193.131#53
Dec 28 01:25:50.855 binding TCP socket: address in use
Dec 28 01:25:50.855 listening on IPv4 interface eth0:1, 66.126.193.135#53
Dec 28 01:25:50.855 binding TCP socket: address in use
Dec 28 01:25:50.865 /etc/named.custom:20: couldn't add command channel 127.0.0.1#953: address in use
Dec 28 01:25:50.866 ignoring config file logging statement due to -g option
Dec 28 01:25:50.866 couldn't open pid file '/var/run/named/named.pid': File exists
Dec 28 01:25:50.866 exiting (due to early fatal error)
________________

how do I fix it? I think you pin pointed the source of my problem. so, could you explain why I'm getting the fatal error? Thank you so much for your expert help silentrage.

Sincerely,
Andy

Maybe not so expert. I may have been wrong. It looks like it is running. I want you to shut down BIND, and make sure it's shut down before trying the named -g command again.

rndc stop

that's one way of doing it. But after you try that, I want you to do this:

ps -A

Is there any "named" entries? If so, I want you to kill the process ID for one of them (ex. "kill 1234"). That'll terminate the process for sure. But first check to make sure "named" isn't in the "ps -A" list and then try the named -g again showing me the results.

darn.. I thought you were so close.
But you are still THE expert. here's what I get:

[root@phatgears root]# ps -A
PID TTY TIME CMD
1 ? 00:00:04 init
2 ? 00:00:00 keventd
3 ? 00:00:00 kapmd
4 ? 00:00:00 ksoftirqd_CPU0
9 ? 00:00:00 bdflush
5 ? 00:00:00 kswapd
6 ? 00:00:00 kscand/DMA
7 ? 00:01:17 kscand/Normal
8 ? 00:00:00 kscand/HighMem
10 ? 00:00:00 kupdated
11 ? 00:00:00 mdrecoveryd
15 ? 00:00:02 kjournald
113 ? 00:00:00 khubd
1297 ? 00:00:00 kjournald
1636 ? 00:00:00 syslogd
1640 ? 00:00:00 klogd
1658 ? 00:00:00 portmap
1677 ? 00:00:00 rpc.statd
1745 ? 00:00:00 apmd
1782 ? 00:00:01 sshd
1796 ? 00:00:00 xinetd
1815 ? 00:00:00 sendmail
1824 ? 00:00:00 sendmail
1834 ? 00:00:00 gpm
1845 ? 00:00:01 httpd
1854 ? 00:00:00 crond
1926 ? 00:00:00 xfs
1944 ? 00:00:00 atd
1954 ? 00:00:00 rhnsd
1960 tty1 00:00:00 mingetty
1961 tty2 00:00:00 mingetty
1962 tty3 00:00:00 mingetty
1963 tty4 00:00:00 mingetty
1964 tty5 00:00:00 mingetty
1965 tty6 00:00:00 mingetty
1966 ? 00:00:00 gdm-binary
2009 ? 00:00:00 gdm-binary
2010 ? 00:00:02 X
2024 ? 00:00:00 gnome-session
2067 ? 00:00:00 ssh-agent
2072 ? 00:00:01 gconfd-2
2074 ? 00:00:00 bonobo-activati
2076 ? 00:00:00 metacity
2078 ? 00:00:00 gnome-settings-
2083 ? 00:00:00 fam
2088 ? 00:00:00 xscreensaver
2091 ? 00:00:00 magicdev
2093 ? 00:00:01 gnome-panel
2095 ? 00:00:01 nautilus
2098 ? 00:00:00 eggcups
2100 ? 00:00:00 gnome-session-p
2102 ? 00:00:00 pam-panel-icon
2105 ? 00:00:00 pam_timestamp_c
2109 ? 00:00:00 nautilus-throbb
2115 ? 00:00:00 notification-ar
3519 ? 00:00:00 cupsd
3637 ? 00:00:00 httpd
3638 ? 00:00:00 httpd
3639 ? 00:00:00 httpd
3640 ? 00:00:00 httpd
3641 ? 00:00:00 httpd
3642 ? 00:00:00 httpd
3643 ? 00:00:00 httpd
3644 ? 00:00:00 httpd
8119 ? 00:00:00 sshd
8121 pts/0 00:00:00 bash
8222 pts/0 00:00:00 ps
[root@phatgears root]#
--------------------------------------------
and

[root@phatgears root]# named -g
Dec 28 10:56:39.959 starting BIND 9.2.1 -g
Dec 28 10:56:39.960 using 1 CPU
Dec 28 10:56:39.972 loading configuration from '/etc/named.conf'
Dec 28 10:56:40.014 no IPv6 interfaces found
Dec 28 10:56:40.015 listening on IPv4 interface lo, 127.0.0.1#53
Dec 28 10:56:40.017 listening on IPv4 interface eth0, 66.126.193.131#53
Dec 28 10:56:40.018 listening on IPv4 interface eth0:1, 66.126.193.135#53
Dec 28 10:56:40.028 command channel listening on 127.0.0.1#953
Dec 28 10:56:40.029 ignoring config file logging statement due to -g option
Dec 28 10:56:40.029 couldn't open pid file '/var/run/named/named.pid': Permission denied
Dec 28 10:56:40.029 exiting (due to early fatal error)
[root@phatgears root]#
--------------

Same error as before. What's next? Thanks again SilentRage.

Sincerely,
Andy

Try this command:

./named -u named -g

And show me the response. Once again, make sure it isn't already running first. If you see messages saying "address in use" then it is already running.