RH9 linux server need help with setup!

Hi all. Hope you can help me, a newbie, with setting up my first webserver. Pacbell refuses to reply to my emails, so I'm turning to you guys for help. I'm not sure if I'm allowed to give out my info like this, but I wanted to be specific about my questions and need specific answers as well. Below is the one and only email I received from pacbell admin:

-----------------------------------------------------------------------
Dear hostmaster,

The PBI assigned IP block has been delegated to your DNS server for the reverse in-addr lookups. This is an RFC 2317

"style" delegation of an IP block < Class C. The in-addr zone has been delegated to:

phatgears.com 66.126.193.128/29
prim. = server1.phatgears.com = 66.126.193.131
sec. = server2.phatgears.com = 66.126.193.135

You will need to run the following reverse in-addr zone:


128.193.126.66.in-addr.arpa

Please add NS records for ns1.pbi.net and ns2.pbi.net, and allow zone transfers to these nameservers.

Please see that attached DNS F.A.Q. for more information. If you are unwilling or unable to handle this delegation,

please email dns-admin@pbi.net and it will be replaced with generic entries. Any future changes to these reverse

entries are subject to the standard fees associated with custom DNS entries as stated in your contract.

Pacific Bell Internet Services' Policy requires that ns1.pbi.net and ns2.pbi.net perform secondary DNS resolution for reverse lookups for

all delegated zones. Please allow zone transfers to occur to ns1.pbi.net (206.13.28.11) and ns2.pbi.net (206.13.29.11) for the in-addr zones.

Thanks,
DNS Administrator
Pacific/Southwestern Bell Internet Services
---------------------------------------------------------------------
let me first tell you guys that I have a redhat 9 server running BIND 9.2.1, and Apache 2.0.40. This server handles ip's 66.126.193.131=server1.phatgears.com and 66.126.193.135=server2.phatgears.com.

Here come the questions (forgive me if I sound like an idiot):
1) Should the interNIC record have server1&2.phatgears.com as the nameservers OR ns1&2.pbi.net?
2) I don't understand why admin delegated the in-addr zone 66.126.193.128 instead of 66.126.193.
3) The email above instructs me to run a reverse-in-addr zone -128.193.126.66.in-addr.arpa. I figure this file should have records something like "1.128.193.126.66.in-addr.arpa. IN PTR www.phatgears.com", but my usable ip's 66.126.193.131 thru 135. I can't even form a question on this issue. help?
4) Zone transfer issue: I'm not sure if I should be running a primary server or secondary(slave) server. I tried to do allow-transfer to ns1&ns2.pbi.net, but I'm not sure if I'm doing it right.
5) How should my resolve.conf file look like? as of now pacbell nameservers are present in the file. should it include my domain name as well?
----------------------------------------------------------------------
okay, I think the answers to these questions will hopefully lead me in the right direction. I have read a lot of help sites, and read through DNS and BIND books, but can't figure out why my server isn't working. Plz email me at hotdrew24@hotmail.com if you need to see my /named files to further assist me. I appreciate you reading through this long agonizing post, and thank you so much for your input.

sincerely,
Andy

This is what your configuration needs to look like. If you really need an explanation on how 66.126.193.128/29 means you get IP's 128 through 135, ask and I'll tell you in the next post.

In BIND's named.conf you'd have the following zone statement:

[server1.phatgears.com "named.conf"]

zone "128.193.126.66.in-addr.arpa" IN {
&nbsp;&nbsp;&nbsp;&nbsp;type master;
&nbsp;&nbsp;&nbsp;&nbsp;# PBI IP's required by PBI delegation terms
&nbsp;&nbsp;&nbsp;&nbsp;allow-transfer { 206.13.28.11; 206.13.29.11; 66.126.193.135; };
&nbsp;&nbsp;&nbsp;&nbsp;file "66.126.193.128.rev";
};

[server2.phatgears.com "named.conf"]

zone "128.193.126.66.in-addr.arpa" IN {
&nbsp;&nbsp;&nbsp;&nbsp;type slave;
&nbsp;&nbsp;&nbsp;&nbsp;masters { 66.126.193.131; };
&nbsp;&nbsp;&nbsp;&nbsp;# PBI IP's required by PBI delegation terms
&nbsp;&nbsp;&nbsp;&nbsp;allow-transfer { 206.13.28.11; 206.13.29.11; };
&nbsp;&nbsp;&nbsp;&nbsp;file "66.126.193.128.rev";
};

And your master zone file will look something like this:

[server1.phatgears.com "66.126.193.128.rev"]



I have tested this, and it works very well on BIND 9.2.2.

P.S. WARNING!!!

"Any future changes to these reverse entries are subject to the standard fees associated with custom DNS entries as stated in your contract."

If I interpret that correctly, that means PBI will charge you if you change the PTR domain pointers after you initially set them.

P.S.S. TIP

Removing the "128." from the zone declarations and ORIGIN may have things work even better (cause then CNAME'ing wouldn't occur). However, I followed PBI's cryptic instructions in case it may be against their terms.

First of all, thank you for your response. Yes, I would like to know how 66.126.193.128/29 = I get ip's 128-135.
Next thing is to ask what I should do if I only have one server, which is the 66.126.193.131. How can I handle server2.phatgears.com - 66.126.193.135 w/out having a second server, or is that even possible?
Next, here's what my named.conf looks like as of now:

[server1.phatgears.com 66.126.193.131]
-------------------------------------------
options {
directory "/var/named";
};

zone "0.0.127.in-addr.arpa" {
type master;
file "db.127.0.0";
};
zone "128.193.126.66.in-addr.arpa" IN {
type master;
allow-transfer { 206.13.28.11; 206.13.29.11; 66.126.193.135; };
file "66.126.193.128.rev";
};

zone "phatgears.com" {
type master;
allow-transfer { 206.13.28.11; 206.13.29.11; };
file "phatgears.com";
};
zone "." in {
type hint;
file "db.cache";
};
-----------------------------------------
And here's what my "66.126.193.128.rev" file looks like:
------------
$ORIGIN 128.193.126.66.in-addr.arpa.
$TTL 15m
@ SOA server1.phatgears.com. hotdrew24.hotmail.com. (
2003122101 ; Serial
1h ; Refresh after 3 hours
30m ; Retry after 1 hour
1w ; Expire after 1 week
15m ) ; Negative caching TTL of 1 hour

NS server1.phatgears.com.
NS server2.phatgears.com.
NS ns1.pbi.net.
NS ns2.pbi.net.

131cd ..
PTR www.phatgears.com.
131 PTR server1.phatgears.com.
131 PTR phatgears.com.
135 PTR server2.phatgears.com.
--------------------------------------------------
I tried to make it look like your example as much as possible.
phatgears.com or www.phatgears.com is still not working. Am I doing what you told me to do, or am I still lost? here's part of my message log:
--------------------------------------------------
Dec 21 23:13:26 phatgears named[2228]: starting BIND 9.2.1 -u named
Dec 21 23:13:26 phatgears named[2228]: using 1 CPU
Dec 21 23:13:26 phatgears named: named startup succeeded
Dec 21 23:13:26 phatgears named[2228]: loading configuration from '/etc/named.conf'
Dec 21 23:13:26 phatgears named[2228]: no IPv6 interfaces found
Dec 21 23:13:26 phatgears named[2228]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 21 23:13:26 phatgears named[2228]: listening on IPv4 interface eth0, 66.126.193.131#53
Dec 21 23:13:26 phatgears named[2228]: listening on IPv4 interface eth0:1, 66.126.193.135#53
Dec 21 23:13:26 phatgears named[2228]: command channel listening on 127.0.0.1#953
Dec 21 23:13:26 phatgears named[2228]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2003122100
Dec 21 23:13:26 phatgears named[2228]: zone 128.193.126.66.in-addr.arpa/IN: loaded serial 2003122102
Dec 21 23:13:26 phatgears named[2228]: dns_master_load: phatgears.com:14: unknown RR type 'localhost'
Dec 21 23:13:26 phatgears named[2228]: zone phatgears.com/IN: loading master file phatgears.com: unknown class/type
Dec 21 23:13:26 phatgears named[2228]: running
Dec 21 23:13:26 phatgears named[2228]: zone 0.0.127.in-addr.arpa/IN: sending notifies (serial 2003122100)
Dec 21 23:13:26 phatgears named[2228]: zone 128.193.126.66.in-addr.arpa/IN: sending notifies (serial 2003122102)
---------------------------------------
I would really appreciate further feedback, and thank you again for your help.
Sincerely,
Andy

sorry my 66.126.193.128.rev file didn't paste over correctly.

Have you informed PBI and are they willing to be your slave? Do do not need their IPs above as they ONLY require your reverse to be set to them, not your phatgear.com itself. Your server2.phatgears.com can still be the slave nameserver for your phatgears.com's zone, just that you'd lose a little on reliability running both master and slave yourself.
Open and close it with [ code ] and [ /code ] without space.

Quoted from PBI's email to him:

"Pacific Bell Internet Services' Policy requires that ns1.pbi.net and ns2.pbi.net perform secondary DNS resolution for reverse lookups for all delegated zones. Please allow zone transfers to occur to ns1.pbi.net (206.13.28.11) and ns2.pbi.net (206.13.29.11) for the in-addr zones."

I'm guessing they require this so that they can monitor changes to PTR records easier and therefor charge for each change.

Read what I quoted, I was merely referring to the phatgears.com zone.

oooh yeah. heh. he needs to take that out.

Once again, thank you for your inputs, SilentRage and freebsd. I have made corrections as freebsd pointed out. however, there's still no response from phatgears.com or www.phatgears.com.

it's odd to me that only server1.phatgears.com responds. I know my queries have been long and dry, but could you guys re-check some of my questions and entries, and let me know if you guys find more "wrongful doings"? Thank you.

sincerely,
Andy

You need to create a zone record for phatgears.com. The reverse is a different record and different file. Go google for samples first. Also go http://www.dnsreport.com/ and check for problems yourself.

thanks for your reply. Here is a copy of my phatgears.com.zone file in /named:

$ORIGIN phatgears.com.
$TTL 15m
@ IN SOA server1.phatgears.com. hotdrew24.hotmail.com. (
2003122400 ; Serial
1h ; Refresh after 1 hour
30m ; Retry after 30 mins
1w ; Expire after 1 week
15m ) ; Negative caching TTL of 15 min

IN NS server1.phatgears.com.
IN NS ns1.pbi.net.
IN NS ns2.pbi.net.

localhost IN A 127.0.0.1
server1 IN A 66.126.193.131
www IN A 66.126.193.131
IN A 66.126.193.131
------------------------
does this look okay to you guys? is it okay to have www.phatgears.com, server1.phatgears.com, and phatgears.com all pointing to a single ip, or should I have CNAMES instead? another thing I was wondering is if it is okay to leave out the "IN" statement.

I was reading through some examples via google search, and now I'm questioning if my resolve.conf file is correct:
[resolve.conf]
search dsl.sndg02.pacbell.net
nameserver 206.13.30.12
nameserver 206.13.29.12

I read somewhere that I should have something like:

search subdomain.phatgears.com
nameserver server1.phatgears.com
nameserver server2.phatgears.com

As of now, testing phatgears.com at the referred website gives me all kinds of "FAILS". Nothing seems to be responding to phatgears.com by the looks of it.

Help again? Thank you so much guru's.
Sincerely,
Andy

You didn't do what I told you to. I already said pbl.net requires your 66.126.193.128.rev zone to transfer to them because you run the master and they need to be the slaves. Your 66.126.193.128.rev is absolutely different from your phatgears.com zone. For phatgears.com zone your server1 and server2 are authoritative, no one else. That said, you MUST not set the NS to ns1.pbl.net and ns2.pbi.net.
You entered server2.phatgears.com when registering your domain so why didn't you specify an NS to server2.phatgears.com? You also need an A recrod for server2.phatgears.com.
CNAMEs are being used only by DNS admins who are absolutely clueless in DNS.

In your resolv.conf remove the search line and use your pbi ones until yours is fully working.

Anyway, your zone record has shortcut all over. Note, shortcuts is for people who know what they are doing, you are not, so don't use it. Start here and read the mezzweb.com.now sample that I posted. There are a dozen hundred more examples, you just have to search harder.

Thank you for the correction. I made the changes to phatgears.com file and I attached it here. please look over my files, and see what other changes should be made. I apologize for asking for so much, but I have checked and re-checked the files and still can't understand how server1.phatgears.com works and not phatgears.com and www.phatgears.com. Thank you freebsd and any others that might be of any help.
sincerely,
andy

Because server1.phatgears.com and server2.phatgears.com are glued at roots. In short, the root servers have A records for server1 and server2, but not www.phatgears.com and phatgears.com.

Anyhow, your BIND is either not up and running or there's a firewall in between blocking DNS queries.