DNS is drivimg me crazy ! (need another set of eyes)
andy dingfelder
Ok, I made the jump and formatted my win2k box and installed redhat 9.
Now im having a bear of a time getting my DNS set up. I have perused a
gazillion how-to guides and am obviously missing something :( Im hoping
some kind soul can help to keep me from going back to the dark side :P
Basially, I would love another set of eyes to look at my config to see
what I am doing wrong.
Background Info: I used to have my web server, application server, dns,
sendmail and DB on my windows server and it all worked last week, so I
know the problem is not in my router or my domain itself...
Also, I shut my firewall completely off for this test so I know it must
be my DNS config. (my router is only granting access to port 80 for
web, 53 for DNS and 22 for SSH)
Finally, I believe DNS is up and running because I can telnet to
localhost 53 and when I grep for "named", I get:
[root@jomamma root]# ps -ef | grep named
named 5468 1 0 18:47 ? 00:00:01 [named]
root 5649 5622 0 22:13 pts/1 00:00:00 grep named
I will list my configuration below for convenience... I will be so
happy if anyone can point out ways to perfect my setup.
Thanks !
For these examples:
1. I am changing my domain to "mydomain"
2. The internal ip address of the linux box is 192.168.1.11.
3. The name servers are ns1.mydomain.com and ns2.mydomain.com and are
are registered with my server as their ip address (listed as
100.100.100.100 below). This ip is the external address of my linksys
router which is forwarding port 53 to my server's internal ip.
4. admin email is ad...@mydomain.com
5. server name is jomamma
----------------------------------------------------
>>>>>>> start /etc/hosts
127.0.0.1 jomamma localhost.localdomain localhost
>>>>>>> end /etc/hosts
----------------------------------------------------
>>>>>>> start /var/named/0.0.127.in-addr.arpa.zone
$TTL 3600
@ IN SOA ns1.mydomain.com. admin.mydomain.com. (
2003112418 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
)
NS ns1.mydomain.com.
NS ns2.mydomain.com.
1 PTR localhost.
>>>>>>> end /var/named/0.0.127.in-addr.arpa.zone
----------------------------------------------------
>>>>>>> start /var/named/1.168.192.in-addr.arp.zone
$TTL 3600
@ IN SOA @ root.localhost (
2003112418 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
)
@ IN NS ns1.mydomain.com.
@ IN NS ns2.mydomain.com.
>>>>>>> end /var/named/1.168.192.in-addr.arp.zone
----------------------------------------------------
>>>>>>> start /var/named/mydomain.com.zone
$TTL 3600
@ IN SOA ns1.mydomain.com. admin.mydomain.com. (
2003112501 ; serial
2880 ; refresh
720 ; retry
60480 ; expire
8640 ; ttl
)
IN NS ns1.mydomain.com.
IN NS ns2.mydomain.com.
IN MX 10 mail.mydomain.com.
ns1 IN A 100.100.100.100
ns2 IN A 100.100.100.100
jomamma IN A 100.100.100.100
www IN CNAME jomamma
webserver IN A jomamma
mail IN A jomamma
; eot
>>>>>>> end /var/named/mydomain.com.zone
----------------------------------------------------
>>>>>>> start /var/named/localhost.zone
$TTL 3600
$ORIGIN localhost.
@ 1D IN SOA @ root (
2003112417 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
1D IN NS @
1D IN A 127.0.0.1
>>>>>>> end /var/named/localhost.zone
----------------------------------------------------
>>>>>>> start /var/named/named.local
$TTL 3600
@ IN SOA localhost. root.localhost. (
2003112417 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
>>>>>>> end /var/named/named.local
----------------------------------------------------
(in this file the 3 nameservers are earthlink's dns servers)
>>>>>>> end /etc/resolv.conf
search mydomain.com
nameserver 207.217.120.83
nameserver 207.69.188.185
nameserver 207.69.188.186
>>>>>>> end /etc/resolv.conf
Pete Ehlke
>
> Ok, I made the jump and formatted my win2k box and installed redhat 9.
> Now im having a bear of a time getting my DNS set up. I have perused a
> gazillion how-to guides and am obviously missing something :( Im hoping
> some kind soul can help to keep me from going back to the dark side :P
>
> Basially, I would love another set of eyes to look at my config to see
> what I am doing wrong.
You're going to have to tell us what it is that makes you think
something is wrong. You haven't asked a question and you haven't
described a problem. What is it that used to work but now doesn't?
>
> Finally, I believe DNS is up and running because I can telnet to
> localhost 53 and when I grep for "named", I get:
Most dns transactions happen over udp, not tcp. It's good that you can
make a tcp connection to your name server, but unless you can send it a
query and get a response, you've not debugged much.
>
> For these examples:
> 1. I am changing my domain to "mydomain"
Don't do that. The DNS is inherently a public system. You don't protect
anything by obscuring data, and you *do* make it impossible for people
to actively debug your setup. Repost, with a description of *what* you
think is wrong, *why* you think something is wrong, and your complete,
*unedited* configuration files.
-Pete
Simon Hobson
>Ok, I made the jump and formatted my win2k box and installed redhat 9.
>Now im having a bear of a time getting my DNS set up. I have perused a
>gazillion how-to guides and am obviously missing something :( Im hoping
>some kind soul can help to keep me from going back to the dark side :P
How many times did you need to post this ?
>1. I am changing my domain to "mydomain"
Which means that no-one can run any tools to look at your problem.
I did spot this :
> >>>>>>> start /var/named/mydomain.com.zone
>
>$TTL 3600
>@ IN SOA ns1.mydomain.com. admin.mydomain.com. (
> 2003112501 ; serial
> 2880 ; refresh
> 720 ; retry
> 60480 ; expire
> 8640 ; ttl
> )
> IN NS ns1.mydomain.com.
> IN NS ns2.mydomain.com.
> IN MX 10 mail.mydomain.com.
>
>ns1 IN A 100.100.100.100
>
>ns2 IN A 100.100.100.100
>
>jomamma IN A 100.100.100.100
>
>www IN CNAME jomamma
>
>webserver IN A jomamma
>
>mail IN A jomamma
Last time I looked, "jomamma" isn't anything like a dotted decimal IP
address which is what should appear in the data part of an A record.
Whether this is your problem or not ...
If you stop, and then start named, what appears in the syslog (should
be /var/log/syslog IIRC) ? If there is a problem, it is highly likely
that something will be logged here.
But I understand your frustration. I too have spent many a stressful
hour puzzling over things that in the end turned out to be very
simple !
Simon
--
NOTE: This is a throw-away email address which will reach me for as
long as it stays spam-free, remove date for real address.
Simon Hobson, Technology Specialist
Colony Gift Corporation Limited
Lindal in Furness, Ulverston, Cumbria, LA12 0LD
Tel 01229 461100, Fax 01229 461101
Registered in England No. 1499611
Regd. Office : 100 New Bridge Street, London, EC4V 6JA.
Andy D
I have tried to respond to your questions below:
Pete Ehlke <p...@ehlke.net> wrote in message news:<bq2tse$otg$1...@sf1.isc.org>...
> On Wed, Nov 26, 2003 at 07:37:19AM +0000, andy dingfelder wrote:
> >
> > Ok, I made the jump and formatted my win2k box and installed redhat 9.
> > Now im having a bear of a time getting my DNS set up. I have perused a
> > gazillion how-to guides and am obviously missing something :( Im hoping
> > some kind soul can help to keep me from going back to the dark side :P
> >
> > Basially, I would love another set of eyes to look at my config to see
> > what I am doing wrong.
>
> You're going to have to tell us what it is that makes you think
> something is wrong. You haven't asked a question and you haven't
> described a problem. What is it that used to work but now doesn't?
Good point Pete,
Reading back on my notes (which I thought were complete) I failed to
list what I saw that was going wrong.
Basically, my issue is:
I can hit my server with the ip address directly
(http://66.47.74.218/index.html) but not using the domain name
(http://www.computingasyoulikeit.com/index.html)
Godaddy (I have my domain registered with them) responds with my
nameservers (ns1.computingasyoulikeit.com and
ns2.computingasyoulikeit.com) set to my ip 66.47.74.218, but if I do a
dig command, I get:
buyitsellit.com% dig @66.47.74.218 computingasyoulikeit.com
; <<>> DiG 8.3 <<>> @66.47.74.218 computingasyoulikeit.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; computingasyoulikeit.com, type = A, class = IN
;; Total query time: 26 msec
;; FROM: buyitsellit.com to SERVER: 66.47.74.218
;; WHEN: Wed Nov 26 22:18:03 2003
;; MSG SIZE sent: 42 rcvd: 42
I believe my configuration is not set up right so my name servers are
not resolving computingasyoulikeit.com or www.computingasyoulikeit.com
correctly
>
> >
> > Finally, I believe DNS is up and running because I can telnet to
> > localhost 53 and when I grep for "named", I get:
>
> Most dns transactions happen over udp, not tcp. It's good that you can
> make a tcp connection to your name server, but unless you can send it a
> query and get a response, you've not debugged much.
>
> >
> > For these examples:
> > 1. I am changing my domain to "mydomain"
>
> Don't do that. The DNS is inherently a public system. You don't protect
> anything by obscuring data, and you *do* make it impossible for people
> to actively debug your setup. Repost, with a description of *what* you
> think is wrong, *why* you think something is wrong, and your complete,
> *unedited* configuration files.
>
Ok, I will repost the files with my domain and ip dut I fear I will
dread it :( I the last time I posted my ip address, the number of
bogus (hacking) hits from the web increased dramatically. I believe I
am safe since I have my system locked down on all ports other than the
ones i listed above so I guess that is ok.
Regarding the "what" (ie what is wrong) I am not really sure at this
point, or I wouldn't be asking.
>
> -Pete
Here are the reposted config files:
>>>>>>> start /etc/hosts
127.0.0.1 jomamma localhost.localdomain localhost
>>>>>>> end /etc/hosts
----------------------------------------------------
>>>>>>> start /var/named/0.0.127.in-addr.arpa.zone
$TTL 3600
@ IN SOA ns1.computingasyoulikeit.com.
admin.computingasyoulikeit.com. (
2003112418 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
)
NS ns1.computingasyoulikeit.com.
NS ns2.computingasyoulikeit.com.
1 PTR localhost.
>>>>>>> end /var/named/0.0.127.in-addr.arpa.zone
----------------------------------------------------
>>>>>>> start /var/named/1.168.192.in-addr.arp.zone
$TTL 3600
@ IN SOA @ root.localhost (
2003112418 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
)
@ IN NS ns1.computingasyoulikeit.com.
@ IN NS ns2.computingasyoulikeit.com.
>>>>>>> end /var/named/1.168.192.in-addr.arp.zone
----------------------------------------------------
>>>>>>> start /var/named/computingasyoulikeit.com.zone
$TTL 3600
@ IN SOA ns1.computingasyoulikeit.com.
admin.computingasyoulikeit.com. (
2003112501 ; serial
2880 ; refresh
720 ; retry
60480 ; expire
8640 ; ttl
)
IN NS ns1.computingasyoulikeit.com.
IN NS ns2.computingasyoulikeit.com.
IN MX 10 mail.computingasyoulikeit.com.
ns1 IN A 66.47.74.218
ns2 IN A 66.47.74.218
jomamma IN A 66.47.74.218
www IN CNAME jomamma
webserver IN A jomamma
mail IN A jomamma
; eot
>>>>>>> end /var/named/computingasyoulikeit.com.zone
----------------------------------------------------
>>>>>>> start /var/named/localhost.zone
$TTL 3600
$ORIGIN localhost.
@ 1D IN SOA @ root (
2003112417 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
1D IN NS @
1D IN A 127.0.0.1
>>>>>>> end /var/named/localhost.zone
----------------------------------------------------
>>>>>>> start /var/named/named.local
$TTL 3600
@ IN SOA localhost. root.localhost. (
2003112417 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
>>>>>>> end /var/named/named.local
----------------------------------------------------
(in this file the 3 nameservers are earthlink's dns servers)
>>>>>>> end /etc/resolv.conf
search computingasyoulikeit.com