problem testing with nslookup
Stefan Demarmels
I'm configuring my first dns-server. I'm using devian-linux potato and
bind9.2.
My problem:
If I do an nslookup from my dns-server to localhost I get:
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: localhost.lai5p.ch
Address 172.0.0.1
If I do an nslookup from my dns-server to bind (hostname) I get:
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: bind.lai5p.ch
Address: 172.16.0.4
Acording to my book (DNS and Bind --> O'Reilly) I should get for Server the
name om my machine back and for Address the Address of eth0 --> 172.16.0.4
If I do an nslookup from a different linux-machine on the net, nslookup
172.16.0.4, I get:
Server: miami
Address: 0.0.0.0
*** miami can't find 172.16.0.4: No response from server ***
My syslog says:
....named: starting BIND 9.2.0
....named: using 1 CPU
....named: loading configuration from '/etc/named.conf'
....named: no IPv6 interfaces found
....named: listening on IPv4 interface lo, 127.0.0.1#53
....named: listening on IPv4 interface eth0, 172.16.0.4#53
....named: none:0: open: /etc/rndc.key: file not found
....named: couldn't add command channel 127.0.0.1#953: file not found
....named: zone 0.0.127.in-addr.arpa/IN: loaded serial 1
....named: zone 16.172.in-addr.arpa/IN: loaded serial 1
....named: zone lai5p.ch/IN: loaded serial 1
....named: running
....named: zone lai5p.ch/IN: sending notifies (serial 1)
I have compared my files over and over again, but just didn't find anything.
For any help I'm verry thankfull.
Greetings Stefan
Simon Waters
Stefan Demarmels wrote:
>
> Hi NG!
> I'm configuring my first dns-server. I'm using devian-linux potato and
> bind9.2.
> My problem:
> If I do an nslookup from my dns-server to localhost I get:
Learn to use "dig" rather than nslookup.
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> Name: localhost.lai5p.ch
> Address 172.0.0.1
This looks okay.
> If I do an nslookup from my dns-server to bind (hostname) I get:
>
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> Name: bind.lai5p.ch
> Address: 172.16.0.4
>
> Acording to my book (DNS and Bind --> O'Reilly) I should get for Server the
> name om my machine back and for Address the Address of eth0 --> 172.16.0.4
We can't tell if this is right or not since you don't give us
the content of the lai5p.ch zone, but it looks a reasonable
answer, as your log file shows 172.16.0.4 as a local interface.
> If I do an nslookup from a different linux-machine on the net, nslookup
> 172.16.0.4, I get:
>
> Server: miami
> Address: 0.0.0.0
>
> *** miami can't find 172.16.0.4: No response from server ***
Incorrect resolv.conf?
> ....named: none:0: open: /etc/rndc.key: file not found
> ....named: couldn't add command channel 127.0.0.1#953: file not found
Instructions on creating this file are in the Administrator
Reference Manual, included with BIND 9, or on the www.isc.org
site.
Stefan Demarmels
> >
> > Hi NG!
> > I'm configuring my first dns-server. I'm using devian-linux potato and
> > bind9.2.
> > My problem:
> > If I do an nslookup from my dns-server to localhost I get:
>
> Learn to use "dig" rather than nslookup.
Yes, I think you're right. I guess in "Bind and DNS" I should find something
about dig.
>
> > Server: 127.0.0.1
> > Address: 127.0.0.1#53
> >
> > Name: localhost.lai5p.ch
> > Address 172.0.0.1
>
> This looks okay.
>
> > If I do an nslookup from my dns-server to bind (hostname) I get:
> >
> > Server: 127.0.0.1
> > Address: 127.0.0.1#53
> >
> > Name: bind.lai5p.ch
> > Address: 172.16.0.4
> >
> > Acording to my book (DNS and Bind --> O'Reilly) I should get for Server
the
> > name om my machine back and for Address the Address of eth0 -->
172.16.0.4
>
> We can't tell if this is right or not since you don't give us
> the content of the lai5p.ch zone, but it looks a reasonable
> answer, as your log file shows 172.16.0.4 as a local interface.
My db.lai5p.ch file
$TTL 3h
lai5p.ch IN SOA bind.lai5p.ch stevey.bluewin.ch (
1
3h
1h
1w
1h
);
lai5p.ch IN NS bind.lai5p.ch
lai5p.ch IN NS win98ws1.lai5p.ch
lai5p.ch IN NS poolpot.lai5p.ch
lai5p.ch IN NS brunhilde.lai5p.ch
localhost.lai5p.ch IN A 127.0.0.1
bind.lai5p.ch IN A 172.16.0.4
win98ws1.lai5p.ch IN A 172.16.0.2
brunhilde.lai5p.ch IN A 172.16.0.3
poolpot.lai5p.ch IN A 172.16.0.1
lh.lai5p.ch IN CNAME localhost.lai5p.ch
bd.lai5p.ch IN CNAME bind.lai5p.ch
win1.lai5p.ch IN CNAME win98ws1.lai5p.ch
bh.lai5p.ch IN CNAME brunhilde.lai5p.ch
plpt.lai5p.ch IN CNAME poolpot.lai5p.ch
>
> > If I do an nslookup from a different linux-machine on the net, nslookup
> > 172.16.0.4, I get:
> >
> > Server: miami
> > Address: 0.0.0.0
> >
> > *** miami can't find 172.16.0.4: No response from server ***
>
> Incorrect resolv.conf?
Acording to my syslog, my resolv.conf dosn't exsist.
>
> > ....named: none:0: open: /etc/rndc.key: file not found
> > ....named: couldn't add command channel 127.0.0.1#953: file not found
>
> Instructions on creating this file are in the Administrator
> Reference Manual, included with BIND 9, or on the www.isc.org
> site.
>
Ok, I'll have to look at quite some things.
Thanks alot!
Stefan
Simon Waters
Stefan Demarmels wrote:
>
> > > Acording to my book (DNS and Bind --> O'Reilly) I should get for Server
> the
It give the reverse lookup of the nameserver IP it is connected
via, I believe although I don't "nslookup" often these days.
So 127.0.0.1 is either defined in /etc/resolv.conf as the first
nameserver, or /etc/resolv.conf doesn't exist and it defaulted
to local.
You have 0.0.127.in-addr.arpa defined, so if that zone file has
a record "1 PTR localhost." you might have got "localhost" back,
but perhaps your nslookup is different from mine in that regard
(One of the problems with nslookup is many vendors versions are
different).
> > > name om my machine back and for Address the Address of eth0 -->
> 172.16.0.4
"bind" maps to 172.16.0.4 in your zone file so that looks okay.
> $TTL 3h
> lai5p.ch IN SOA bind.lai5p.ch stevey.bluewin.ch (
Trailing "."'s missing...
Try "dig @127.0.0.1 lai5p.ch SOA" and see what I mean.
> 1
> 3h
> 1h
> 1w
> 1h
Nothing wrong, but do you really want to cache "NXDOMAIN" for an
hour. This means when you add a host it could take an hour if
people tried to get it before it was ready. I fine my users
sometime have impatiently tried to use an entry before it is
added, or worse if you make a mistake on adding it
(disagreements on spelling that kind of thing).
> );
>
> lai5p.ch IN NS bind.lai5p.ch
> lai5p.ch IN NS win98ws1.lai5p.ch
> lai5p.ch IN NS poolpot.lai5p.ch
> lai5p.ch IN NS brunhilde.lai5p.ch
Trailing "."'s!
> localhost.lai5p.ch IN A 127.0.0.1
> bind.lai5p.ch IN A 172.16.0.4
> win98ws1.lai5p.ch IN A 172.16.0.2
> brunhilde.lai5p.ch IN A 172.16.0.3
> poolpot.lai5p.ch IN A 172.16.0.1
>
> lh.lai5p.ch IN CNAME localhost.lai5p.ch
> bd.lai5p.ch IN CNAME bind.lai5p.ch
> win1.lai5p.ch IN CNAME win98ws1.lai5p.ch
> bh.lai5p.ch IN CNAME brunhilde.lai5p.ch
> plpt.lai5p.ch IN CNAME poolpot.lai5p.ch
Trailing "."'s
> >
> > > If I do an nslookup from a different linux-machine on the net, nslookup
> > > 172.16.0.4, I get:
> > >
> > > Server: miami
> > > Address: 0.0.0.0
> > >
> > > *** miami can't find 172.16.0.4: No response from server ***
> >
> > Incorrect resolv.conf?
>
> Acording to my syslog, my resolv.conf dosn't exsist.
Okay resolv.conf is just a list of nameserver to use (Using IP
address of course!)
You might want something like this on "miami" in resolv.conf.
search lai5p.ch
nameserver 172.16.0.4
nameserver 172.16.0.1
(I've assumed poolpot provides recursive name resolution, as
well as authoritative data for the "lai5p.ch" domain).
"DNS and BIND" is an excellent book, although if the DNS
protocols get any more bloated, we'll be needing an
introductory, and advanced versions of it soon.
Stefan Demarmels
> > 172.16.0.4, I get:
> >
> > Server: miami
> > Address: 0.0.0.0
> >
> > *** miami can't find 172.16.0.4: No response from server ***
>
> Incorrect resolv.conf?
Yes, I had to create one and configure it the right way.
>
> > ....named: none:0: open: /etc/rndc.key: file not found
> > ....named: couldn't add command channel 127.0.0.1#953: file not found
>
> Instructions on creating this file are in the Administrator
> Reference Manual, included with BIND 9, or on the www.isc.org
> site.
>
My db.lai5p.ch file
$TTL 3h
lai5p.ch IN SOA bind.lai5p.ch stevey.bluewin.ch (
1
3h
1h
1w
1h
);
lai5p.ch IN NS bind.lai5p.ch
lai5p.ch IN NS win98ws1.lai5p.ch
lai5p.ch IN NS poolpot.lai5p.ch
lai5p.ch IN NS brunhilde.lai5p.ch
localhost.lai5p.ch IN A 127.0.0.1
bind.lai5p.ch IN A 172.16.0.4
win98ws1.lai5p.ch IN A 172.16.0.2
brunhilde.lai5p.ch IN A 172.16.0.3
poolpot.lai5p.ch IN A 172.16.0.1
lh.lai5p.ch IN CNAME localhost.lai5p.ch
bd.lai5p.ch IN CNAME bind.lai5p.ch
win1.lai5p.ch IN CNAME win98ws1.lai5p.ch
bh.lai5p.ch IN CNAME brunhilde.lai5p.ch
plpt.lai5p.ch IN CNAME poolpot.lai5p.ch
In the last message you sent, you wrote something like "."'s missing, what
did you mean with this? I couldn't find anyting like it in my book.
Greetings from CH
Stefan
Kevin Darcy
Stefan Demarmels wrote:
> > > If I do an nslookup from a different linux-machine on the net, nslookup
> > > 172.16.0.4, I get:
> > >
> > > Server: miami
> > > Address: 0.0.0.0
> > >
> > > *** miami can't find 172.16.0.4: No response from server ***
> >
> > Incorrect resolv.conf?
>
> Yes, I had to create one and configure it the right way.
>
> >
> > > ....named: none:0: open: /etc/rndc.key: file not found
> > > ....named: couldn't add command channel 127.0.0.1#953: file not found
> >
> > Instructions on creating this file are in the Administrator
> > Reference Manual, included with BIND 9, or on the www.isc.org
> > site.
> >
Standard zonefile-parsing rule: any name that doesn't end in "." is parsed as
if it had the zone origin appended to it.
So, for example, "win1.lai5p.ch" will be parsed as "win1.lai5p.ch.lai5p.ch.",
which is probably not what you want.
Either leave the zone origin off of those names, e.g. just "win1", or put a
"." at the end of the name, e.g. "win1.lai5p.ch.".
- Kevin