Caching only DNS server ---nlookup Errors , Help please..
Munn, Stuart SITI-IT-DIETS
I have been asked to set up a caching only DNS server for our site. The
reason is that we are hoping it will speed up dns queries for our local
systems and users. Our two main dns servers are located in another part of
the country but are connected with a decent WAN link.
I am a novice to DNS but have a few years experience with Solaris. I have
started to read the wonderful DNS Bind book, but my boss wants this up and
running quickly!! (don't they all).
The two main DNS servers are NT systems (boo) and I believe they are
authoritive for our local domain which is say "ziep.angus.com" the DNS
servers are: dns1.europe.angus.com and dns2.europe.angus.com. The local dns
server is localdns.ziep.angus.com.
I am using Solaris 2.8 and Bind version BIND 8.2.2-P5.
I have been to Suns doc online site and also looked at the info in the bind
book to set up my config files as below.
When I start up in.named I get the following error in the messages file.
ID 295310 daemon.info] sysquery: nlookup error on ?
DNS queries work OK on the local dns server as they point to DNS1 and DNS2,
but if I set up resolv.conf on local systems to point to
localdns.ziep.shell.com, they timeout and I get the error :
*** Can't find server name for address 129.6.200.202: Server failed
*** Default servers are not available
Is this because my local dns server is in a different domain?
Well I'm not really sure what this means, the first thing I do is search the
internet, but I can't find any real explanation, Has anyone got some help
for me? I really would appreciate it.
I am also downloading the latest version of bind just in case I get advised
to "use the latest version"! what are the main advantages of bind 9.2.
?
Hoping for some help, in the meantime I am going back to the O'reilly
book!...
Thanks
Stuart Munn
==================
/etc/named.conf
======================================
options {
directory "/var/named";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "db.127.0.0";
};
zone "." {
type hint;
file "db.cache";
};
file /var/named/db.cache
=========================================
;
@ IN SOA localdns.ziep.angus.com. root.localdns.ziep.angus.com. (
2002201104 ; serial number (YYYYDDMM##)
10800 ; refresh after 3 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
;
localdns.ziep.angus.com. 999999 IN A 129.6.200.202
;
europe.angus.com. IN NS dns1.europe.angus.com.
11.26.129.in-addr.arpa IN NS dns1.europe.angus.com.
dns1.europe.angus.com. IN A 129.26.11.20
;
europe.angus.com. IN NS dns2.europe.angus.com.
11.26.129.in-addr.arpa IN NS dns2.europe.angusl.com.
dns2.europe.angus.com. IN A 129.26.11..21
file /var/named/db.127.0.0
============================================
$TTL 3h
0.0.127.in-addr.arpa. IN SOA localdns.ziep.angus.com.
root.localdns.ziep.angus.com. (
2 ; Serial
360000 ; Refresh
30000 ; Retry
3600000 ; Expire
360000 ) ; Minimum
0.0.127.in-addr.arpa. IN NS localdns.ziep.angus.com.
1.0.0.127.in-addr.arpa. IN PTR localhost.
Simon Waters
"Munn, Stuart SITI-IT-DIETS" wrote:
>
> I hope someone can help.
> what are the main advantages of bind 9.2. ?
Security - it is better written and therefore has less security
problems.
It is better for dynamic DNS, but you didn't mention that, so I
assume you don't use it.
> zone "." {
> type hint;
> file "db.cache";
> };
Your db.cache file looks odd. The quick and dirty fix to get
your boss of your back is to use "type forward" here (see also
"forward only" in DNS and BIND) and specify the currently
working DNS servers as the two forwarders.
Then you can go back and read DNS and BIND, and figure out the
"right way" of doing what you want!
Mark_A...@isc.org
> I hope someone can help.
>
> reason is that we are hoping it will speed up dns queries for our local
> systems and users. Our two main dns servers are located in another part of
> the country but are connected with a decent WAN link.
>
> I am a novice to DNS but have a few years experience with Solaris. I have
> started to read the wonderful DNS Bind book, but my boss wants this up and
> running quickly!! (don't they all).
>
> The two main DNS servers are NT systems (boo) and I believe they are
> authoritive for our local domain which is say "ziep.angus.com" the DNS
> servers are: dns1.europe.angus.com and dns2.europe.angus.com. The local dns
> server is localdns.ziep.angus.com.
>
> I am using Solaris 2.8 and Bind version BIND 8.2.2-P5.
Upgrade. BIND 8.2.2-P5 has well known security vulnerabilities.
See http://www.isc.org/products/BIND/bind-security.html
> I have been to Suns doc online site and also looked at the info in the bind
> book to set up my config files as below.
>
> When I start up in.named I get the following error in the messages file.
>
> ID 295310 daemon.info] sysquery: nlookup error on ?
You don't have a valid hints file. See below.
>
> DNS queries work OK on the local dns server as they point to DNS1 and DNS2,
> but if I set up resolv.conf on local systems to point to
> localdns.ziep.shell.com, they timeout and I get the error :
> *** Can't find server name for address 129.6.200.202: Server failed
> *** Default servers are not available
nslookup is not a good diagnostic tool. nslookup depends on the
reverse dns working before it will ask the question you told it
to ask. I suggest that you use dig.
> Is this because my local dns server is in a different domain?
No.
> Well I'm not really sure what this means, the first thing I do is search the
> internet, but I can't find any real explanation, Has anyone got some help
> for me? I really would appreciate it.
>
> I am also downloading the latest version of bind just in case I get advised
> to "use the latest version"! what are the main advantages of bind 9.2.
> ?
>
> Hoping for some help, in the meantime I am going back to the O'reilly
> book!...
>
> Thanks
>
> Stuart Munn
>
> ==================
>
>
> /etc/named.conf
> ======================================
> options {
> directory "/var/named";
> };
>
> zone "0.0.127.in-addr.arpa" {
> type master;
> file "db.127.0.0";
> };
>
> zone "." {
> type hint;
> file "db.cache";
> };
>
>
>
> file /var/named/db.cache
> =========================================
> ;
> @ IN SOA localdns.ziep.angus.com. root.localdns.ziep.angus.com. (
>
> 2002201104 ; serial number (YYYYDDMM##)
> 10800 ; refresh after 3 hours
> 3600 ; retry after 1 hour
> 604800 ; expire after 1 week
> 86400 ) ; minimum TTL of 1 day
> ;
> localdns.ziep.angus.com. 999999 IN A 129.6.200.202
> ;
> europe.angus.com. IN NS dns1.europe.angus.com.
> 11.26.129.in-addr.arpa IN NS dns1.europe.angus.com.
> dns1.europe.angus.com. IN A 129.26.11.20
> ;
> europe.angus.com. IN NS dns2.europe.angus.com.
> 11.26.129.in-addr.arpa IN NS dns2.europe.angusl.com.
> dns2.europe.angus.com. IN A 129.26.11..21
db.cache is supposed to contain the list of root servers and
the corresponding address records.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 IN A 128.9.0.107
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
>
>
>
> file /var/named/db.127.0.0
>
> ============================================
> $TTL 3h
> 0.0.127.in-addr.arpa. IN SOA localdns.ziep.angus.com.
> root.localdns.ziep.angus.com. (
> 2 ; Serial
> 360000 ; Refresh
> 30000 ; Retry
> 3600000 ; Expire
> 360000 ) ; Minimum
> 0.0.127.in-addr.arpa. IN NS localdns.ziep.angus.com.
> 1.0.0.127.in-addr.arpa. IN PTR localhost.
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.A...@isc.org