LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 03-01-2007, 09:20 AM   #1
zWaR
Member
 
Registered: Dec 2003
Distribution: Slackware 13.0, Backtrack 5 R1
Posts: 216

Rep: Reputation: 35
DNS problems


Hi!

I'm administrating a DNS domain and i'm having some problems. I own a domain, let's call it zwar.com. On the server i wish the domain would point to, i set up a DNS server, with A record, which binds zwar.com to the IP address:

Code:
zwar.com. IN SOA ns1.zwar.com. zwar.zwar.com (
          ;here are serial and other nessesery options )
zwar.com. IN NS ns1.zwar.com.
ns1.zwar.com. IN A <IP_address>
www.zwar.com IN CNAME ns1.zwar.com.
At the company, which registered my domain i changed the DNS servers to ns1.zwar.com. Now the thing is, that ns1.zwar.com perfectly works, but zwar.com does not and i don't know why. If i try to run nslookup from ns1.zwar.com:

Code:
nslookup - ns1.zwar.com
> www.zwar.com
i get correct answer. The same if i try to use dig from ns1.zwar.com:
Code:
dig @ns1.zwar.com www.zwar.com
I don't understand why is it not working in global scope (running just nslookup www.zwar.org returns no results). Correct me please if i am wrong, but i believe that's the logic behind dns queries:
when i issue a DNS query the default DNS server gives me the address of the DNS server which is bound to the domain (the information about it is stored on DNS servers of the registration company), where my query is run once again and the server responds with the correct IP.
Illustrating it with an example: when i issue a dns query for www.zwar.com (e.g. nslookup www.zwar.com) the default dns server looks up it's tables and sees the domain zwar.com is registered by the company xy and redirects the query to their dns server, there the server redirects the query to the correct dns server, which is bound to the domain (in my case, this is the server i configured) and the last one tells which IP is bound to the domain name www.zwar.com and issues the respond.

Please help if you can, the thing is really urgent, since the domain should be working for couple of days now, but i was still not able to set it up.

Last edited by zWaR; 03-01-2007 at 09:41 AM.
 
Old 03-01-2007, 09:32 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,771

Rep: Reputation: 1283Reputation: 1283Reputation: 1283Reputation: 1283Reputation: 1283Reputation: 1283Reputation: 1283Reputation: 1283Reputation: 1283
You miss the ns1 A record:
Code:
ns1 IN A <IP_address>
 
Old 03-01-2007, 09:43 AM   #3
zWaR
Member
 
Registered: Dec 2003
Distribution: Slackware 13.0, Backtrack 5 R1
Posts: 216

Original Poster
Rep: Reputation: 35
thank you for the notification. I made a mistake in the post before. I edited it and corrected the posted dns config.
 
Old 03-01-2007, 09:57 AM   #4
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
The delegation of zwar.com does not lead to your server from the looks of a trace -
Code:
jim@jimsworktop:~$ dig +trace zwar.com

; <<>> DiG 9.3.4 <<>> +trace zwar.com
;; global options:  printcmd
.                       143531  IN      NS      J.ROOT-SERVERS.NET.
.                       143531  IN      NS      K.ROOT-SERVERS.NET.
.                       143531  IN      NS      L.ROOT-SERVERS.NET.
.                       143531  IN      NS      M.ROOT-SERVERS.NET.
.                       143531  IN      NS      A.ROOT-SERVERS.NET.
.                       143531  IN      NS      B.ROOT-SERVERS.NET.
.                       143531  IN      NS      C.ROOT-SERVERS.NET.
.                       143531  IN      NS      D.ROOT-SERVERS.NET.
.                       143531  IN      NS      E.ROOT-SERVERS.NET.
.                       143531  IN      NS      F.ROOT-SERVERS.NET.
.                       143531  IN      NS      G.ROOT-SERVERS.NET.
.                       143531  IN      NS      H.ROOT-SERVERS.NET.
.                       143531  IN      NS      I.ROOT-SERVERS.NET.
;; Received 436 bytes from 207.69.188.186#53(207.69.188.186) in 79 ms

com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
;; Received 498 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 78 ms

zwar.com.               172800  IN      NS      ns1.15x.net.
zwar.com.               172800  IN      NS      ns2.15x.net.
;; Received 101 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 82 ms

zwar.com.               300     IN      A       216.187.118.221
zwar.com.               3600    IN      NS      ns2.15x.net.
zwar.com.               3600    IN      NS      ns1.15x.net.
;; Received 117 bytes from 66.199.187.170#53(ns1.15x.net) in 99 ms
So instead of reaching your nameserver which should have the same address as your A record, 216.187.118.221 it gets an authoritative answer at ns1 and ns2.15x.net.

Also, from the looks of this test, your machine at the A record doesn't even answer.
Code:
jim@jimsworktop:~$ dig zwar.com @216.187.118.221

; <<>> DiG 9.3.4 <<>> zwar.com @216.187.118.221
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
I would guess that you have DNS on a box that doesn't have port 53 open to the world. Also, since the nameservers at 15x.net are listed as authoritative, you don't have the nameservers pointed to yourself at the registrar where you created the domain.

One other thing, nslookup is about the most useless DNS troubleshooting tool ever. Please use dig, you'll get much better answers.

Peace,
JimBass
 
Old 03-01-2007, 10:04 AM   #5
zWaR
Member
 
Registered: Dec 2003
Distribution: Slackware 13.0, Backtrack 5 R1
Posts: 216

Original Poster
Rep: Reputation: 35
zwar.com was just an example. I don't know if the company i am working for would be happy if their info was exposed on a forum, so i posted just an nonexistenble domain as an example.
 
Old 03-01-2007, 10:24 AM   #6
muha
Member
 
Registered: Nov 2005
Distribution: xubuntu, grml
Posts: 451

Rep: Reputation: 37
I'm new at this but:
Code:
www.zwar.com IN CNAME ns1.zwar.com.
Misses a dot.

Also why not use:
Code:
www IN CNAME ns1
 
Old 03-01-2007, 10:37 AM   #7
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 48
Well, we can't troubleshoot examples. Check the BIND mailing lists. If you want DNS help many people are glad to provide it, but we can't test things out in a theoretical way. There is no risk to the DNS by posting the domain name. I can't speak for the website itself, as I have no idea how it is set up, but long story short, without the real domain to test, you're on your own to find the problem.

DNS isn't an attack vector, so I see no problem in posting the true domain name.

Peace,
JimBass
 
Old 03-01-2007, 11:18 AM   #8
flashingcurser
Member
 
Registered: Jan 2003
Distribution: many win/nix/mac
Posts: 259

Rep: Reputation: 31
As has been stated before: Have you pointed your registrar towards your dns? You can host your own nameserver but normally you have to let your registrar know what the address of your server is. If you haven't done this, check their webpage or call them. I always call network solutions, their web page is confusing. Godaddy is pretty easy to figure out from the webpage, mileage may vary. Also when you do update your registrar, it can take some time to propagate through various caches. Most registrars say 24-48 hours, though I have never seen it take that long...

dan
 
Old 03-02-2007, 10:24 AM   #9
zWaR
Member
 
Registered: Dec 2003
Distribution: Slackware 13.0, Backtrack 5 R1
Posts: 216

Original Poster
Rep: Reputation: 35
Yuhu!! I've solved it. The catch was, i didn't configure two DNS servers on the registrar, just one (primary server). Thank you for your time and help!!
 
  


Reply

Tags
dig, dns, domain, nslookup


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS Problems? gravediggers Linux - Networking 3 01-01-2006 05:33 PM
DNS Problems imemyself Linux - Networking 11 05-31-2005 08:43 PM
DNS problems with RH 9 ryoga92 Linux - Networking 10 06-28-2004 05:56 AM
Problems with DNS aqoliveira Linux - Networking 12 10-29-2003 11:01 AM
need help: DNS problems kcwoo Linux - General 0 03-12-2002 10:53 PM


All times are GMT -5. The time now is 03:31 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration