LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 01-29-2009, 10:00 AM   #1
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Rep: Reputation: Disabled
Help on troubleshooting named issue


I have a problem where some hosts in one of our zone files resolve while others do not. I do not see any syntax errors and out of ideas on where to look. The zone file for another domain is pretty much the same but all of its hosts resolve. Does order matter?

In the first zone file below, intranet, ftp and dev will not resolve while www and mail will. In the second, everything resolves. I'm pretty green on named, but one thing I see is that in the SOA record in the first, admin.foo.com matches the domain while in the second it doesn't.

Any advice on how to troubleshoot this?


$ttl 38400
foo.com. IN SOA server.bar.com. admin.foo.com. (
1204064234
10800
3600
604800
38400 )
foo.com. IN NS 192.168.1.2
foo.com. IN A 192.168.1.2
www.foo.com. IN A 192.168.1.2
intranet.foo.com. IN A 192.168.1.2
mail.foo.com. IN MX 0 192.168.1.3
mail.foo.com. IN A 192.168.1.3
ftp.foo.com. IN A 192.168.1.2
dev.foo.com. IN A 192.168.1.6


$ttl 38400
foollc.com. IN SOA server.bar.com. admin.foo.com. (
1202748448
10800
3600
604800
38400 )
foollc.com. IN NS 192.168.1.2
www.foollc.com. IN A 192.168.1.2
ftp.foollc.com. IN A 192.168.1.2
mail.foollc.com. IN A 192.168.1.3
foollc.com. IN A 192.168.1.2
mail.foollc.com. IN MX 0 192.168.1.3
intranet.foollc.com. IN A 192.168.1.2
secure.foollc.com. IN A 192.168.1.2
dev.foollc.com. IN A 192.168.1.6
 
Old 01-29-2009, 12:42 PM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,157
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
If you have recently added these hosts, you should increase the serial (the number 1204064234) and reload named.
 
Old 01-29-2009, 02:05 PM   #3
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
I recently took over this installation, so I can't say if the serial was increased the last time changes were made. The timestamp on the zone files in March, 2008 so that haven't changed recently. Would the serial still need to be increased?

Brandon
 
Old 01-29-2009, 02:21 PM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,157
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
You can increase the serial and run
Code:
rndc reload
to reload the zone file.
 
Old 01-29-2009, 03:12 PM   #5
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
OK, I incremented the serial by one and reloaded named, but it didn't help. I supposed I should mention that the lookups that are failing fail even when trying to resolve them on the host that is running named. And, of course, any host that uses this host and its nameserver.

Is there anything else to try? Any logs I can look at that might tell me more?

Brandon
 
Old 01-29-2009, 04:28 PM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,157
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
Post the output of:
Code:
dig dev.foo.com
If there is a section logging in named.conf look at the logfile that is defined there. Else logs are written to /var/log/messages or /var/log/syslog.
 
Old 01-29-2009, 04:48 PM   #7
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
Here is the output of two dig commands. One that gives a valid answer and one that doesn't. foo.com and foollc.com are actually geronimoalloys.com and geronimoalloysllc.com. The authority section for the one that doesn't look right.


$ dig dev.geronimoalloys.com

; <<>> DiG 9.3.3rc2 <<>> dev.geronimoalloys.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15106
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dev.geronimoalloys.com. IN A

;; AUTHORITY SECTION:
geronimoalloys.com. 86400 IN SOA ns1. dnsadmin.maiparts.com. 22 10800 3600 604800 86400

;; Query time: 24 msec
;; SERVER: 192.168.1.20#53(192.168.1.20)
;; WHEN: Thu Jan 29 16:41:55 2009
;; MSG SIZE rcvd: 97

$ dig dev.geronimoalloysllc.com

; <<>> DiG 9.3.3rc2 <<>> dev.geronimoalloysllc.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50340
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dev.geronimoalloysllc.com. IN A

;; ANSWER SECTION:
dev.geronimoalloysllc.com. 38400 IN A 192.168.1.6

;; AUTHORITY SECTION:
geronimoalloysllc.com. 38400 IN NS 192.168.1.2.geronimoalloysllc.com.

;; Query time: 2 msec
;; SERVER: 192.168.1.20#53(192.168.1.20)
;; WHEN: Thu Jan 29 16:42:44 2009
;; MSG SIZE rcvd: 85
 
Old 01-29-2009, 05:03 PM   #8
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,157
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
Quote:
;; AUTHORITY SECTION:
geronimoalloys.com. 86400 IN SOA ns1. dnsadmin.maiparts.com. 22 10800 3600 604800 86400
Well, it seems that the serial of the zone file is 22 and not 1204064235. Are you sure you're editing the correct file?
What is the path in the "directory ..." option in named.conf?
And what is the output of:
Code:
ps -ef|grep named
 
Old 01-29-2009, 05:17 PM   #9
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
Thanks for sticking with me. This DNS installation is a mess which is why I'm digging into all of this.

$ grep directory /etc/named.conf
directory "/var/named";
$ ps -ef|grep named
named 2121 1 0 2008 ? 00:49:53 /usr/sbin/named -u named -t /var/named/chroot
root 31926 31897 0 17:13 pts/1 00:00:00 grep named
$ grep geronimoalloys.com /etc/named.conf
zone "geronimoalloys.com" {
file "/var/named/geronimoalloys.com.localhost.hosts";

So, I'm editing /var/named/chroot/var/named/geronimoalloys.com.localhost.hosts

And I have no idea where dnsadmin.maiparts.com is coming from in the dig output. maiparts.com is one of domains and it's mixed into the config, but not sure where.
 
Old 01-29-2009, 05:25 PM   #10
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
One thing I see that is interesting is I have another zone file for maiparts.com that looks pretty much the same as the others and lookups for dev, intranet and mail fail. For the one that works I have

geronimoalloysllc.com. IN NS 192.168.1.2
www.geronimoalloysllc.com. IN A 192.168.1.2
ftp.geronimoalloysllc.com. IN A 192.168.1.2
mail.geronimoalloysllc.com. IN A 192.168.1.3
geronimoalloysllc.com. IN A 192.168.1.2
mail.geronimoalloysllc.com. IN MX 0 192.168.1.3
intranet.geronimoalloysllc.com. IN A 192.168.1.2
secure.geronimoalloysllc.com. IN A 192.168.1.2
dev.geronimoalloysllc.com. IN A 192.168.1.6

but the ones that don't I have

geronimoalloys.com. IN NS 192.168.1.2
geronimoalloys.com. IN A 192.168.1.2
www.geronimoalloys.com. IN A 192.168.1.2
intranet.geronimoalloys.com. IN A 192.168.1.2
mail.geronimoalloys.com. IN MX 0 192.168.1.3
mail.geronimoalloys.com. IN A 192.168.1.3
ftp.geronimoalloys.com. IN A 192.168.1.2
dev.geronimoalloys.com. IN A 192.168.1.6


The difference I see is there is an NS record for domain.com and an A record for domain.com follows immediately. And then an A record for www.domain.com which resolves, but nothing else does. For the domain where everything resolves, the A record for domain.com doesn't immediately follow the NS record.

Not sure if that is suspect.
 
Old 01-29-2009, 05:35 PM   #11
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,157
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
So you're running named chrooted. The records order doesn't matter
Do a recursive grep to find the zone file used based on the SOA of the failing query:
Code:
find /var/named/chroot/var/named -exec grep dnsadmin.maiparts.com. {} /dev/null \;
 
Old 01-29-2009, 07:06 PM   #12
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
Yeah, I had looked for that, but it doesn't seem obvious to me. No file referenced in /etc/named.conf contains dnsadmin.maiparts.com. db.maiparts.com does, but wouldn't that need to be referenced?


# grep file /etc/named.conf
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
file "named.ca";
file "localdomain.zone";
file "localhost.zone";
file "named.local";
file "named.ip6.local";
file "named.broadcast";
file "named.zero";
file "/var/named/geronimoalloysllc.com.localhost.hosts";
file "/var/named/geronimoalloys.com.localhost.hosts";
file "/var/named/maiparts.com.localhost.hosts";
# find /var/named/chroot/var/named -exec \
> grep dnsadmin.maiparts.com {} /dev/null \;
/var/named/chroot/var/named/db.maiparts.com.old:@ IN SOA ns1 dnsadmin.maiparts.com. (
/var/named/chroot/var/named/db.maiparts.com.internal:@ IN SOA ns1.maiparts.com dnsadmin.maiparts.com. (
/var/named/chroot/var/named/db.216.206.73.26:@ IN SOA ns1.maiparts.com. dnsadmin.maiparts.com. (
/var/named/chroot/var/named/db.maiparts.com.external:@ IN SOA ns1 dnsadmin.maiparts.com. (
 
Old 01-30-2009, 05:50 AM   #13
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,157
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
I'm really confused with this mess. It seems that named doesn't use the zone files in /var/named/chroot/var/named!!!
What I suggest you to do is to add another (fake) domain in your dns and see if it works.
Follow these steps:

Add the following in /etc/named.conf:
Code:
zone "fakedomain.com" {
        type master;
        file "fakedomain.db";
};
Now create the /var/named/chroot/var/named/fakedomain.db and copy/paste the following:
Code:
$TTL 86400
@                 IN SOA  ns1.fakedomain.com. dnsadmin.maiparts.com. (
                                2009013001 ; serial
                                28800            ; refresh (8 hours)
                                7200              ; retry (2 hours)
                                604800          ; expire (1 week)
                                86400            ; minimum (1 day)
                                )
                        NS       ns1.fakedomain.com.
                        MX      10 mail.fakedomain.com.

@                    IN A 192.168.1.2
ns1.fakedomain.com,.      IN A 192.168.1.2
www.fakedomain.com.     IN A 192.168.1.2
intranet.fakedomain.com. IN A 192.168.1.2
mail.fakedomain.com.        IN A 192.168.1.3
ftp.fakedomain.com.         IN A 192.168.1.2
dev.fakedomain.com.        IN A 192.168.1.6
Make sure that it's owned by the user named (and the group he belongs) and restart named to see what happens.
 
Old 01-30-2009, 07:23 AM   #14
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
Yep, that works. I think the best thing for me to do is remove all of the extra junk in the /var/named/chroot/var/named/ directory and then mimic what you provided for my real zone files.

One question. Can you explain what field that dnsadmin.maiparts.com resides in is for? The examples I've found in different documentation doesn't have that.

I really appreciate your help.

Brandon
 
Old 01-30-2009, 07:47 AM   #15
brandon@rhiamet.com
LQ Newbie
 
Registered: Jan 2009
Posts: 20

Original Poster
Rep: Reputation: Disabled
Got it. It's an email address.

I'm going to start cleaning up and I may have another question or two if you don't mind.

Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Troubleshooting network issue on Redhat Linux for a Newbie Neatoboy Red Hat 10 10-08-2008 05:38 PM
FC4 System Crash bcs chown -R named:named extend joangopan Fedora 1 09-09-2007 02:46 AM
chown -R named:named /var/named crash the system? joangopan Fedora 2 09-09-2007 02:46 AM
troubleshooting red hat linux enterprise 4 ES (drive issue?) palmoswince Linux - Newbie 3 10-18-2005 12:58 AM
named - reverse mapping issue dkaplowitz Linux - Networking 2 12-01-2003 09:29 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 02:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration