LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Newly created DNS zones do not work? Help! (https://www.linuxquestions.org/questions/linux-server-73/newly-created-dns-zones-do-not-work-help-531268/)

Kreshna 02-22-2007 03:39 AM
Newly created DNS zones do not work? Help!
 
I'm trying to set up a DNS server (to manage local domain and hosts) on RHEL4ES. Actually, I followed the instructions here:
http://www.samspublishing.com/librar...eqNum=129&rl=1

However, unlike the instruction, I use icecastle.net as my local domain name instead of domain.cxm, and use the server name iceserver instead of mainserv. Also, my local network IP is 192.168.21.x instead of 192.168.100.x.

(by the way, the iceserver's IP address is 192.168.21.239).

First, I created two files: named.icecastle.net and named.192.168.21, then stored it in the directory /var/named/.

Here's the content of named.icecastle.net. iceheart-winxp is the host name of my notebook, by the way.
Code:
; should be stored as /var/named/named.icecastle.net
@      IN      SOA    iceserver.icecastle.net. hostmaster.icecastle.net.  (
                                      2007022201 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum

                    IN    NS          iceserver
                    IN    MX 10        iceserver

iceserver            IN    A            192.168.21.239
iceheart-winxp      IN    A            192.168.21.158
www                  IN    CNAME        iceserver
And here's the content of named.192.168.21:
Code:
; should be stored as /var/named/named.192.168.21
@    IN      SOA    iceserver.icecastle.net. hostmaster.icecastle.net. (
                                      2007022201 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
      IN      NS      iceserver.icecastle.net.

1    IN      PTR    iceserver.icecastle.net.
2    IN      PTR    iceheart-winxp.icecastle.net.
And then I added the following lines to the file /etc/named.conf:
Code:
zone "icecastle.net" IN {              #DNS for all host this domain
  type master;                  #file on this host
  file "named.icecastle.net";      #dns file for domain
};

zone "21.168.192.in-addr.arpa" IN {    #DNS for all IP's in subnet
        type master;                #file on this host
        file "named.192.168.21";  #DNS file for this subnet
};

I then restarted the named service without problems:
Code:
[root@iceserver ~]# service named restart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

When I tried to ping iceserver, it worked. When I tried to ping iceserver.icecastle.net, it worked as well:
Code:
[root@iceserver ~]# ping iceserver
PING iceserver.icecastle.net (192.168.21.239) 56(84) bytes of data.
64 bytes from iceserver.icecastle.net (192.168.21.239): icmp_seq=0 ttl=64 time=1.44 ms
Code:
[root@iceserver ~]# ping iceserver.icecastle.net
PING iceserver.icecastle.net (127.0.0.1) 56(84) bytes of data.
However, when I tried to ping the domain icecastle.net, it just failed. And when I tried to ping www.icecastle.net (www is the alias name for iceserver), it failed as well.


Also, when I tried to nslookup the iceserver, it failed as well, despite the ping was successful. Thus, I highly suspect that the ping was using the /etc/hosts file instead of the DNS.
Code:
[root@iceserver ~]# nslookup iceserver
Server:        192.168.21.239
Address:        192.168.21.239#53

** server can't find iceserver: NXDOMAIN
And when I tried to nslookup my local domain (icecastle.net), it failed as well:
Code:
[root@iceserver ~]# nslookup iceserver.icecastle.net
Server:        192.168.21.239
Address:        192.168.21.239#53

** server can't find iceserver.icecastle.net: SERVFAIL
So I guess the new zones I added to my DNS do not work at all. However, forwarding still works, since I can still nslookup for external domains like yahoo.com.

What actually happens? Help! :(


Here's the content of my /etc/resolv.conf file, by the way:
Code:
[root@iceserver ~]# cat /etc/resolv.conf
nameserver 192.168.21.239
And here's the full content of my /etc/named.conf
Code:
[root@iceserver ~]# cat /etc/named.conf
//
// named.conf for Red Hat caching-nameserver
//

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        /*
        * If there is a firewall between you and nameservers you want
        * to talk to, you might need to uncomment the query-source
        * directive below.  Previous versions of BIND always asked
        * questions using port 53, but BIND 8.1 uses an unprivileged
        * port by default.
        */
        // query-source address * port 53;
forwarders {
192.168.21.25;
202.47.78.8;
202.47.78.9;};
};

//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "icecastle.net" IN {              #DNS for all host this domain
  type master;                  #file on this host
  file "named.icecastle.net";      #dns file for domain
};

zone "21.168.192.in-addr.arpa" IN {    #DNS for all IP's in subnet
        type master;                #file on this host
        file "named.192.168.21";  #DNS file for this subnet
};

include "/etc/rndc.key";

bathory 02-22-2007 03:59 AM
Quote:
However, when I tried to ping the domain icecastle.net
You miss the origin:
Code:
@          IN    A            192.168.21.239
Quote:
And when I tried to ping www.icecastle.net (www is the alias name for iceserver), it failed as well.
Did you increase the serial when you added the cname?
Quote:
Also, when I tried to nslookup the iceserver, it failed as well
You need the following line in top of your /etc/resolv.conf:
Code:
domain icecastle.net

Kreshna 02-23-2007 02:42 AM
Quote:
Originally Posted by bathory
You miss the origin:
Code:
@          IN    A            192.168.21.239
Where should I put that line? Should I put it to replace the header line "@ IN SOA iceserver.icecastle.net. hostmaster.icecastle.net." ? You know, something like this?
Code:
; should be stored as /var/named/named.icecastle.net
@          IN    A            192.168.21.239 (
                                      2007022201 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
Or should I put it together with other lines, like this?
Code:
                    IN    NS          iceserver
                    IN    MX 10        iceserver

iceserver            IN    A            192.168.21.239
iceheart-winxp      IN    A            192.168.21.158
www                  IN    CNAME        iceserver
@                    IN    A            192.168.21.239




Quote:
Originally Posted by bathory
Did you increase the serial when you added the cname?
I did not, because the file named.icecastle.net. was created brand new. So I already put the CNAME line alongside with other lines when I wrote the file.

Or maybe I was wrong? Maybe I should add one line at a time? So maybe I should put iceserver IN A 192.168.21.239 first, then restarting the 'named' service. Then I should re-edit the file, increase the serial, and only then I can add the www IN CNAME iceserver line?

Is that the way it's supposed to work? I have to admit that I'm a total newbie when it goes to DNS stuff.





Quote:
Originally Posted by bathory
You need the following line in top of your /etc/resolv.conf:
Code:
domain icecastle.net
But before resolving this particular issue, I should solve the above issues first, am I correct?

bathory 02-23-2007 03:28 AM
Quote:
Where should I put that line?
You should put it with the other records:
Code:
@                    IN    A            192.168.21.239
iceserver            IN    A            192.168.21.239
iceheart-winxp      IN    A            192.168.21.158
www                  IN    CNAME        iceserver
If the zone file is brand new, then the CNAME should work. You can increase the serial and restart bind or reload the zone to see if it gets the changes. Also take a look at your logs to see if you find any errors.

Kreshna 02-28-2007 04:46 AM
Quote:
Originally Posted by bathory
You should put it with the other records:
Code:
@                    IN    A            192.168.21.239
iceserver            IN    A            192.168.21.239
iceheart-winxp      IN    A            192.168.21.158
www                  IN    CNAME        iceserver
Hi, you're correct. Thanks!

So I added the lines, and now I can nslookup iceserver.icecastle.net, www.icecastle.net, and iceheart-winxp.icecastle.net.
Code:
[root@iceserver ~]# nslookup iceserver.icecastle.net
Server:        192.168.21.239
Address:        192.168.21.239#53

Name:  iceserver.icecastle.net
Address: 192.168.21.239

[root@iceserver ~]# nslookup www.icecastle.net
Server:        192.168.21.239
Address:        192.168.21.239#53

www.icecastle.net      canonical name = iceserver.icecastle.net.
Name:  iceserver.icecastle.net
Address: 192.168.21.239

[root@iceserver ~]# nslookup iceheart-winxp.icecastle.net
Server:        192.168.21.239
Address:        192.168.21.239#53

Name:  iceheart-winxp.icecastle.net
Address: 192.168.21.158

However, I still have some problems:

First, I cannot ping nor nslookup the domain name itself. So while I can ping (or nslookup) iceserver.icecastle.net, I just cannot ping (and nslookup) icecastle.net. Here's the message:
Code:
[root@iceserver ~]# ping iceserver.icecastle.net
PING iceserver.icecastle.net (127.0.0.1) 56(84) bytes of data.
64 bytes from iceserver.icecastle.net (127.0.0.1): icmp_seq=0 ttl=64 time=0.905 ms
64 bytes from iceserver.icecastle.net (127.0.0.1): icmp_seq=1 ttl=64 time=0.169 ms

--- iceserver.icecastle.net ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1003ms
rtt min/avg/max/mdev = 0.169/0.537/0.905/0.368 ms, pipe 2
[root@iceserver ~]#
[root@iceserver ~]# ping icecastle.net
ping: unknown host icecastle.net
[root@iceserver ~]#
[root@iceserver ~]#
[root@iceserver ~]#
[root@iceserver ~]# nslookup iceserver.icecastle.net
Server:        192.168.21.239
Address:        192.168.21.239#53

Name:  iceserver.icecastle.net
Address: 192.168.21.239

[root@iceserver ~]#
[root@iceserver ~]# nslookup icecastle.net
Server:        192.168.21.239
Address:        192.168.21.239#53

*** Can't find icecastle.net: No answer

The second problem is that the reverse zone (21.168.192.in-addr.arpa) doesn't seem to work. Here's what happen:
Code:
[root@iceserver ~]# nslookup 192.168.21.239
Server:        192.168.21.239
Address:        192.168.21.239#53

** server can't find 239.21.168.192.in-addr.arpa: NXDOMAIN
And here's the content of my named.192.168.21 file:
Code:
; should be stored as /var/named/named.192.168.21
@    IN      SOA    iceserver.icecastle.net. hostmaster.icecastle.net. (
                                      2007022208 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
        IN      NS      iceserver.icecastle.net.
239    IN      PTR    iceserver.icecastle.net.
158    IN      PTR    iceheart-winxp.icecastle.net.

What could be wrong?

Thanks,

bathory 02-28-2007 05:46 AM
Quote:
First, I cannot ping nor nslookup the domain name itself
The @ should work. Anyway you can also add somthing like:
Code:
icecastle.net. IN A 192.168.21.239
As for the reverse lookup problem add the following line at the top of your named.192.168.21file (before the SOA record):
Code:
$ORIGIN 21.168.192.in-addr.arpa.
In both cases increase serials and restart named or reload zones.

reddazz 02-28-2007 11:08 AM
Moved: This thread is more suitable in Linux Server and has been moved accordingly to help your thread/question get the exposure it deserves.


All times are GMT -5. The time now is 03:49 PM.