LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Password
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.

Notices

Reply
 
Search this Thread
Old 05-01-2008, 06:15 AM   #1
ssarrinah
LQ Newbie
 
Registered: May 2008
Posts: 16

Rep: Reputation: 0
Unhappy trying to create my own DNS with mandriva 2008 but I need ur help!!!


hi everybody, it's the first time I'm working with linux (mandriva 2008) I need to make my own DNS, so I edited and created some files, here they are:

(my domain is "dz" localhost is "machine" and my @IP is "10.10.128.118")

I started with /var/named/named.ca


; Use "dig @A.ROOT-SERVERS.NET . ns" to update this file if it's outdated.
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.root
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: Jan 29, 2004
; related version of root zone: 2004012900
;
;
; formerly NS.INTERNIC.NET
;
; $Id: bind-named.root 80849 2007-09-06 11:56:48Z oden $
; $HeadURL: svn+ssh://svn.mandriva.com/svn/packages/cooker/bind/current/SOURCES/
bind-named.root $
;
. 3600000 IN NS machine.dz.
machine.dz. 3600000 A 10.10.128.118
;


/etc/named.conf

// (oe) Loosely based on the document below and from production server configurations.
// http://www.cymru.com/Documents/secur...-template.html
//
// $Id: named.conf 80849 2007-09-06 11:56:48Z oden $
// $HeadURL: svn+ssh://svn.mandriva.com/svn/packages/cooker/bind/current/SOURCES/named.conf $


// secret must be the same as in /etc/rndc.conf
include "/etc/rndc.key";

controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { mykey; };
};

// Access lists (ACL's) should be defined here
include "/etc/bogon_acl.conf";
include "/etc/trusted_networks_acl.conf";

// Define logging channels
include "/etc/logging.conf";

options {
version "";
directory "/var/named";
dump-file "/var/tmp/named_dump.db";
pid-file "/var/run/named.pid";
statistics-file "/var/tmp/named.stats";
zone-statistics yes;
// datasize 256M;
coresize 100M;
// fetch-glue no;
// recursion no;
// recursive-clients 10000;
auth-nxdomain yes;
query-source address * port *;
listen-on port 53 { any; };
cleaning-interval 120;
transfers-in 20;
transfers-per-ns 2;
lame-ttl 0;
max-ncache-ttl 10800;

// forwarders { first_public_nameserver_ip; second_public_nameserver_ip; };

// allow-update { none; };
// allow-transfer { any; };

// Prevent DoS attacks by generating bogus zone transfer
// requests. This will result in slower updates to the
// slave servers (e.g. they will await the poll interval
// before checking for updates).
notify no;
// notify explicit;
// also-notify { secondary_name_server };

// Generate more efficient zone transfers. This will place
// multiple DNS records in a DNS message, instead of one per
// DNS message.
transfer-format many-answers;

// Set the maximum zone transfer time to something more
// reasonable. In this case, we state that any zone transfer
// that takes longer than 60 minutes is unlikely to ever
// complete. WARNING: If you have very large zone files,
// adjust this to fit your requirements.
max-transfer-time-in 60;

// We have no dynamic interfaces, so BIND shouldn't need to
// poll for interface state {UP|DOWN}.
interface-interval 0;

// Uncoment these to enable IPv6 connections support
// IPv4 will still work
// listen-on { none; };
// listen-on-v6 { any; };

// allow-query { trusted_networks; };
allow-recursion { trusted_networks; };

// Deny anything from the bogon networks as
// detailed in the "bogon" ACL.
blackhole { bogon; };
};

// workaround stupid stuff... (OE: Wed 17 Sep 2003)
zone "ac" { type delegation-only; };
zone "cc" { type delegation-only; };
zone "com" { type delegation-only; };
zone "cx" { type delegation-only; };
zone "lv" { type delegation-only; };
zone "museum" { type delegation-only; };
zone "net" { type delegation-only; };
zone "nu" { type delegation-only; };
zone "ph" { type delegation-only; };
zone "sh" { type delegation-only; };
zone "tm" { type delegation-only; };
zone "ws" { type delegation-only; };

zone "." IN {
type hint;
file "named.ca";
};

zone "dz" IN {
type master;
file "dz";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "reverse/named.local";
allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "reverse/named.ip6.local";
allow-update { none; };
};

zone "255.in-addr.arpa" IN {
type master;
file "reverse/named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "reverse/named.zero";
allow-update { none; };
};



/var/named/named.local

$ORIGIN dz.
$TTL 86400 ; 1 day
@ IN SOA machine.dz. root.machine.dz. (
1997022700 ; Serial
28800 ; Refresh (8 hours)
14400 ; Retry (4 hours)
3600000 ; Expire (5 weeks 6 days 16 hours)
86400 ) ; Minimum (1 day)


IN NS machine.dz.


1 IN PTR localhost.



I created an other file "dz" (with no extension is it ok?????)


vi /var/named/dz


$ORIGIN dz.
$TTL 86400 ; 1 day
@ IN SOA machine.dz. root.machine.dz. (
1997022700 ; Serial
28800 ; Refresh (8 hours)
14400 ; Retry (4 hours)
3600000 ; Expire (5 weeks 6 days 16 hours)
86400 ) ; Minimum (1 day)


IN NS machine
IN NS machine.dz.

localhost IN A 127.0.0.1
machine IN A 10.10.128.118

www CNAME machine (for the web server with apache)



I added this file: /var/named/dz.rev


$ORIGIN dz.
$TTL 86400 ; 1 day
128.10.10.in-addr.arpa IN SOA machine.dz. root.machine.dz. (
1997022700 ; Serial
28800 ; Refresh (8 hours)
14400 ; Retry (4 hours)
3600000 ; Expire (5 weeks 6 days 16 hours)
86400 ) ; Minimum (1 day)


IN NS machine.dz.

$ORIGIN 128.10.10.in-addr.arpa.
118 PTR machine.dz.



and the last one /etc/resolv.conf


search dz
nameserver 127.0.0.1
nameserver 10.10.128.118




the problem is : when I restart named with "service named restart" the result is "ok"

but with "nslookup" "> q=any" the result is:

Got servfail reply from 127.0.0.1 try next server
connection timed out, no serrvers could be reached


I don't understand, what's wrong

I need ur help guys

thanx!
 
Old 05-01-2008, 01:27 PM   #2
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
I don't see any immediate glaring error on looking over your setup. But I do see a problem with the command you gave to nslookup: there is no command "q=any". Perhaps you intended "set type=any", which should succeed. After that, you need to either give an IP address or a name to nslookup, and it will report back on what the DNS system replies.

Generally, when you see a SERVFAIL response, it means that your named process found some error; in that case, there should be more information in the logfiles. The location(s) will be defined per your config file in /etc/logging.conf. If something there does not make sense, please post the result, and maybe we can track the problem down further.
 
Old 05-01-2008, 01:55 PM   #3
ssarrinah
LQ Newbie
 
Registered: May 2008
Posts: 16

Original Poster
Rep: Reputation: 0
thank you so much,I'm gonna try it and I'll tell you what I found later :-)
 
Old 05-01-2008, 02:48 PM   #4
ssarrinah
LQ Newbie
 
Registered: May 2008
Posts: 16

Original Poster
Rep: Reputation: 0
sorry but I can't find the file "/etc/logging.conf" I checked the file "/var/log/messages" there are many informations since April 26, so here is what I did:
# service named restart
[ok]

# nslookup
> set type = any
> dz

Got servfail............(like what I said earlier)

# vi /var/log/messages

.
.
.
.
.
May 1 21:30:40 machine named[7462]: starting BIND 9.4.1-P1 -u named -t /var/lib/named
May 1 21:30:40 machine named[7462]: loading configuration from '/etc/named.conf'
May 1 21:30:40 machine named[7462]: listening on IPv4 interface lo, 127.0.0.1#53
May 1 21:30:40 machine named[7462]: automatic empty zone: 127.IN-ADDR.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 254.169.IN-ADDR.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 255.255.255.255.IN-AD
DR.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0
.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0
.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: D.F.IP6.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 8.E.F.IP6.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: 9.E.F.IP6.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: A.E.F.IP6.ARPA
May 1 21:30:40 machine named[7462]: automatic empty zone: B.E.F.IP6.ARPA
May 1 21:30:40 machine named[7462]: command channel listening on 127.0.0.1#953




does it mean something to you????
I don't know if it's the file you were talking about or not!!

thanx.
 
Old 05-02-2008, 12:30 AM   #5
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
The messages in /var/log/messages are the normal ones that named posts when it starts up. If /etc/logging.conf does not exist, then you do not have any logging channels defined for named. This is probably an error. At a minimum, you ought to have something about like this
Code:
logging {
  channel "my_syslog" {
    syslog daemon;
    severity info;
    print-category yes;
    print-severity yes;
  };
  category default { my_syslog; };
};
I would recommend installing this text in /etc/logging.conf, and retrying the same experiment that you have reported on.

Then, I am pretty sure that the last line in your /etc/resolv.conf file is unnecessary, and may be confusing things. It tells the resolver part of the DNS system to attempt a name resolution on 10.10.128.118 (your IP address). But your named daemon is only listening on 127.0.0.1, so it will never hear such a request. This also could be producing the servfail message. So I recommend that you delete that line from /etc/resolv.conf, and then retry the same experiment. Under normal circumstances, you will not need more than one nameserver line in this file.

Let's see what happens then.
 
Old 05-02-2008, 08:17 AM   #6
ssarrinah
LQ Newbie
 
Registered: May 2008
Posts: 16

Original Poster
Rep: Reputation: 0
I opened the file /etc/resolv.conf and guess what I found,nothing!!!
it seems like I have another problem here!

when I first started to create and edit my files,the first time i opened resolv.conf I found something written :

dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN



but I deleted this and instead I've written: (remember??)

search dz
nameserver 127.0.0.1
nameserver 10.10.128.118


and now when I wanted to try what you told me i opened it and I found that again,it's like i never changed it, but i'm sure I did and I saved everything and when I used to open it before it was normal!

I really don't understand!!

whatever
I've written just:
search dz
nameserver 127.0.0.1


and with :
nslookup
set type=any
dz


I got this:

Server: 127.0.0.1
Address: 127.0.0.1#53

**server can't find dz: SERVFAIL


do you think there's a problem with "/etc/resolv.conf"????
 
Old 05-02-2008, 09:36 PM   #7
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
The problem of the missing /etc/resolv.conf is undoubtedly traceable to some GUI that you (inadvertantly) used to try to solve some problem in this area. My systems do not have a manpage for resolvconf(8), but yours may. It will probably tell you where the actual information is stored that generates a new /etc/resolv.conf when you update stuff.

Were you able to install the stuff in /etc/logging.conf? If so, there will be some more information in the logfiles, I hope.
 
Old 05-03-2008, 05:55 PM   #8
ssarrinah
LQ Newbie
 
Registered: May 2008
Posts: 16

Original Poster
Rep: Reputation: 0
hi,yes I created a file /etc/logging.conf because it didn't exist in /etc,but where can I find the "log files"?????
about /etc/resolv.conf,yes I have a man page for resolvconf(8) but there's not just one file,in fact there are many that communicate together to regenerate the old resolv.conf at system reboot. to be honnest I didn't understand the man page completely! so I'm still making some research!

I'm starting to.... :-( but I don't wanna give up!

I really appreciate ur help,thanx.
 
Old 05-03-2008, 07:05 PM   #9
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
The logging stuff is very flexible, and correspondingly complicated. The code I posted will direct everything to the syslog facility. The way that is set up, in turn, is controlled by yet another file: /etc/syslog.conf. This usually results in the messages we are interested in being recorded in /var/log/messages; that is where I would look first. There are a number of web pages that you can find using Google that describe how syslog is configured, but if you can find the messages we want in /var/log/messages, you can defer that bit of research.
 
Old 05-11-2008, 05:36 PM   #10
ssarrinah
LQ Newbie
 
Registered: May 2008
Posts: 16

Original Poster
Rep: Reputation: 0
hi I'm so sorry I had no "internet", I just found out that I needed "ethernet driver" (in my other pc,where I wanted to create the DNS),so I just solved that problem,now I think something's wrong with the "dz file",because when I restart "name service", in the log messages there's: "zone dz/In :loading from master file dz failed,file not found"
so....
bye!
 
  


Reply

Tags
dns, mandriva


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: The Perfect Server - Mandriva 2008 Spring Free (Mandriva 2008.1) LXer Syndicated Linux News 0 04-10-2008 04:10 PM
configuring Dns server configuration on mandriva 2008 kent157 Linux - Server 7 02-18-2008 09:35 AM
DNS setup problems on mandriva 2008. rushadrenaline Mandriva 1 11-19-2007 10:25 AM
LXer: The Perfect Desktop - Mandriva 2008 Free (Mandriva 2008.0) LXer Syndicated Linux News 0 10-16-2007 07:20 PM
LXer: The Perfect Server - Mandriva 2008 Free (Mandriva 2008.0) LXer Syndicated Linux News 0 10-11-2007 09:41 PM


All times are GMT -5. The time now is 09:44 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration