BIND error

bathory · 11-09-2005, 08:41 AM

What happens if you run from dns server:

Code:

nslookup komp1
or 
dig komp1

Mind that it's /etc/resolv.conf not /etc/resolve.conf

czezz · 11-10-2005, 05:03 AM

OMG !!!
It was port 53 !!! I was sure I set to accept that port and indeed it was but only for external interface.
When i set port 53 for LAN it started works.

Thank you Bathory for your priceless advices.
Now im goint to set DNS to internet.

bathory · 11-10-2005, 06:06 AM

Glad to see you've made it.

Regards

czezz · 11-20-2005, 09:09 AM

Since DNS works fine i decided to run mail server (on Postfix). Before I start doing that I neet to be sure that my DNS configuration is ready for mailserver.
This is my current test.com file:

Code:

$TTL 86400 
$ORIGIN test.com. 
@ IN SOA  test.com. postmaster.test.com. ( 
2005110704 ; serial (d. adams) 
8640 ; refresh 
3600 ; retry 
3600000 ; expiry 
1209600 ) ; min 
IN NS ns1.test.com. 
IN NS ns2.test.com. 
IN MX 10 test.com. 
@ IN A 144.67.67.1 
www IN A 144.67.67.1 
ns1 IN A 144.67.67.1 
ns2 IN A 144.67.67.1 
ftp IN A 144.67.67.1 
komp1 IN A 10.3.11.21

Can you please verify it ?

bathory · 11-21-2005, 02:15 AM

You must give your mailserver a FQDN (fully qualified domain name) which must also resolve to it's IP. So your zone file must be:

Code:

IN MX 10 mail.test.com.
mail IN A xx.xx.xx.xx

and you must put a PTR record in your reverse-zone file:

Code:

xx PTR mail.test.com.

These are necessary for spam fighting reasons, as most mailservers do not accept mail from hosts that don't have FQDN and don't resolve to an IP address.

czezz · 11-22-2005, 02:49 AM

Ok, so now my test.com file looks like this:

Code:

$TTL 86400 
$ORIGIN test.com. 
@ IN SOA  test.com. postmaster.test.com. ( 
2005110704 ; serial (d. adams) 
8640 ; refresh 
3600 ; retry 
3600000 ; expiry 
1209600 ) ; min 
IN NS ns1.test.com. 
IN NS ns2.test.com. 
IN MX 10 test.com. 
IN MX 10 mail.test.com.
@ IN A 144.67.67.1 
www IN A 144.67.67.1 
ns1 IN A 144.67.67.1 
ns2 IN A 144.67.67.1 
ftp IN A 144.67.67.1 
mail IN A 144.67.67.1
komp1 IN A 10.3.11.21

What about PTR record and reverse-zone file ? How should that file looks like and where should I put it ? Is it necessery to do some changes in named.conf and test.com?

Details (just for sure)
my DNS server IP: 144.67.67.1 - this should be IP of mailserver as well. Domain test.com

bathory · 11-22-2005, 04:09 AM

Reverse dns is a little complicated and it depends on how your ISP delegates your subnet. Read this to see how it's done. Anyway if you want to support reverse dns, you have to contact your ISP to find out your IP range, you must create a zone file named "xx.xx.xx.xx-in-addr.arpa" according to that IP range and of course add the entry for this zone to named.conf.

czezz · 12-10-2005, 07:16 AM

Ok, here is an update of my files to start DNS:

named.conf

PHP Code:


			
options {

    directory "/var/named";

    

     query-source address * port 53;

};



logging{

category lame-servers{

null;

};

};



zone "." IN {

type hint;

file "named.cache";

};



zone "test.com" {

type master;

file "test.com";

allow-update { none; };

allow-transfer { 144.67.67.2; };

notify yes;

};



zone "67.67.144.in-addr.arpa" {

notify yes;

type master;

file "67.67.144.in-addr.arpa";

};

test.com

PHP Code:


			
$TTL 86400 

$ORIGIN test.com. 

@ IN SOA  test.com. postmaster.test.com. ( 

2005110704 ; serial (d. adams) 

8640 ; refresh 

3600 ; retry 

3600000 ; expiry 

1209600 ) ; min 

IN NS ns1.test.com. 

IN NS ns2.test.com. 

IN MX 10 test.com. 

IN MX 10 mail.test.com.

@ IN A 144.67.67.1 

www IN A 144.67.67.1 

ns1 IN A 144.67.67.1 

ns2 IN A 144.67.67.1 

ftp IN A 144.67.67.1 

mail IN A 144.67.67.1

pop IN A 144.67.67.1

smtp IN A 144.67.67.1

komp1 IN A 10.3.11.21

and the last one 160.238.83.in-addr.arpa

PHP Code:


			
@            IN    SOA    ns1.test.com.    ns2.test.com.    (

                    2005121001    ; serial (d. adams)

                    8640        ; refresh

                    3600        ; retry

                    3600000        ; expiry

                    1209600 )    ; min



;

                NS     ns1.test.com.

21                PTR    test.com

and in the last file is a problem because when I rstarted BIND
in syslog I saw:

PHP Code:


			
Dec 10 13:43:59 proxy-2 named[13846]: 67.67.144.in-addr.arpa:1: no TTL specified; using SOA MINTTL instead

Dec 10 13:43:59 proxy-2 named[13846]: 67.67.144.in-addr.arpa: file does not end with newline

where and how specifi this TTL, and how check that revDNS works ?

bathory · 12-10-2005, 08:46 AM

You can use the same TTL as in the test.com file:

Code:

$TTL 86400

For the newline error, I don't know, perhaps leaving a blank line at the end of the file will stop this error.
To test your reverse dns run:

Code:

nslookup 147.67.67.21
dig 147.67.67.21
dig 147.67.67.21 @xx.xx.xx.xx

where xx.xx.xx.xx is a third dns (perhaps your ISP's dns)
or use this site.