DNS ERROR: Name or service not known.

rioguia · 10-14-2003, 11:22 PM

i am trying to set up a simple domain server on redhat 9.0. my domain is substantis.com and my server is ns1.substantis.com. which also serves as mail and www. it is located behind my linux firewall/router on a DMZ. My secondary server is located outside my domain. I can't understand how to trouble shoot the responses i get from DIG to solve my problem.

three dig examples
using dig i get the following results

1. [root@ns1 etc]# dig @ns1.substantis.com substantis.com
dig: Couldn't find server 'ns1.substantis.com': Name or service not known.

2 [root@ns1 etc]# dig substantis.com

. ; <<>> DiG 9.2.1 <<>> substantis.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6642
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;substantis.com. IN A

;; Query time: 45 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Oct 15 00:13:07 2003
;; MSG SIZE rcvd: 32

3. [root@ns1 etc]# dig yahoo.com

; <<>> DiG 9.2.1 <<>> yahoo.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30200
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;yahoo.com. IN A

;; ANSWER SECTION:
yahoo.com. 1618 IN A 66.218.71.198

;; AUTHORITY SECTION:

OMITTED BY EDITOR

;; Query time: 46 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Oct 15 00:14:56 2003
;; MSG SIZE rcvd: 254

I have the named.conf file and associated zone files in /var/named (named.ca named.local named.rev named.substantis.com)

named.conf
// generated by named-bootconf.pl
options {
directory "/var/named" ;
forwarders {
66.92.159.2;
216.231.41.2;
};
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 uses an unprivileged
// port by default.

query-source address * port 53;

};
zone "." {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
allow-update { none; };
};

// our primary information
zone "substantis.com" {
type master;
file "named.substantis.com";
allow-update {none;};
};
zone "149.92.66.in-addr.arpa" {
type master;
file "named.rev";
};
"named.conf" 36L, 887C

named.substantis.com

$TTL 86400
@ IN SOA substantis.com. something.hotmail.com. (
2003101404 ;serial number
1800 ;temporary refresh every 10800 for 3 hours
1800 ;retry every 30 minutes
1209600 ;expire in 2 weeks
604800 ) ;minimum 1 week
IN NS ns1.substantis.com.
IN NS ns1.speakeasy.net.
IN MX 10 ns1.substantis.com.
localhost IN A 127.0.0.1 ; resolve localhost
smoothwall IN A 10.1.1.1 ; internet gateway
ns1 IN A 66.92.149.196 ; name server
mail IN A 10.1.10.2 ; mail to name server
www IN A 10.1.10.2 ; apache to name server
www IN CNAME ns1 ; apache alias

/var/named/named.substantis.com" 16L, 909C

named.rev

$TTL 604800
@ IN SOA 149.92.66.in-addr.arpa. something.hotmail.com. (
2003101405 ;serial number
10800 ;refresh every 10800 for 3 hours
1800 ;retry every 30 minutes
1209600 ;expire in 2 weeks
604800 ) ;minimum 1 week
IN NS ns1.substantis.com.
IN NS ns1.speakeasy.net.
1 IN PTR smoothwall.substantis.com.
2 IN PTR mail.substantis.com.
3 IN PTR www.substantis.com.
4 IN PTR ns1.substantis.com.
"/var/named/named.rev" 13L, 656C

[root@ns1 named]# tail /var/log/messages
Oct 14 23:49:42 ns1 named[7944]: no IPv6 interfaces found
Oct 14 23:49:42 ns1 named[7944]: listening on IPv4 interface lo, 127.0.0.1#53
Oct 14 23:49:42 ns1 named[7944]: listening on IPv4 interface eth0, 10.1.10.2#53
Oct 14 23:49:42 ns1 named[7944]: command channel listening on 127.0.0.1#953
Oct 14 23:49:42 ns1 named[7944]: zone 0.0.127.in-addr.arpa/IN: loaded serial 2003101400
Oct 14 23:49:42 ns1 named[7944]: zone 149.92.66.in-addr.arpa/IN: loaded serial 2003101405
Oct 14 23:49:42 ns1 named[7944]: dns_master_load: named.substantis.com:16: www.substantis.com: CNAME and other data
Oct 14 23:49:42 ns1 named[7944]: zone substantis.com/IN: loading master file named.substantis.com: CNAME and other data
Oct 14 23:49:42 ns1 named[7944]: running
Oct 14 23:49:42 ns1 named[7944]: zone 149.92.66.in-addr.arpa/IN: sending notifies (serial 2003101405)
[root@ns1 named]#

sashhoney · 10-15-2003, 12:26 AM

all of ur files are okay, only thing missing is an 'A'(Address entry ) in ur named.substantis.com file
so just add this entry after ur NS entry lines
i think this will solve ur problem when u try to run second command u specifed earlier i.e. dig substantis.com

ppuru · 10-15-2003, 03:43 AM

What do you have in your resolv.conf?

rioguia · 10-15-2003, 06:06 AM

thanks for your suggestions. I think you have both identified potential problems.
I'm not sure if its the lack of an A record because as you will notice, I have only one computer doing the (1) DNS, (2) Mail, and (3) Web Server. So, in fact, I have three A records all pointing to the same box. But your question makes me ask, "Do I have the correct address for the A record." I have two different addresses for these records. One is my routable internet address (66.92.149.196) and the local address for the same box as my Mail and Web Server. Is this the problem? Should they all be the routable address or the local address perhaps?

ns1 IN A 66.92.149.196 ; name server
mail IN A 10.1.10.2 ; mail to name server
www IN A 10.1.10.2 ; apache to name server
www IN CNAME ns1 ; apache alias

for ppuru, does this look correct or should I have my routable address here (in place of or in addition to the current local host address)?

/etc/resolv.conf
search substantis.com
nameserver 127.0.0.1

ppuru · 10-15-2003, 06:31 AM

rioguia · 10-15-2003, 11:21 AM

Any thoughts?

kettermw · 10-15-2003, 11:33 AM

Couple of things: 1) Check your services and make sure that "named" is checked. I don't believe it's on by default. 2) In your resolv.conf I think you need the IP address of the dns server in there, not just the loop back address.

mrmdls · 10-15-2003, 01:21 PM

Hi,

This is a shot in the dark, but how about changing your ownerships, example

chmod 644 /etc/named.conf
chmod a+x /var/named

Hope this Helps,

Dave S.

we've all heard of famous battle cry's like "Remember the Alamo", or "don't give up the ship", mine's simply SCO EXEC'S CAN EAT MY SHORTS!!!!

rioguia · 10-15-2003, 07:17 PM

1. regarding DIG EXAMPLE Number 1 above, it helps when I use the tool correctly. The error is fixed as far as the server goes by using
dig @ns1 substantis.com

which returns a result that says it still can't find the domain for which it is master but it does recognize that its name is ns1. dig returns the following:
;substantis.com. IN A

;; Query time: 1 msec
;; SERVER: 10.1.10.2#53(ns1)
;; WHEN: Wed Oct 15 20:08:10 2003
;; MSG SIZE rcvd: 32

2. regarding suggestions about A Records and IP addresses, I tried changing the A record for the dns server from :
ns1 IN A 66.92.149.196 ; name server
to:
ns1 IN A 10.1.10.2 : name server (i also changed the named.rev and /etc/conf file

3. regarding sashhoney's suggeston about file permissions, here they are after performing the commands you suggested.

[root@ns1 named]# ls -la
total 24
-drwxr-xr-x 2 named named 4096 Oct 15 18:19 .
drwxr-xr-x 20 root root 4096 Oct 12 23:34 ..
-rw-r--r-- 1 named named 2499 Jan 24 2003 named.ca
-rw-r--r-- 1 named named 472 Oct 15 00:11 named.local
-rw-r--r-- 1 named named 656 Oct 15 00:10 named.rev
-rw-r--r-- 1 named named 908 Oct 15 00:03 named.substantis.com

[root@ns1 named]# ls -la /etc/named.conf
-rw-r--r-- 1 root root 887 Oct 14 23:49 /etc/named.conf

sashhoney · 10-16-2003, 02:12 AM

well think about my suggestion again-
i didnt tell u to add 'A' entries for ur ns1 or ns2 but what i tried to suugest u is to add this line

@

sashhoney · 10-16-2003, 02:15 AM

i m sorry for incomplete posting...
just add this line

@ IN A 66.92.149.196

as u can see from the response of dig that it is unable to find the answer for the query
;; QUESTION SECTION:
;substantis.com. IN A

this is the only potential prob u r probably facing in my opinion

rioguia · 10-16-2003, 02:28 AM

i have done some more troubleshooting. for some reason, my logging is not set up properly so i haven't been seeing some error messages. one of the problems appears to be the file '/var/run/named/named.pid'. is this a permission issue for the "named" user? i am providing the error log and the permissions for the file below:

root@ns1 named]# named -g
Oct 16 03:21:24.491 starting BIND 9.2.1 -g
Oct 16 03:21:24.586 using 1 CPU
Oct 16 03:21:24.593 loading configuration from '/etc/named.conf'
Oct 16 03:21:24.717 no IPv6 interfaces found
Oct 16 03:21:24.717 listening on IPv4 interface lo, 127.0.0.1#53
Oct 16 03:21:24.718 binding TCP socket: address in use
Oct 16 03:21:24.776 listening on IPv4 interface eth0, 10.1.10.2#53
Oct 16 03:21:24.776 binding TCP socket: address in use
Oct 16 03:21:24.783 couldn't add command channel 127.0.0.1#953: address in use
Oct 16 03:21:24.882 ignoring config file logging statement due to -g option
Oct 16 03:21:24.882 couldn't open pid file '/var/run/named/named.pid': File exists
Oct 16 03:21:24.882 exiting (due to early fatal error)

[root@ns1 named]# ls -la
total 12
drwxr-xr-x 2 named named 4096 Oct 16 03:21 .
drwxr-xr-x 8 root root 4096 Oct 16 02:28 ..
-rw-r--r-- 1 named named 5 Oct 16 03:21 named.pid

sashhoney · 10-16-2003, 03:00 AM

hey, i think u cannot run named -g command if named service is already running as a daemon and also listening to same port and ip pair
so the errors are obvious in this case
just modify ur named.sabstantias.com entry-
add that entry below ur
IN NS ns1.sabstantias.com
and try to run it again
using
service named restart
or
/usr/sbin/named restart

rioguia · 10-16-2003, 06:01 AM

sash: thanks for the help. the restart has got me back and running.
I didn't understand your suggestion about but my server can't recongize the domain (substantis.com). Do I have the file correctly now?

var/named/named.substantis.com
$TTL 86400
@ IN SOA substantis.com. maworden.hotmail.com. (
2003101505 ;serial number
1800 ;temporary refresh every 10800 for 3 hours
1800 ;retry every 30 minutes
1209600 ;expire in 2 weeks
604800 ) ;minimum 1 week
IN NS ns1.substantis.com.
IN NS ns1.speakeasy.net.
IN MX 10 ns1.substantis.com.
localhost IN A 127.0.0.1 ; resolve localhost
smoothwall IN A 10.1.1.1 ; internet gateway
ns1 IN A 66.92.149.196 ; name server
mail IN A 66.92.149.196 ; mail to name server
www IN A 66.92.149.196 ; apache to name server
www IN CNAME ns1 ; apache alias

With this configuration here are my DIG regults. It recognizes my IP Address but not my domain name that is supposed to be attached to that address.

[root@ns1 root]# dig substantis.com

; <<>> DiG 9.2.1 <<>> substantis.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34989
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;substantis.com. IN A

;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Oct 16 06:51:56 2003
;; MSG SIZE rcvd: 32

[root@ns1 root]# dig 66.92.149.196

; <<>> DiG 9.2.1 <<>> 66.92.149.196
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46337
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;66.92.149.196. IN A

;; ANSWER SECTION:
66.92.149.196. 604800 IN A 66.92.149.196

;; AUTHORITY SECTION:
. 518379 IN NS K.ROOT-SERVERS.NET.
. 518379 IN NS L.ROOT-SERVERS.NET.
. 518379 IN NS M.ROOT-SERVERS.NET.
. 518379 IN NS A.ROOT-SERVERS.NET.
. 518379 IN NS B.ROOT-SERVERS.NET.
. 518379 IN NS C.ROOT-SERVERS.NET.
. 518379 IN NS D.ROOT-SERVERS.NET.
. 518379 IN NS E.ROOT-SERVERS.NET.
. 518379 IN NS F.ROOT-SERVERS.NET.
. 518379 IN NS G.ROOT-SERVERS.NET.
. 518379 IN NS H.ROOT-SERVERS.NET.
. 518379 IN NS I.ROOT-SERVERS.NET.
. 518379 IN NS J.ROOT-SERVERS.NET.

;; Query time: 68 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Oct 16 06:52:07 2003
;; MSG SIZE rcvd: 258

sashhoney · 10-16-2003, 11:50 PM

well just try to understand the response given by dig, as i said earlier, all the files r correct. only problem is that named is unable to find the address entry for ur zone name that is substantis.com.
so b4 trying anything, add the following line and run 'named' again

$TTL 86400
@ IN SOA substantis.com. maworden.hotmail.com. (
2003101505 ;serial number
1800 ;temporary refresh every 10800 for 3 hours
1800 ;retry every 30 minutes
1209600 ;expire in 2 weeks
604800 ) ;minimum 1 week
IN NS ns1.substantis.com.
IN NS ns1.speakeasy.net.

IN A 66.92.149.196 #this line u need to add here#

IN MX 10 ns1.substantis.com.
localhost IN A 127.0.0.1 ; resolve localhost
smoothwall IN A 10.1.1.1 ; internet gateway
ns1 IN A 66.92.149.196 ; name server
mail IN A 66.92.149.196 ; mail to name server
www IN A 66.92.149.196 ; apache to name server
www IN CNAME ns1 ; apache alias