Can someone please help me i am so closed and i cant find out why is this happening.if i type dig @127.0.0.1 dns.dcp.prd<-- which is my zonename i get the following responds

ns1-prd-dcp:/etc # dig @127.0.0.1 dns.dcp.prd

; <<>> DiG 9.2.3 <<>> @127.0.0.1 dns.dcp.prd
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 23363
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;dns.dcp.prd. IN A

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 5 16:47:28 2006
;; MSG SIZE rcvd: 29



and when i type nslookup from my box i get the following error

H:\>nslookup
*** Can't find server name for address 168.217.20.230: Query refused
Default Server: dns2-prd-dcp.dcp.prd
Address: 168.217.20.239

>


please someone help me plz

thanks heaps

Lano

Common guys please iam sure there is planty people that done it,
why isnt anyone wanting to help please.

thanks heaps.

Lano

A quick check-list:
Is named running on ns1-prd-dcp?
Any clues in the logs?
Is it configured to listen on 127.0.0.1 port 53?
Is it configured to allow queries from 127.0.0.1?
Is ns1-prd-dcp the master for dcp.prd?
If not:
Is it configured to allow recursion for 127.0.0.1?
Does it have the forwarding address(es) of the master?
Is it configured to forward to the master(s)?
Is iptables/whatever configured to allow udp and tcp connections from 127.0.0.1:* to 127.0.0.1:53?

If it all looks OK then you could try enabling query logging to see what named is trying to do for the request.

hey i got this fixed it was problem in acls the way i set it up

thanks man

it looks like u the only one that helps here..

thanks

Dave sorry just one more question if you could help out would be great.
When i point my personal computer to the Linux dns this is what i get
H:\>nslookup
Default Server: dns1-prd-dcp.dcp.prd
Address: 168.217.xxx.xxx

> xpe4-tas-dcp.dcp.prd
Server: dns1-prd-dcp.dcp.prd
Address: 168.217.xxx.xxx

DNS request timed out. -->I was wondering why do i get this ?
timeout was 2 seconds.
Name: xpe4-tas-dcp.dcp.prd---> and this is correct output.
Address: 203.35.xxx.xxx
>

Which is fine except one thing is that i don’t understand is why do i get DNS request timed out but at the end it gives right outcome, is there any ways that i can fix this so it doesn’t appear .

Thanks Heaps man

Lano

Is the 168.217.xxx.xxx address for the dns server correct?

If it's a local pc, ie in the user's local network, you should be using a local ip number, otherwise the replies from 168.217.xxx.xxx will come from it's local ip number and will be ignored by the clients.. (Basic routing reject)

Hi Thanks for the replay

168.217.xxx.xxx is the correct DNS server well that is the IP address of the linux box.

I kinda do not understand the rest on waht yo mean could you please explain little more .

thanks heaps..

Lano

The timeout might be down to, well, things just taking more than 2 seconds. DNS is mainly done over UDP so there is no guarantee of delivery, so the sender application has to check for valid replies and re-send if necessary. This may be what is happening - timeout and re-send. The first attempt takes too long so nslookup re-sends the query. By then the server has the reply in cache and replies immediately.

That's why there are so many DNS caches around - on the local machine, at each DNS server and, sometimes, a "name server caching daemon" on Linux to cache DNS, NIS, YP etc. replies to speed things up.

My small network often takes around 5 seconds to look up a new Internet name for the first time.

As for the routing issue - it may be a "non-issue" if you are "fully connected" with "stateful" firewalling. It uesed to be a problem with unsolicited replies from remote DNS servers and packet filtering with port forwarding etc.

aha i see but is this correct i know that linux DNS works on FQDN, the question that i have is this. If type nslookup on linux box and i type in computer name say xpe4-tap-XXX it resolves it straight away. but if i type nslookup on my computer pointing to linux DNS box and i type in computer name xpe4-tap-dcp i get the following resoult

H:\>nslookup
Default Server: dns1-XXX-XX.XXX.prd <---and this is correct Server name and zone name.
Address: 168.217.xxx.xxx <-- where this is the name correct IP of the LINUX DNS BOX

> xpe4-tap-XXX
Server: dns1-prd-XXX.XXX.prd <--- THis is correct
Address: 168.217.XXX.XXX <---this i correct

DNS request timed out.
timeout was 2 seconds.
*** Request to dns1-prd-dcp.dcp.prd timed-out
>

So it doesnt find it but if i place zone name at the end for example is below

H:\>nslookup
Default Server: dns1-XXX-XXX.XXX.prd
Address: 168.217.XXX.XXX

> xpe4-tap-XXX.XXX.XXX
Server: dns1-prd-XXX.XXX.prd
Address: 168.217.XXX.XXX

DNS request timed out.
timeout was 2 seconds. <---STill not 100% why
Name: xpe4-tap-XXX.XXX.prd<---This resoult is correct
Address: 203.35.XXX.XXX <---- this resoult is correct

>

is that normal or is it still not working properly ?

thanks heaps guys

sorry repost

Looks OK to me. So long as it works for your applications e.g. web browsing.

DNS only works with fully qualified domain names. To look up just a host name the resolver generates a query for each configured network name. e.g. host.network1, host.network2 etc. Under Linux the network names are from /etc/resolv.conf. In Windows (98 at least) it's in the IP network DNS configuration, "Domain Suffix Search Order".

The 2 second timeout looks far too short. Most IP timeouts are in the order of 5 minutes by default. I use about 60 seconds as a compromise for most things.

Hrmm sorry i dont seem to get about 2 sec timeout so waht do you suggest ? do u think somethign is wrong with my config ? or is there somethign more to it ? sorry man just trying to figure this shit out

thanks heaps for all ur help

Lano

Hey do yo have msn plz if you do could u add me dk_56@hotmail.com just for some help plz man would appreciate heaps..

Lano

Plz anyone how can i sort out my 2 sec timeout?

thanks

Lano