|
Mandrake 10.1 DNS problems
Hi,
I'm having trouble with DNS... (i think :) ) I upgraded from mdk9.0 to mdk10.1. I configured my linux to be a dns server for the rest of the network. (which is obviously not working) -> this WAS working in mdk9.0 I configured DHCP (successfully) All clients receive DHCP packages correcly. -> this was also working in mdk9.0 On my linuxbox (server) i can access the internet corectly using hostnames. On my windowsbox i am only able to access the internet using ip-adresses. (i ping them on the linux, then feed the ips in internet explorer) I checked my firewall settings (tail -f /var/log/syslog) and there are no messages which indicate shorewall is blocking something. (default policy fw -> loc and loc -> fw = ACCEPT). and i also have FW -> NET port 53 ACCEPT This is my /etc/resolv.conf: # domain STARFLEET.COM search STARFLEET.COM SKYNET.BE nameserver 192.168.1.1 nameserver 195.238.2.21 nameserver 195.238.2.22 /var/named/STARFLEET.COM.db: $ORIGIN . $TTL 86400 ; 1 day STARFLEET.COM IN SOA STARFLEET.COM. root.STARFLEET.COM. ( 2004011700 ; Serial number 3600 ; 1 hour refresh 300 ; 5 minutes retry 172800 ; 2 days expiry 43200 ) ; 12 hours minimum ; List the name servers in use. Unresolved (entries in other zones) ; will go to our ISP's name server isp.domain.name.com IN NS ENTERPRISE. IN MX 10 ENTERPRISE. $ORIGIN STARFLEET.COM. $TTL 86400 ; 1 day IN A 192.168.1.1 localhost IN A 127.0.0.1 ; Alias (canonical) names ftp IN CNAME ENTERPRISE. www IN CNAME ENTERPRISE. mail IN CNAME ENTERPRISE. ; List of machine names & addresses ;box2 IN A 192.168.0.2 ; comment ;box3 IN A 192.168.0.3 ; comment /var/named/zone/db.STARFLEET.COM.hosts $TTL 3D @ IN SOA ENTERPRISE.STARFLEET.COM. root.ENTERPRISE.STARFLEET.COM. ( 06112004 ; Serial 8H ; Refresh 2H ; Retry 4W ; Expire 1D) ; Minimum TTL TXT dns Wizard IN NS ENTERPRISE.STARFLEET.COM. localhost A 127.0.0.1 dnsmaster IN CNAME ENTERPRISE.STARFLEET.COM. ENTERPRISE.STARFLEET.COM. IN A 192.168.1.1 ; use tab to retrieve data in drakwizard bind ; xp2400.guibland.com. IN A 10.0.1.34 I dont know what to do with the last 2 files but i've been reading some stuff about BIND and configuring DNS but as far as my knowledge goes, i cant seem to find anything wrong with them either. I used the Mandrake configuration tool to set up DNS. I think i got about 30 backups now for resolv.conf :s Note: i am also using a eicon diva adsl modem to connect to the internet therefor i have to use a usermode driver for this called ECIADSL (http://eciadsl.flashtux.org/) but this has never given me any trouble before... Of course some wizard may have f****d up things somewhere because my modem is not detected by default. Just a thought. Does any one have a solution for this? Had the same trouble or something? hints? any help will be much appreciated. thanx wingcom |
The simple solution, which would bypass the DNS server you are using in Linux, is to add the nameservers that you get from your ISP (the router feeds them to Linux through it's DHCP) into your DHCP server, add nameserver 195.238.2.21 and nameserver 195.238.2.22 to your /etc/dhcpd.conf. This will get the windows boxes resolving names until you get your DNS server set up and then you can change that to nameserver 192.168.1.1.
Try reading the docs at http://www.isc.org/ for more information to get DNS working; You probably just have to tweak your zonefiles, some troubleshooting commands for BIND are named-checkconf and then named-checkzone starfleet.com /var/named/starfleet.com.db and named-checkzone 1.168.192.in-addr.arpa /var/named/db.starfleet.com.hosts |
Hi Arin,
First of all, thanx for the quick reply! I tried bypassing DNS through DHCP by replacing this in /etc/dhcp.conf: Code:
option domain-name-servers 192.168.1.1;Code:
option domain-name-servers 195.238.2.21;then i changed it back and tried the troubleshooting commands: Code:
[root@ENTERPRISE wingcom]# named-checkconfAnyway i''m gonna start reading the docs now at http://www.isc.org/ and keep people posted on my progress (IF there will ever be progress lol) bbiab, wingcom needs some reading on dns now greetz wingcom |
Wingcon
Change your /etc/resolv.conf to: Code:
search starfleet.com skynet.beWill also do host searching in both domains. Then in /etc/named.conf put the following entries: Code:
options {Then restart dns service. Do some digging from localhost, if it's all running ok change the /etc/dhcp.conf back to: Code:
option domain-name-servers 192.168.1.1;Make sure they have access thru any firewall on the server, and test them with the new configs. If everything's configured correctly it should be ok. BU |
Arin: I was mistaking in saying that your bypass didn't work... i had been messing with it for so long that i had hard-code the ip 192.168.1.1 in the dns settings in windows so the hack you supplied DID work indeed wherefor i am ever gratefull !!! (-> I needed to perform a clean windows installation for my uncle's pc :s and tested it on his pc... it was working so thats when i remembered: wingcom, you morron, you hardcoded (static) the dns in you windows pc :s Sorry 'bout that
Butt-Ugly: I tried your configuration and did some digging from localhost but unfortunatly without succes. i changed resolv.conf to hold only nameserver 127.0.0.1 with search domains STARFLEET.COM and SKYNET.BE. then i changed named.conf adding all variables you gave me like this: Code:
#options {When this wasn't working i commented it out and put it like you told me to: Code:
options {What i DID notice is that when i restart the named service via Mandrake Control -> services, it gives me an error on stopping the service (start button there does a restart actually) --> "Stopping named: rndc: connect failed: connection refused [FAILED] I also openend up my firewall for all OUTGOING traffic so i added these policies: fw -> net ACCEPT loc -> net ACCEPT I dont plan to leave it like that but i hope it will speed up my testing... I'm not sure if i want to spend that much hours on it while i got a bypass off course. My DNS server has always worked in mdk9.0. -> i thought upgrading to 10.1 instead of performing a clean install would save me alot of time but when i look at it afterwards i have spend much more time in reconfiguring it then i spend on it when installed mdk9.0. But off course you learn alot and what else can i do on a saturday afternoon :D Thanx for the support you guys, if i find something i will post it here |
Oh yea, another thing I was thinking is do you have root servers in your dns config?
Maybe just post your whole named.conf, but specifically what I mean is do you have a zone "." section that points to a root domains file (they usually have names line named.ca or root.hints although you can call it anything) Another good check is to use dig, try dig @localhost localhost and see if the query comes back and then also try a domain such as dig @localhost linuxquestions.org and see if it went out to a root server. |
uhm, i thinks so...
According to your description i can see a "." zone in my named.conf ... is that bad? my named.conf (complete now) Code:
key mykey {Code:
; <<>> DiG 8.2 <<>> In addition i also changed my resolv.conf back to 127.0.0.1 and tried the dig commands, these are the results: Code:
[root@ENTERPRISE wingcom]# dig @localhost localhostCode:
[root@ENTERPRISE wingcom]# dig @localhost linuxquestions.org |
Dig is just one of the ISC tools for DNS, used to look up domain info either generically to whatever DNS server your machine uses (dig domain-name) or to query a specific DNS server for info (dig @dnsserver domain-name.) Dig is handy if you are using other DNS servers while trying to get yours working because you can dig @mydnsserver to see if it's working rather than having to change your resolve.conf back and forth.
If queries to localhost time out then your DNS server is either not started or not getting your requests. I think in MDK it's just service named start or service named status to start or see if DNS is running. ps -ef | grep named should show if it's running too, that works on almost any *nix machine. You could also try dig @127.0.0.1 or dig @192.168.1.1 just in case localhost doesn't resolve right or named isn't listening on loopback. The "." zone is good, you need that to look up anything besides the domains you configure (localhost, starfleet.com) and your setup looks right there. The rest of named.conf looks like it should work too. You can also check logs like /var/log/messages for any DNS server errors. The restart and stop error from Mandrake ("Stopping named: rndc: connect failed: connection refused [FAILED]") is something I've seen before in RedHat too, something about the security keys not being set up right or the named script not doing something correctly. You can always stop it with killall named which happens to be the way Slackware's script does it. I haven't even looked at the RedHat script to see what it does (Mandrake is based on RedHat.) I probably should make a point to see what it's doing and what would fix it at some point, just to know :) |
Allright, thank you Darin!
I am goin to do some "dig"ing tonight when i get back from work. Sorry for the late response, i had a ruff saturdaynight ;) I will also try to locate that script, see what it does and try to fix it i will keep you posted on my progress kind regards wingcom |
Darin...
You are my new favourite person :) The hints you gave ma worked like a charm!. It was a security/ file permission mistake :s... If I had looked at /var/log/message all along i would have saved myself alot of pain :p But hey i learned in the process :) the grep named service only returned me the running grep command so it wasn't running at all :s. I'll never trust a wizard again. It wasn't returning any kind of error :s and service named start eiter --> Starting named: [ OK ] :s /etc/named.conf and zone/hints had root permissions only, so named user couldnt access it: Code:
Nov 22 21:17:01 ENTERPRISE named[23478]: starting BIND 9.3.0 -u namedCode:
Nov 22 21:19:40 ENTERPRISE named[23702]: starting BIND 9.3.0 -u namedThanx for all your help! :D cheers wiNGCom |
| All times are GMT -5. The time now is 08:49 AM. |