LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   wrong ttl time for dns entries on bind 9.7 with suse 11.4 server (https://www.linuxquestions.org/questions/linux-networking-3/wrong-ttl-time-for-dns-entries-on-bind-9-7-with-suse-11-4-server-898887/)

marb84 08-23-2011 01:21 AM
wrong ttl time for dns entries on bind 9.7 with suse 11.4 server
 
hello together

i'm working on this issue a longer time but i dont find a solution. i have a ibm server with suse linux 11.4. the following services are installed and configured: dhcp 4.2.1 and bind 9.7 (isc.org).

if i connect a client (notebook, printer, computer, etc.) to this network i receive a correct ip address and it also put this client client to the dns lease list - but with the wrong TTL time! Lease is always for 1h, doesent matter what i have configured (default lease time for this zone is 3d12h).

has somebody an idea?

Code:
# /etc/named.conf
#######################################
#
options {
        directory "/var/lib/named";
        interface-interval 0;
        cleaning-interval 120;
        allow-query { any; };
        notify yes;
        forward only;
        forwarders {
                192.168.101.15;
                192.168.101.13;
                };
        };

acl SfsDnsDhcpSrv {
        10.41.4.10;
        10.41.8.10;
        };
acl SfsMsAdDcSrv {
        10.41.7.11;
        10.41.4.46;
        10.41.9.35;
        10.41.9.36;
        };
acl SfsSapZoneSrv {
        10.41.6.33;
        10.41.9.74;
        };

server 10.41.8.10 {
        transfers 25;
        };

zone "localhost" in {
        type master;
        file "/var/lib/named/localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
        type master;
        file "/var/lib/named/127.0.0.zone";
};

zone "sfs-intra.net" in {
        type master;
        file "/var/lib/named/sfs-intra.net.hosts";
        allow-transfer {
                "SfsDnsDhcpSrv";
                "SfsSapZoneSrv";
                };
        allow-update {
                SfsDnsDhcpSrv;
                SfsMsAdDcSrv;
                };
};
Code:
# /var/lib/named/sfs-intra.net.hosts (zone file)
#######################################
#
$ORIGIN .
$TTL 38400        ; 10 hours 40 minutes
sfs-intra.net                IN SOA        chsfsn00300.sfs-intra.net. mail.domain.com. (
                                1092359    ; serial
                                10800      ; refresh (3 hours)
                                3600      ; retry (1 hour)
                                3600000    ; expire (5 weeks 6 days 16 hours)
                                38400      ; minimum (10 hours 40 minutes)
                                )
                        NS        chsfsn00300.sfs-intra.net.
                        NS        chsfsn00301.sfs-intra.net.
$TTL 600        ; 10 minutes
                        A        10.41.9.36
                        A        10.41.4.46
                        A        10.41.9.35
                        A        10.41.7.11
$TTL 38400        ; 10 hours 40 minutes
                        MX        10 chsfsd01.sfs-intra.net.
                        MX        20 chsfsd11.sfs-intra.net.
$ORIGIN sfs-intra.net.
$TTL 302400        ; 3 days 12 hours
                        TXT        "3171198b914643afda182d943c359d9bb5"
chsfsl-0410                A        10.41.29.35
                        TXT        "315f0e3b3d9855713ec91f450d60af3f01"
chsfsl-0415                A        10.41.73.118
                        TXT        "00ba07e9b59dc8c07ecc2abe8b97ef6220"
chsfsl-0417                A        10.41.71.75
                        TXT        "002dcbf3f3c0a2e51e3550f6b9dae6dd02"
chsfsl-0420                A        10.41.74.32
                        TXT        "31e9f835d542fb51b16beb9a0a85c66447"
chsfsl-0423                A        10.41.224.66
                        TXT        "3160d466777eb346b57888595bdf509b72"
$TTL 38400        ; 10 hours 40 minutes
atsfsb-0000                A        10.43.1.224
atsfsb-0009                A        10.43.3.228
ATSFSB-0011                A        10.43.4.121
atsfsb-0016                A        10.43.4.229
atsfsb-0017                A        10.43.1.226
atsfsb-1000                A        10.43.33.232

rodrifra 08-25-2011 04:17 AM
I don't know if I get it right. Lease time is for the IP address, which is given by DHCP server, the configuration you are posting is for the bind server which has nothing to do with IP lease times. TTL is the time a name is cached on a DNS server (time it doesn't have to ask another server to know the IP). Are you mixing concepts or have I misunderstand the question?

marb84 08-25-2011 04:46 AM
thank you for your answer. you're right!

there are two lease times. one for the dhcp server to spread ip addresses and the other to cache dns entries on bind server. dhcp lease time is working well with standard 7 days.

i have some problems with the dns cache default ttl time. it always set the dns entries for 1h. but i have configured this default ttl in the zone file for 3 days 12 hours ($ttl 302400)! dont know why it always takes 1h???

rodrifra 08-25-2011 06:15 AM
First of all, my named.conf has a logging section, why don't you add one so that you can check logs and see what is happening?.

Does resolv.conf have the nameserver pointing correctly? Did your ISP resolved the name for you in the past and you changed that so that they resolv name using your server? Maybe the name is being resolved by your ISP and querys are not being redirected to your server.

It's strange, you said TTL is 1h, but I get 2hs when I dig your name.

; <<>> DiG 9.7.3 <<>> sfs-intra.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2491
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13

;; QUESTION SECTION:
;sfs-intra.net. IN A

;; ANSWER SECTION:
sfs-intra.net. 7200 IN A 209.62.20.229

I'm sorry but I am running out of ideas.

marb84 08-31-2011 04:24 AM
sorry for my delay.

i also have a logging section. i just deleted this part from the config file for the forum entry cause its not interessting.

it's a local domain. everything is the same. same configuration, same services. dont know why it's not working.


All times are GMT -5. The time now is 04:38 PM.