[SOLVED] DNS Server Related Problem: ** server can't find w3icon.com: SERVFAIL

tonmoy · 04-15-2013, 01:53 AM

Code:

vi /etc/hosts

Quote:

127.0.0.1 localhost.localdomain localhost.localdomain localhost4 localhost4.localdomain4 localhost
::1 localhost.localdomain localhost.localdomain localhost6 localhost6.localdomain6 localhost
120.50.16.75 w3icon.com
120.50.16.75 srvr.w3icon.com srvr

Code:

vi /etc/sysconfig/network

Quote:

NETWORKING=yes
HOSTNAME=srvr.w3icon.com

Code:

vi /etc/named.conf

Quote:

options {
listen-on port 53 { 127.0.0.1; 120.50.16.75; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { 127.0.0.1; any; };
recursion yes;

dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

zone "." IN {
type hint;
file "named.ca";
};

zone "w3icon.com" IN {
type master;
file "forward.zone";
};

zone "16.50.120.in-addr.arpa" IN {
type master;
file "reverse.zone";
};

include "/etc/named.rfc1912.zones";

# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "FX+bl23kRQsVHgamvhTY/w==";
};

controls {
inet 127.0.0.1 port 953
allow { any; } keys { "rndc-key"; };
};
# End of named.conf

Code:

vi /var/named/forward.zone

Quote:

$TTL 86400
@ IN SOA srvr.w3icon.com. root.w3icon.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS srvr.w3icon.com.
srvr IN A 120.50.16.75

Code:

vi /var/named/reverse.zone

Quote:

$TTL 86400
@ IN SOA srvr.w3icon.com. root.w3icon.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS srvr.w3icon.com.
200 IN PTR srvr.w3icon.com.

Code:

service named status

Quote:

version: 9.7.3-RedHat-9.7.3-2.el6
CPUs found: 2
worker threads: 2
number of zones: 21
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running
named (pid 3237) is running...

Code:

nslookup w3icon.com.

Quote:

Server: 120.50.16.75
Address: 120.50.16.75#53

** server can't find w3icon.com: SERVFAIL

Code:

dig w3icon.com

Quote:

; <<>> DiG 9.7.3-RedHat-9.7.3-2.el6 <<>> w3icon.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 21338
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;w3icon.com. IN A

;; Query time: 0 msec
;; SERVER: 120.50.16.75#53(120.50.16.75)
;; WHEN: Mon Apr 15 12:42:55 2013
;; MSG SIZE rcvd: 28

Code:

netstat -tap | grep named

Quote:

tcp 0 0 localhost.localdomain:rndc *:* LISTEN 3237/named
tcp 0 0 w3icon.com:domain *:* LISTEN 3237/named
tcp 0 0 localhost.localdomai:domain *:* LISTEN 3237/named

My DNS server isn't working. I have tried to figure out the problem for a long time but can't. Please look into the matter and help me to find the error. FYI, I am not too much experienced in linux. Thanks in advance for trying to help me.

JJJCR · 04-15-2013, 03:00 AM

==========================
$TTL 86400

$ORIGIN w3icon.com.

@ IN SOA srvr.w3icon.com. root.w3icon.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
==========================

just remove lines below and try above configuration:
@ IN NS srvr.w3icon.com.
200 IN PTR srvr.w3icon.com.

make sure you backup every file so you can keep track the changes you've made.

Check out this link: http://www.linux-sec.net/DNS/Example/glossary.txt

tonmoy · 04-15-2013, 03:30 AM

It doesn't work if I do so... (service don't be started)

JJJCR · 04-15-2013, 03:55 AM

have you tried:

listen-on { any; };

to verify whether ports are being blocked.

tonmoy · 04-15-2013, 04:23 AM

No friend, it's not working still... Tried but now the service isn't being up. If you have time, can you please check my server with a ssh session?

tonmoy · 09-09-2013, 04:26 AM

Thanks everyone to try for me...