LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-05-2014, 10:41 AM   #1
Jeff A
LQ Newbie
 
Registered: Feb 2014
Posts: 4

Rep: Reputation: Disabled
named zone file came issues on CentOS 6.5


I am running bind version 9.8.2rc1 on a CentOS 6.5 server. I am working on setting up a virtual environment to test configurations, I have set up bind on an infrastructure server and done the basic configuration work on it to get running. I am having issues with came records not resolving correctly. Below is my zone file:
Code:
$TTL 86400
@  IN  SOA	ns1.example.com. root.example.com. (
	2013111001	;Serial
	3600		;Refresh
	1800		;Retry
	604800		;Expire
	86400)		;Minimum TTL

		IN	NS	ns1.example.com.

		IN	A	192.168.122.50
ns1		IN	A	192.168.122.50

infrastructure	IN	CNAME	ns1
www		IN	CNAME	ns1
ftp		IN	CNAME	ns1
ldap		IN	CNAME	ns1
Below are the responses I get trying to query the name server:

Code:
[root@infrastructure ~]# host ns1
ns1.example.com has address 192.168.122.50

[root@infrastructure ~]# host www
Host www not found: 2(SERVFAIL)

[root@infrastructure ~]# host ftp
Host ftp not found: 2(SERVFAIL)

[root@infrastructure ~]# host infrastructure
Host infrastructure not found: 2(SERVFAIL)
I know that this is going to turn out to be a simple issue, but I am just not seeing what is not correct in this configuration.

Any Ideas?

Thanks,
Jeff
 
Old 02-05-2014, 02:18 PM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,937
Blog Entries: 5

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
The "@" in your source of authority (SOA) means "whatever domain is asking this question.

You would have had to configure named.conf to look at this zone "file" with a zone "name". (Often the same for both but they are different so it is easy to confuse them.)

So if your named.conf says that zone "name" example.com is using zone "file" example.com then the "@" in the SOA is example.com.

That means anything NOT terminated by a dot in the zone file is assumed to append the zone "name".

So www is actually www.example.com, ftp is actually ftp.example.com. By doing "host www" you're looking up something that is NOT in the zone "file".
www IN CNAME ns1
ftp IN CNAME ns1

You COULD actually just have "www" and "ftp" work instead of "www.example.com" and "ftp.example.com" by putting an entry with the dot in the zone "file":
www. IN CNAME ns1
ftp. IN CNAME ns1

However that would be rather unsual. Most people don't just look up www - they look up www.<domain>.

Last edited by MensaWater; 02-05-2014 at 02:20 PM.
 
Old 02-08-2014, 07:42 AM   #3
Jeff A
LQ Newbie
 
Registered: Feb 2014
Posts: 4

Original Poster
Rep: Reputation: Disabled
Thanks for getting back to me, sorry for the delay in responding back...

After reading through your post I tried a couple of things to confirm what is happening on this system. Attempting lookups on www.example.com, ftp.example.com, ldap.example.com, or infrastructure.example.com result in the same outcome; the name server does not provide resolution for the names. Outputs pasted below..

Code:
# dig @192.168.122.50 www.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 www.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43432
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;www.example.com.		IN	A

;; AUTHORITY SECTION:
example.com.		86400	IN	SOA	ns1.example.com. root.example.com. 2013111001 3600 1800 604800 86400

;; Query time: 1 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 13:36:46 2014
;; MSG SIZE  rcvd: 78



# dig @192.168.122.50 ftp.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 ftp.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49947
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ftp.example.com.		IN	A

;; AUTHORITY SECTION:
example.com.		86400	IN	SOA	ns1.example.com. root.example.com. 2013111001 3600 1800 604800 86400

;; Query time: 0 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 13:37:42 2014
;; MSG SIZE  rcvd: 78



# dig @192.168.122.50 infrastructure.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 infrastructure.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 448
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;infrastructure.example.com.	IN	A

;; AUTHORITY SECTION:
example.com.		86400	IN	SOA	ns1.example.com. root.example.com. 2013111001 3600 1800 604800 86400

;; Query time: 0 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 13:38:05 2014
;; MSG SIZE  rcvd: 89



dig @192.168.122.50 ldap.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 ldap.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54828
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ldap.example.com.		IN	A

;; AUTHORITY SECTION:
example.com.		86400	IN	SOA	ns1.example.com. root.example.com. 2013111001 3600 1800 604800 86400

;; Query time: 0 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 13:38:32 2014
;; MSG SIZE  rcvd: 79

However ns1.example.com does work:

Code:
dig @192.168.122.50 ns1.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 ns1.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21119
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.example.com.		IN	A

;; ANSWER SECTION:
ns1.example.com.	86400	IN	A	192.168.122.50

;; AUTHORITY SECTION:
example.com.		86400	IN	NS	ns1.example.com.

;; Query time: 0 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 13:38:50 2014
;; MSG SIZE  rcvd: 63
 
Old 02-08-2014, 09:06 AM   #4
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,937
Blog Entries: 5

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
Change your CNAMEs to fully specify the target:

infrastructure IN CNAME ns1.example.com.
www IN CNAME ns1.example.com.
ftp IN CNAME ns1.example.com.
ldap IN CNAME ns1.example.com.

You've also not provided what the setup for the zone is in your named.conf.
 
Old 02-08-2014, 09:50 AM   #5
Jeff A
LQ Newbie
 
Registered: Feb 2014
Posts: 4

Original Poster
Rep: Reputation: Disabled
Below is the zone setup from my named.conf
Code:
zone "example.com" IN {
        type master;
        file "fwd.example.com";
        allow-update { none; };
};
I updated my zone file appending the .example.com on all of the CNAME records, lookups still fail following restarting the named service. Output below:
Code:
#dig @192.168.122.50 www.exmaple.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 www.exmaple.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14120
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.exmaple.com.		IN	A

;; Query time: 2 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 15:10:52 2014
;; MSG SIZE  rcvd: 33


#dig @192.168.122.50 ns1.example.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @192.168.122.50 ns1.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18230
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.example.com.		IN	A

;; ANSWER SECTION:
ns1.example.com.	86400	IN	A	192.168.122.50

;; AUTHORITY SECTION:
example.com.		86400	IN	NS	ns1.example.com.

;; Query time: 0 msec
;; SERVER: 192.168.122.50#53(192.168.122.50)
;; WHEN: Sat Feb  8 15:11:12 2014
;; MSG SIZE  rcvd: 63
 
Old 02-09-2014, 08:47 AM   #6
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,937
Blog Entries: 5

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
Your first dig has a typo.

You have www.exmaple.com but should have www.example.com.
 
Old 02-09-2014, 01:41 PM   #7
Jeff A
LQ Newbie
 
Registered: Feb 2014
Posts: 4

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by MensaWater View Post
Your first dig has a typo.

You have www.exmaple.com but should have www.example.com.
Yes it does, I copied the wrong one into the post.. www.example.com, ftp,example.com, ldap.example.com, and infrastructure.example.com all have the same result, name server does not return a record for them.
 
Old 02-10-2014, 09:33 AM   #8
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,937
Blog Entries: 5

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
On the DNS server itself what happens if you do "dig @127.0.0.1 ..." for ns1, www, etc...?

Do you have views or anything esoteric turned on in named.conf?

Is the zone file actually named fwd.example.com? (i.e. the file name in var/named?)

Are you running named in a chroot configuration? If so /var/named and /etc aren't the correct directories instead it would be something like /var/named/chroot/var/named and /var/named/chroot/etc (or whatever your distro has as the jailed home of named. On RHEL/CentOS it is /var/named/chroot by default but could be something else. Make sure the files you're editing are relative to the jailed chroot directory if you are running the chroot setup.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
adding a zone in named.conf in centos 5.2 /etc/named.conf coolhunkank Linux - Newbie 2 05-14-2009 08:45 AM
Dns Problem Loading The Zone File Error(zone File Not Found) ramineni Linux - Newbie 1 09-14-2008 08:36 AM
Bind have lost some zone in named.conf & lost db file achilles Linux - Enterprise 0 04-19-2007 06:22 AM
centos 4.4 and bind named performance issues kbensch Linux - Networking 3 01-09-2007 10:31 PM
DNS: Named.conf don point to zone file Swakoo Linux - General 3 09-27-2005 07:02 PM


All times are GMT -5. The time now is 08:51 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration