Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've checked the zone files, `/etc/hosts`, `/etc/nameserverips`, `/etc/named.conf`, `/etc/resolv.conf` and `/etc/wwwacct.conf` all of which seem to be in order.
However when I try register the domain name, I get an error:
The SOA record for domain.co.za at ip address can not be retreived.
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain."
If I go into `/var/named` and check `ns1.mynameserver.co.za.db` and `ns2.mynameserver.co.za.db` they look perfect. (identical to my other 2 servers). However its not working?
The above has been added to IPtables, port 53 is definitely open. TCP and UDP
Quote:
tail -f /var/log/messages
Jun 7 12:27:04 ws1 named[28591]: starting BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 -u named -4
Jun 7 12:27:04 ws1 named[28591]: found 2 CPUs, using 2 worker threads
Jun 7 12:27:04 ws1 named[28591]: using up to 4096 sockets
Jun 7 12:27:04 ws1 named[28591]: loading configuration from '/etc/named.conf'
Jun 7 12:27:04 ws1 named[28591]: max open files (1024) is smaller than max sockets (4096)
Jun 7 12:27:04 ws1 named[28591]: using default UDP/IPv4 port range: [1024, 65535]
Jun 7 12:27:04 ws1 named[28591]: using default UDP/IPv6 port range: [1024, 65535]
Jun 7 12:27:04 ws1 named[28591]: no IPv6 interfaces found
Jun 7 12:27:04 ws1 named[28591]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 7 12:27:04 ws1 named[28591]: listening on IPv4 interface eth0, 196.15.136.221#53
Jun 7 12:27:04 ws1 named[28591]: listening on IPv4 interface eth0:cp1, 196.15.136.211#53
Jun 7 12:27:04 ws1 named[28591]: command channel listening on 127.0.0.1#953
Jun 7 12:27:04 ws1 named[28591]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Jun 7 12:27:04 ws1 named[28591]: zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
Jun 7 12:27:04 ws1 named[28591]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Jun 7 12:27:04 ws1 named[28591]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
Jun 7 12:27:04 ws1 named[28591]: zone localdomain/IN/localhost_resolver: loaded serial 42
Jun 7 12:27:04 ws1 named[28591]: zone localhost/IN/localhost_resolver: loaded serial 42
From the /var/log/messages output, looks like there is no domain.co.za zone loaded.
You should post named.conf and the zone file in order for us to help you further
Thanks for your reply, muchly appreciated. I simply didnt post the domain.co.za zones in the /var/log/messages log - here is a full log:
Quote:
Jun 7 12:58:18 ws1 named[1120]: starting BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5 -u named -4
Jun 7 12:58:18 ws1 named[1120]: found 2 CPUs, using 2 worker threads
Jun 7 12:58:18 ws1 named[1120]: using up to 4096 sockets
Jun 7 12:58:18 ws1 named[1120]: loading configuration from '/etc/named.conf'
Jun 7 12:58:18 ws1 named[1120]: max open files (1024) is smaller than max sockets (4096)
Jun 7 12:58:18 ws1 named[1120]: using default UDP/IPv4 port range: [1024, 65535]
Jun 7 12:58:18 ws1 named[1120]: using default UDP/IPv6 port range: [1024, 65535]
Jun 7 12:58:18 ws1 named[1120]: no IPv6 interfaces found
Jun 7 12:58:18 ws1 named[1120]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 7 12:58:18 ws1 named[1120]: listening on IPv4 interface eth0, 196.15.136.221#53
Jun 7 12:58:18 ws1 named[1120]: listening on IPv4 interface eth0:cp1, 196.15.136.211#53
Jun 7 12:58:18 ws1 named[1120]: command channel listening on 127.0.0.1#953
Jun 7 12:58:18 ws1 named[1120]: zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Jun 7 12:58:18 ws1 named[1120]: zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
Jun 7 12:58:18 ws1 named[1120]: zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
Jun 7 12:58:18 ws1 named[1120]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
Jun 7 12:58:18 ws1 named[1120]: zone localdomain/IN/localhost_resolver: loaded serial 42
Jun 7 12:58:18 ws1 named[1120]: zone localhost/IN/localhost_resolver: loaded serial 42
Jun 7 12:58:18 ws1 named[1120]: zone procleus.com/IN/internal: loaded serial 2011060702
Jun 7 12:58:18 ws1 named[1120]: zone procleus.co.za/IN/internal: loaded serial 2011053107
Jun 7 12:58:18 ws1 named[1120]: zone ws1.procleus.co.za/IN/internal: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone pul.co.za/IN/internal: loaded serial 2011060205
Jun 7 12:58:18 ws1 named[1120]: zone ns10.webstorm.co.za/IN/internal: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone ns11.webstorm.co.za/IN/internal: loaded serial 2011060701
Jun 7 12:58:18 ws1 named[1120]: zone ns12.webstorm.co.za/IN/internal: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone procleus.com/IN/external: loaded serial 2011060702
Jun 7 12:58:18 ws1 named[1120]: zone procleus.co.za/IN/external: loaded serial 2011053107
Jun 7 12:58:18 ws1 named[1120]: zone ws1.procleus.co.za/IN/external: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone pul.co.za/IN/external: loaded serial 2011060205
Jun 7 12:58:18 ws1 named[1120]: zone ns10.webstorm.co.za/IN/external: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone ns11.webstorm.co.za/IN/external: loaded serial 2011060701
Jun 7 12:58:18 ws1 named[1120]: zone ns12.webstorm.co.za/IN/external: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone ws1.procleus.co.za/IN/internal: sending notifies (serial 2011053101)
Jun 7 12:58:18 ws1 named[1120]: zone pul.co.za/IN/internal: sending notifies (serial 2011060205)
Jun 7 12:58:18 ws1 named[1120]: zone ns12.webstorm.co.za/IN/internal: sending notifies (serial 2011053101)
Jun 7 12:58:18 ws1 named[1120]: zone ns10.webstorm.co.za/IN/internal: sending notifies (serial 2011053101)
Jun 7 12:58:18 ws1 named[1120]: zone procleus.com/IN/internal: sending notifies (serial 2011060702)
Jun 7 12:58:18 ws1 named[1120]: zone ns11.webstorm.co.za/IN/internal: sending notifies (serial 2011060701)
Jun 7 12:58:18 ws1 named[1120]: zone pul.co.za/IN/external: sending notifies (serial 2011060205)
Jun 7 12:58:18 ws1 named[1120]: zone ns12.webstorm.co.za/IN/external: sending notifies (serial 2011053101)
Jun 7 12:58:18 ws1 named[1120]: zone procleus.co.za/IN/internal: sending notifies (serial 2011053107)
Jun 7 12:58:18 ws1 named[1120]: zone ns10.webstorm.co.za/IN/external: sending notifies (serial 2011053101)
Jun 7 12:58:18 ws1 named[1120]: zone ws1.procleus.co.za/IN/external: sending notifies (serial 2011053101)
Jun 7 12:58:18 ws1 named[1120]: zone procleus.com/IN/external: sending notifies (serial 2011060702)
Jun 7 12:58:18 ws1 named[1120]: zone procleus.co.za/IN/external: sending notifies (serial 2011053107)
Jun 7 12:58:18 ws1 named[1120]: zone ns11.webstorm.co.za/IN/external: sending notifies (serial 2011060701)
Jun 7 12:58:18 ws1 named[1120]: running
options {
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
*/
// query-source port 53;
/* We no longer enable this by default as the dns posion exploit
has forced many providers to open up their firewalls a bit */
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
pid-file "/var/run/named/named.pid";
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
/* memstatistics-file "data/named_mem_stats.txt"; */
allow-transfer {"none";};
};
logging {
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory (/var/named").
* By default, SELinux policy does not allow named to modify the /var/named" directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
// All BIND 9 zones are in a "view", which allow different zones to be served
// to different types of client addresses, and for options to be set for groups
// of zones.
//
// By default, if named.conf contains no "view" clauses, all zones are in the
// "default" view, which matches all clients.
//
// If named.conf contains any "view" clause, then all zones MUST be in a view;
// so it is recommended to start off using views to avoid having to restructure
// your configuration files in the future.
view "localhost_resolver" {
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
*/
match-clients { 127.0.0.0/24; };
match-destinations { localhost; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
include "/var/named/named.rfc1912.zones";
};
view "internal" {
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" .
*/
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
// include "/var/named/named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
zone "ws1.procleus.co.za" {
type master;
file "/var/named/ws1.procleus.co.za.db";
};
zone "ns10.webstorm.co.za" {
type master;
file "/var/named/ns10.webstorm.co.za.db";
};
zone "ns12.webstorm.co.za" {
type master;
file "/var/named/ns12.webstorm.co.za.db";
};
zone "procleus.co.za" {
type master;
file "/var/named/procleus.co.za.db";
};
zone "pul.co.za" {
type master;
file "/var/named/pul.co.za.db";
};
zone "procleus.com" {
type master;
file "/var/named/procleus.com.db";
};
zone "ns11.webstorm.co.za" {
type master;
file "/var/named/ns11.webstorm.co.za.db";
};
};
view "external" {
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN interface subnets:
*/
recursion no;
// you'd probably want to deny recursion to external clients, so you don't
// end up providing free DNS service to all takers
// all views must contain the root hints zone:
zone "." IN {
type hint;
file "/var/named/named.ca";
};
// These are your "authoritative" external zones, and would probably
// contain entries for just your web and mail servers:
// BEGIN external zone entries
zone "ws1.procleus.co.za" {
type master;
file "/var/named/ws1.procleus.co.za.db";
};
zone "ns10.webstorm.co.za" {
type master;
file "/var/named/ns10.webstorm.co.za.db";
};
zone "ns12.webstorm.co.za" {
type master;
file "/var/named/ns12.webstorm.co.za.db";
};
zone "procleus.co.za" {
type master;
file "/var/named/procleus.co.za.db";
};
zone "pul.co.za" {
type master;
file "/var/named/pul.co.za.db";
};
zone "procleus.com" {
type master;
file "/var/named/procleus.com.db";
};
zone "ns11.webstorm.co.za" {
type master;
file "/var/named/ns11.webstorm.co.za.db";
};
};
Last edited by Steven Goodman; 06-07-2011 at 06:06 AM.
...
Jun 7 12:58:18 ws1 named[1120]: zone ns10.webstorm.co.za/IN/internal: loaded serial 2011053101
Jun 7 12:58:18 ws1 named[1120]: zone ns11.webstorm.co.za/IN/internal: loaded serial 2011060701
Jun 7 12:58:18 ws1 named[1120]: zone ns12.webstorm.co.za/IN/internal: loaded serial 2011053101
...
Have you created each nameserver as a zone or what?
Which is the one that gives the error? And what is its zone file?
Yes, I created each nameserver with a zone file. I've been told this is not needed, however just tried incase as thats how 2 of my other servers are setup.
All nameservers show the error:
Quote:
Domain "procleus.co.za", SOA Ref (), Orig ""
Pre-existing Nameservers for "procleus.co.za":-
Syntax/Cross-Checking provided info for Nameserver at 6a: ns10.webstorm.co.za
Syntax/Cross-Checking provided info for Nameserver at 6e: ns11.webstorm.co.za
Syntax/Cross-Checking provided info for Nameserver at 6i: ns12.webstorm.co.za
The SOA record for procleus.co.za at 196.15.136.213 can not be retreived.
!
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain.
!
The SOA record for procleus.co.za at 196.15.136.214 can not be retreived.
!
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain.
!
The SOA record for procleus.co.za at 196.38.146.126 can not be retreived.
!
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain.
!
ERROR: No valid nameservers found - rejecting request.
Example of ns10.webstorm.co.za zone file
Quote:
; Zone file for ns10.webstorm.co.za
$TTL 14400
@ 86400 IN SOA ns10.webstorm.co.za. gary.pul.co.za. (
2011053101 ; serial, todays date+todays
86400 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds
ns10.webstorm.co.za. 86400 IN NS ns10.webstorm.co.za.
ns10.webstorm.co.za. 86400 IN NS ns12.webstorm.co.za.
ns10.webstorm.co.za. IN A 196.15.136.213
localhost.ns10.webstorm.co.za. IN A 127.0.0.1
ns10.webstorm.co.za. IN MX 0 ns10.webstorm.co.za.
mail IN CNAME ns10.webstorm.co.za.
www IN CNAME ns10.webstorm.co.za.
ftp IN CNAME ns10.webstorm.co.za.
Yes, I created each nameserver with a zone file. I've been told this is not needed, however just tried incase as thats how 2 of my other servers are setup.
IT';s not needed.
You need just the zone files for the zones webstorm.co.za procleus.co.za etc
From this looks like the 1st zone is ok. The strange thing is that it's using different nameservers!! Maybe you need to add ns10 to ns12 there using NS and their A records.
Then, you can use webstorm.co.za nameservers for the other zones too, e.g. for procleus.co.za
Code:
; Zone file for procleus.co.za
$TTL 14400
@ 86400 IN SOA ns10.webstorm.co.za. gary.pul.co.za. (
2011053101 ; serial, todays date+todays Don't forget to increase it!!!!
86400 ; refresh, seconds
7200 ; retry, seconds
3600000 ; expire, seconds
86400 ) ; minimum, seconds
@ 86400 IN NS ns10.webstorm.co.za. ;use the correct nameservers here
@ 86400 IN NS ns12.webstorm.co.za.
...
Webstorm.co.za is using different name servers ns4,5,6 because thats the ISP. There zone is working 100% as per the DNS tool.
However our VPS is on another server which uses these nameservers - ns10,ns11 and ns12.webstorm.co.za and dedicated IP is 196.15.136.221
I dont need to create a zone for webstorm.co.za as its only used for nameservers do I? Only procleus and domains that will be hosted? Should I have a zone file for the hostname of the machine or can that be delete aswell?
Quote:
; Zone file for procleus.co.za
$TTL 14400
procleus.co.za. 86400 IN SOA ns10.webstorm.co.za. gary.pul.co.za. (
2011053107 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
86400 ;minimum
)
procleus.co.za. 86400 IN NS ns10.webstorm.co.za.
procleus.co.za. 86400 IN NS ns11.webstorm.co.za.
procleus.co.za. 86400 IN NS ns12.webstorm.co.za.
procleus.co.za. 14400 IN A 196.15.136.221
localhost 14400 IN A 127.0.0.1
procleus.co.za. 14400 IN MX 0 procleus.co.za.
mail 14400 IN CNAME procleus.co.za.
www 14400 IN CNAME procleus.co.za.
ftp 14400 IN A 196.15.136.221
cpanel 14400 IN A 196.15.136.221
whm 14400 IN A 196.15.136.221
webmail 14400 IN A 196.15.136.221
webdisk 14400 IN A 196.15.136.221
Last edited by Steven Goodman; 06-07-2011 at 07:28 AM.
I dont need to create a zone for webstorm.co.za as its only used for nameservers do I? Only procleus and domains that will be hosted?
No you don't
Quote:
Should I have a zone file for the hostname of the machine or can that be delete aswell?
I don't get what you mean, but the hostname is irrelevant if you use dns
Anyway, first of all you need to register the domain procleus.co.za as it's not registered yet. During registration you need to define ns10-12.webstorm.co.za as the nameservers for that domain.
Btw, the zone file you've posted looks good and it should work once you have the domain.
The SOA record for procleus.co.za at 196.15.136.213 can not be retreived.
!
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain.
!
The SOA record for procleus.co.za at 196.15.136.214 can not be retreived.
!
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain.
!
The SOA record for procleus.co.za at 196.38.146.126 can not be retreived.
!
! The most common reasons for this is that the Nameserver is not currently
! reachable or the Nameserver has not been configured for this domain.
!
ERROR: No valid nameservers found - rejecting request.
.co.za domains are sometimes sticky, so i tried with procleus.com -> Whois currently points to ns10-12.webstorm.co.za
Here is the zone file
Quote:
; Zone file for procleus.com
$TTL 14400
procleus.com. 86400 IN SOA ns10.webstorm.co.za. gary.pul.co.za. (
2011060702 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
86400 ;minimum
)
procleus.com. 86400 IN NS ns10.webstorm.co.za.
procleus.com. 86400 IN NS ns11.webstorm.co.za.
procleus.com. 86400 IN NS ns12.webstorm.co.za.
procleus.com. 14400 IN A 196.15.136.221
localhost 14400 IN A 127.0.0.1
procleus.com. 14400 IN MX 0 procleus.com.
mail 14400 IN CNAME procleus.com.
www 14400 IN CNAME procleus.com.
ftp 14400 IN A 196.15.136.221
cpanel 14400 IN A 196.15.136.221
whm 14400 IN A 196.15.136.221
webmail 14400 IN A 196.15.136.221
webdisk 14400 IN A 196.15.136.221
projects 14400 IN A 196.15.136.221 www.projects 14400 IN A 196.15.136.221
However procleus.com isnt becoming live. Ping just hangs from another server. Also when you see where procleus.com points to its 196.15.136.211 and not 196.15.136.221?
Last edited by Steven Goodman; 06-07-2011 at 09:44 AM.
However procleus.com isnt becoming live. Ping just hangs from another server. Also when you see where procleus.com points to its 196.15.136.211 and not 196.15.136.221?
Did you reload the nameserver(s)? Because the serial is not the one you use and it's quite old.
;
;; ANSWER SECTION:
procleus.com. 14400 IN SOA ns10.webstorm.co.za. dns-admin.w ebstorm.co.za. 2010083101 28800 7200 604800 86400
;; AUTHORITY SECTION:
procleus.com. 14400 IN NS ns10.webstorm.co.za.
procleus.com. 14400 IN NS ns11.webstorm.co.za.
procleus.com. 14400 IN NS ns12.webstorm.co.za.
;; ADDITIONAL SECTION:
ns10.webstorm.co.za. 1104 IN A 196.15.136.213
ns11.webstorm.co.za. 1104 IN A 196.15.136.214
ns12.webstorm.co.za. 1104 IN A 196.38.146.126
This is normal. Your dns replies authoritatively for the domain in question and gives the correct answer, but for the rest of the world it's not authoritative (ns10-12 are). So when we lookup your domain, we get an answer from ns10-12 which is wrong.
If you can administer ns10-12, you should do your edits there. Else you need to define your vps server as authoritative and master for the domain and ns10-12 as the slaves (of course you need to edit their named.conf for this)
BTW procleus.com A RR is still wrong
Code:
; <<>> DiG 9.8.0-P2 <<>> procleus.com @196.15.136.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52078
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;procleus.com. IN A
;; ANSWER SECTION:
procleus.com. 14400 IN A 196.15.136.211
Thanks for your help, do I need to request these changes from the NOC/ISP as they administer ns10-12.webstorm.co.za and edit their named.conf file? I dont have access to this, so i'm guessing I need to request it, just not sure how to word it for them?
You should ask them to configure ns10-12 as slaves to your dns (at 196.15.136.221), that will be the master for your zone(s).
This way you don't have to bother them when you want to add/change RRs in your zone(s).
Of course doing so, you have to use:
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.