Mailinglist Archive: opensuse (818 mails)

< Previous Next >
Re: [opensuse] bind DNS: forwarders not working unless named is restarted
On 04/07/12 07:57, Per Jessen wrote:
lynn wrote:

On 03/07/12 20:31, Per Jessen wrote:

Hi Per, hi everyone

I guess you know forwarding is broken because your queries aren't
forwarded to the _right_ nameservers? I mean, you have a special
reason for needing to use the dragonet.es nameservers?

Only that it would relieve our own servers.

I think it would be good to verify if forwarding happens or not (use
tcpdump) and then do a "dig <something>", then "dig +trace <something>"
that will require forwarding. That ought to give us something to start
on.


It looks as if our servers are doing it all (192.168.1.2 is the DNS on DC1):

dig google.es

; <<>> DiG 9.8.1-P1 <<>> google.es
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2680
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;google.es. IN A

;; ANSWER SECTION:
google.es. 130 IN A 74.125.230.95
google.es. 130 IN A 74.125.230.87
google.es. 130 IN A 74.125.230.88

;; AUTHORITY SECTION:
google.es. 86230 IN NS ns1.google.com.
google.es. 86230 IN NS ns2.google.com.

;; ADDITIONAL SECTION:
ns1.google.com. 345551 IN A 216.239.32.10
ns2.google.com. 345551 IN A 216.239.34.10

;; Query time: 17 msec
;; SERVER: 192.168.1.2#53(192.168.1.2)
;; WHEN: Wed Jul 4 10:48:42 2012
;; MSG SIZE rcvd: 153

dig +trace google.es

; <<>> DiG 9.8.1-P1 <<>> +trace google.es
;; global options: +cmd
. 516050 IN NS m.root-servers.net.
. 516050 IN NS h.root-servers.net.
. 516050 IN NS f.root-servers.net.
. 516050 IN NS d.root-servers.net.
. 516050 IN NS c.root-servers.net.
. 516050 IN NS e.root-servers.net.
. 516050 IN NS g.root-servers.net.
. 516050 IN NS k.root-servers.net.
. 516050 IN NS l.root-servers.net.
. 516050 IN NS j.root-servers.net.
. 516050 IN NS b.root-servers.net.
. 516050 IN NS a.root-servers.net.
. 516050 IN NS i.root-servers.net.
;; Received 436 bytes from 192.168.1.2#53(192.168.1.2) in 226 ms

es. 172800 IN NS ns3.nic.fr.
es. 172800 IN NS f.nic.es.
es. 172800 IN NS ns15.communitydns.net.
es. 172800 IN NS ns-ext.nic.cl.
es. 172800 IN NS ns1.cesca.es.
es. 172800 IN NS sns-pb.isc.org.
es. 172800 IN NS a.nic.es.
;; Received 453 bytes from 192.112.36.4#53(192.112.36.4) in 297 ms

google.es. 86400 IN NS ns2.google.com.
google.es. 86400 IN NS ns1.google.com.
;; Received 73 bytes from 194.69.254.1#53(194.69.254.1) in 227 ms

google.es. 300 IN A 74.125.230.87
google.es. 300 IN A 74.125.230.88
google.es. 300 IN A 74.125.230.95
;; Received 75 bytes from 216.239.34.10#53(216.239.34.10) in 100 ms

/etc/named.conf
options {
directory "/var/lib/named";
managed-keys-directory "/var/lib/named/dyn/";
forwarders { 217.70.240.135; 217.70.240.136; 192.168.1.3; };
listen-on-v6 { none; };
notify no;
tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
};
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
include "/etc/named.conf.include";
include "/usr/local/samba/private/named.conf";


named startup:
Jul 4 11:04:34 hh1 named[3188]: starting BIND 9.8.1-P1 -u named
Jul 4 11:04:34 hh1 named[3188]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2' '--with-dlz-mysql' '--with-dlz-ldap' 'CFLAGS=-fomit-frame-pointer -fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -DNO_VERSION_DATE -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib'
Jul 4 11:04:34 hh1 named[3188]: adjusted limit on open files from 4096 to 1048576
Jul 4 11:04:34 hh1 named[3188]: found 1 CPU, using 1 worker thread
Jul 4 11:04:34 hh1 named[3188]: using up to 4096 sockets
Jul 4 11:04:34 hh1 named[3188]: loading configuration from '/etc/named.conf'
Jul 4 11:04:34 hh1 named[3188]: reading built-in trusted keys from file '/etc/bind.keys'
Jul 4 11:04:34 hh1 named[3188]: using default UDP/IPv4 port range: [1024, 65535]
Jul 4 11:04:34 hh1 named[3188]: using default UDP/IPv6 port range: [1024, 65535]
Jul 4 11:04:35 hh1 named[3188]: listening on IPv4 interface lo, 127.0.0.1#53
Jul 4 11:04:35 hh1 named[3188]: listening on IPv4 interface eth1, 192.168.1.2#53
Jul 4 11:04:35 hh1 named[3188]: generating session key for dynamic DNS
Jul 4 11:04:35 hh1 named[3188]: sizing zone task pool based on 3 zones
Jul 4 11:04:35 hh1 named[3188]: Loading 'AD DNS Zone' using driver dlopen
Jul 4 11:04:35 hh1 named[3188]: samba_dlz: Unknown parameter encountered: "wide links"
Jul 4 11:04:35 hh1 named[3188]: samba_dlz: Ignoring unknown parameter "wide links"
Jul 4 11:04:35 hh1 named[3188]: samba_dlz: started for DN DC=hh3,DC=site
Jul 4 11:04:35 hh1 named[3188]: samba_dlz: starting configure
Jul 4 11:04:35 hh1 named[3188]: samba_dlz: configured writeable zone 'hh3.site'
Jul 4 11:04:35 hh1 named[3188]: samba_dlz: configured writeable zone '_msdcs.hh3.site'
Jul 4 11:04:35 hh1 named[3188]: set up managed keys zone for view _default, file '/var/lib/named/dyn//managed-keys.bind'
Jul 4 11:04:35 hh1 named[3188]: Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 0.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 127.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 254.169.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: D.F.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 8.E.F.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 9.E.F.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: A.E.F.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: B.E.F.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Jul 4 11:04:35 hh1 named[3188]: command channel listening on 127.0.0.1#953
Jul 4 11:04:35 hh1 named[3188]: couldn't add command channel ::1#953: address not available
Jul 4 11:04:35 hh1 named[3188]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42
Jul 4 11:04:35 hh1 named[3188]: zone localhost/IN: loaded serial 42
Jul 4 11:04:35 hh1 named[3188]: managed-keys-zone ./IN: loaded serial 0
Jul 4 11:04:35 hh1 named[3160]: Starting name server BIND ..done
Jul 4 11:04:35 hh1 named[3188]: running
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups