Bind, DNS, authoritativeness and so on
Can someone please explain to me where I am going wrong here? I've registered a domain with eu.org (pmsumner.eu.org), for which I am running a DNS on a home PC, and have zoneedit providing the secondary DNS. I can't seem to persuade my home PC to act as an authoritative server, presumably related to this response from nslookup: <-- -->
server pmsumner.force9.co.uk Default Server: pmsumner.force9.co.uk Address: 80.229.18.238
set type=ns pmsumner.eu.org Server: pmsumner.force9.co.uk Address: 80.229.18.238
Non-authoritative answer: pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^ <-- --> As you can see - something's not right there. I attach below my zone file for this domain, copy and pasted. Have been staring at this for hours. I can't see what's wrong. Can anyone else? -- -- -- -- -- -- -- -- -- $TTL 86400 pmsumner.eu.org. IN SOA pmsumner.force9.co.uk. root ( 2004102207 ; serial YYYYMMDDNN 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum IN NS pmsumner.force9.co.uk. IN NS ns8.zoneedit.com. IN MX 5 mail IN A 80.229.18.238 www IN A 80.229.18.238 mail IN A 80.229.18.238 -- -- -- -- -- -- -- -- -- Many thanks, Phil
Can someone please explain to me where I am going wrong here?
I've registered a domain with eu.org (pmsumner.eu.org), for which I am running a DNS on a home PC, and have zoneedit providing the secondary DNS.
I can't seem to persuade my home PC to act as an authoritative server, presumably related to this response from nslookup:
<-- -->
server pmsumner.force9.co.uk Default Server: pmsumner.force9.co.uk Address: 80.229.18.238
set type=ns pmsumner.eu.org Server: pmsumner.force9.co.uk Address: 80.229.18.238
Non-authoritative answer: pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^ <-- -->
As you can see - something's not right there. I attach below my zone file for this domain, copy and pasted. Have been staring at this for hours. I can't see what's wrong. Can anyone else?
As an aside and with more information........ If I do this from inside my internal network - I get the right answer:
set type=ns server 192.168.0.2 Default Server: [192.168.0.2] Address: 192.168.0.2
pmsumner.eu.org Server: [192.168.0.2] Address: 192.168.0.2
pmsumner.eu.org nameserver = ns8.zoneedit.com pmsumner.eu.org nameserver = pmsumner.force9.co.uk ns8.zoneedit.com internet address = 206.55.124.4 pmsumner.force9.co.uk internet address = 80.229.18.238 Does this help, or make things more confusing?
-- -- -- -- -- -- -- -- --
$TTL 86400 pmsumner.eu.org. IN SOA pmsumner.force9.co.uk. root ( 2004102207 ; serial YYYYMMDDNN 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum
IN NS pmsumner.force9.co.uk. IN NS ns8.zoneedit.com.
IN MX 5 mail
IN A 80.229.18.238 www IN A 80.229.18.238 mail IN A 80.229.18.238
-- -- -- -- -- -- -- -- --
On Fri, 2004-10-22 at 19:34, Phil Sumner wrote:
Can someone please explain to me where I am going wrong here?
I've registered a domain with eu.org (pmsumner.eu.org), for which I am running a DNS on a home PC, and have zoneedit providing the secondary DNS.
I can't seem to persuade my home PC to act as an authoritative server, presumably related to this response from nslookup: <snip>
Non-authoritative answer: pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^ <-- -->
As you can see - something's not right there. I attach below my zone file for this domain, copy and pasted. Have been staring at this for hours. I can't see what's wrong. Can anyone else?
How did you setup the DNS servers where you registered your domain? -- Ken Schneider UNIX since 1989 SuSE since 1998 * Only reply to the list please*
Ken Schneider wrote:
How did you setup the DNS servers where you registered your domain? I received this email from hostmaster@eu.org...
Your request [20040421235234-w3-95227] (domain PMSUMNER.EU.ORG) has been accepted. The following records will be inserted in the zone file: PMSUMNER IN NS PMSUMNER.FORCE9.CO.UK. IN NS NS8.ZONEEDIT.COM. You can see from the dateline there that this request was actually submitted in April - I had it all sorted then, but deleted it all because I thought it wasn't going to happen! Phil
On Friday 22 October 2004 19:34, Phil Sumner wrote:
Can someone please explain to me where I am going wrong here?
I've registered a domain with eu.org (pmsumner.eu.org), for which I am running a DNS on a home PC, and have zoneedit providing the secondary DNS.
I can't seem to persuade my home PC to act as an authoritative server, presumably related to this response from nslookup:
Is your home PC assigned a fixed IP? It really needs to be if it's going to be a name server. You should follow Ken's advice and check your domain name registration account to see what name servers were specified.
<-- -->
server pmsumner.force9.co.uk
Default Server: pmsumner.force9.co.uk Address: 80.229.18.238
set type=ns pmsumner.eu.org
Server: pmsumner.force9.co.uk Address: 80.229.18.238
Non-authoritative answer: pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^
This is clearly foobarred. "dig ns pmsumner.eu.org" confirms it. I'm pretty sure this has to be fixed upstream of your server. Maybe one of the dns gurus can verify this. I looked at your zone file and didn't see any obvious problems although my preference is to use CNAMES for aliases instead of A records (others prefer your way so there's no reason to change it). Jeff
Jeffrey Laramie wrote:
Is your home PC assigned a fixed IP? It really needs to be if it's going to be a name server. You should follow Ken's advice and check your domain name registration account to see what name servers were specified. Yep, it is indeedy. One of the benefits of force9's loveliness.
As to the DNS specified on registration - I received this from hostmaster@eu.org - The following records will be inserted in the zone file: PMSUMNER IN NS PMSUMNER.FORCE9.CO.UK. IN NS NS8.ZONEEDIT.COM.
This is clearly foobarred. "dig ns pmsumner.eu.org" confirms it. I'm pretty sure this has to be fixed upstream of your server. Maybe one of the dns gurus can verify this. I looked at your zone file and didn't see any obvious Thank you for your time in looking at it. I'll probably leave it a few days for things to propogate properly as it's all very newly registered. Hopefully that'll help.
problems although my preference is to use CNAMES for aliases instead of A records (others prefer your way so there's no reason to change it). Ahh, the joys of DNS where everyone has a different way of doing it ;) It's worse than Perl!
Ta, Phil
problems although my preference is to use CNAMES for aliases instead of A records (others prefer your way so there's no reason to change it).
Ahh, the joys of DNS where everyone has a different way of doing it ;) It's worse than Perl!
Yeah, DNS can be a challenge. I've heard convincing arguments for both CNAMES and A records for aliases but honestly I don't remember what they are :-p I've been doing it this way for years and it works so I don't screw with it. I'm also on a mail server list and let me tell you, mail admins know their DNS! Here's a couple links that were given to me which may be helpful: http://www.dnsstuff.com/ http://www.dnsreport.com/ You may not get much from them now, but once your server gets correct authority they can be really useful, especially the 2nd one. Jeff
Jeffrey wrote regarding 'Re: [SLE] Bind, DNS, authoritativeness and so on' on Sat, Oct 23 at 07:56:
problems although my preference is to use CNAMES for aliases instead of A records (others prefer your way so there's no reason to change it).
Ahh, the joys of DNS where everyone has a different way of doing it ;) It's worse than Perl!
Yeah, DNS can be a challenge. I've heard convincing arguments for both CNAMES and A records for aliases but honestly I don't remember what they are :-p
Just remember not to use a CNAME as an MX, as several mail servers will gripe about that and not deliver mail. Otherwise, I use CNAMES for everything possible, as it reduces the number of places I've gotta change things. --Danny, who's pretty sure his way of using perl is the right way ;)
On Saturday 23 October 2004 01:34, Phil Sumner wrote:
Can someone please explain to me where I am going wrong here?
Non-authoritative answer:
pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^ <-- -->
$TTL 86400 pmsumner.eu.org. IN SOA pmsumner.force9.co.uk. root ( 2004102207 ; serial YYYYMMDDNN 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum
IN NS pmsumner.force9.co.uk. IN NS ns8.zoneedit.com.
IN MX 5 mail
IN A 80.229.18.238 www IN A 80.229.18.238 mail IN A 80.229.18.238
You have committed the mistake that all new DNS admins do - you have forgotten the trailing dot on your IN entries. Without the trailing dot BIND assumes that the address is relative to the master domain. Try www IN A 80.229.18.238. Note the trailing dot... Paul -- Paul Hewlett (Linux #359543) Email:`echo az.oc.evitcaten@ttelweh | rev` Tel: +27 21 852 8812 Cel : +27 72 719 2725 FAX: +27 866720563 --
On Saturday 23 October 2004 10:36, Paul Hewlett wrote:
On Saturday 23 October 2004 01:34, Phil Sumner wrote:
Can someone please explain to me where I am going wrong here?
Non-authoritative answer:
pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^ <-- -->
$TTL 86400 pmsumner.eu.org. IN SOA pmsumner.force9.co.uk. root ( 2004102207 ; serial YYYYMMDDNN 3H ; refresh 15M ; retry 1W ; expiry 1D ) ; minimum
IN NS pmsumner.force9.co.uk. IN NS ns8.zoneedit.com.
IN MX 5 mail
IN A 80.229.18.238 www IN A 80.229.18.238 mail IN A 80.229.18.238
You have committed the mistake that all new DNS admins do - you have forgotten the trailing dot on your IN entries. Without the trailing dot BIND assumes that the address is relative to the master domain.
Try
www IN A 80.229.18.238.
Note the trailing dot...
AFAIK this applies only to names, not to ip numbers. Cheers, Leen
On Saturday 23 October 2004 01:34, Phil Sumner wrote:
Can someone please explain to me where I am going wrong here?
I've registered a domain with eu.org (pmsumner.eu.org), for which I am running a DNS on a home PC, and have zoneedit providing the secondary DNS.
I can't seem to persuade my home PC to act as an authoritative server, presumably related to this response from nslookup:
<-- -->
server pmsumner.force9.co.uk
Default Server: pmsumner.force9.co.uk Address: 80.229.18.238
set type=ns pmsumner.eu.org
Server: pmsumner.force9.co.uk Address: 80.229.18.238
Non-authoritative answer: pmsumner.eu.org nameserver = 80.229.18.238.pmsumner.eu.org ^^^^^^^^^^^^^^^^^^^^^^ <-- -->
As you can see - something's not right there. I attach below my zone file for this domain, copy and pasted. Have been staring at this for hours. I can't see what's wrong. Can anyone else?
AFAICS it looks good. But I think we need the corresponding zone declarations in named.conf. Perhaps you can compare your config with the examples in /usr/share/doc/packages/bind/sample-config/? Cheers, Leen
On Sat, 23 Oct 2004, Leendert Meyer wrote:
AFAICS it looks good. But I think we need the corresponding zone declarations in named.conf.
zone "pmsumner.eu.org" in { type master; file "pmsumner.zone"; notify explicit; also-notify { 216.122.4.151; 69.10.134.196; }; allow-transfer { 216.122.4.151; 206.55.124.4; 69.10.134.196; }; }; The notifys and transfers are for zoneedit, my secondary DNS provider.
in /usr/share/doc/packages/bind/sample-config/? Can't see anything majorly different. Everything looks vaguely similar.
Phil
participants (6)
-
Danny Sauer -
Jeffrey Laramie -
Ken Schneider -
Leendert Meyer -
Paul Hewlett -
Phil Sumner