| |
| |
| |
|
Comments:
<0> i put notify yes on. but i can't check the log files on slave
<1> oh
<1> heh right
<1> and a transfer message on the master?
<0> grep transfer on all my logs: 05-Jul-2006 17:55:00.950 client 127.0.0.1#36506: transfer of 'caraguanet.com.br/IN': AXFR started -> i got an line with and ended in final.
<0> 05-Jul-2006 18:06:16.056 client 200.178.161.4#41213: transfer of 'caraguanet.com.br/IN': AXFR-style IXFR started -> same thing with the ended
<1> if the timestamp fits, that should be it
<1> what does the slave report?
<0> ah, nice... dig on slave returned the right serial
<1> that's it then
<1> i need a bed
<1> good night
<0> ok...
<0> thanks!!!
<0> good night
<2> TheBonsai: i am now -- what's up?
<3> twkm: got it. thx. just wanted you to see some funny behaviour (that discusssion). good morning :]
<2> oh, i missed it. (yay?) m0rning!
<3> twkm: it proofed that bind treats zone transfers separate from the other queries. http://pastebin.ca/79855. look at the serial in both SOA, i was like wtf
<2> eh?
<1> you got info from the old zone data on AXFR and info from the new zone data on IN SOA
<2> oh, i think i see what you mean. bind treats different rrsets differently, yes.
<1> that was new for me. well ok, a restart did it (after realizing the guy always reloaded, not restarted)
<4> TheBonsai, twkm: was that the authoritative ns for the domain?
<4> if not it could be possible that it got the results from different name servers outside, right?
<5> my freaking PHB is trying to manage dns... Is supplying an A record for a child zone like this legal? http://pastebin.ca/80279
<6> (excuse crossposting from #bind) - our Bind 9.2.5 install consistently returns SERVFAIL for some, apparently random external domains. They resolve fine from other DNS servers, and dig +trace works OK on the affected machine. Can anyone help?
<7> bnm: are these zones hosted by the local machine?
<6> megaTherion: no, they're not
<6> our locally hosted zones and most external ones work fine
<7> bnm: what's the problem then?
<7> I didnt understand that
<7> SERVFAIL for external domains - maybe a networking/firewall problem
<6> for example, if I do "dig www.thechap.net" via our nameserver, i get SERVFAIL
<6> if I do "dig +trace www.thechap.net" via our ns, it works
<6> or the same without trace from a different nameserver, it works
<6> If it was a networking/firewall issue, do you know which logs I should look at to diagnose?
<7> bnm: the logs in /var/log depends on your configuration
<6> i can only find query.log, which doesn't tell me about why the SERVFAIL occurred
<6> thanks very much though!
<7> bnm: you might try a standard installation with a cache-only config if that doesnt works it must be a networking problem
<6> i'll try to set up a new server on a different box and see how it goes. Cheers
<6> megaTherion: looks like an issue with bogus nets being blackholed, hopefully I can sort it now. Bye!
<8> hi
<8> anybode here?
<8> help :)
<9> you havnt asked a dns question yet
<8> sorry :)
<8> i have problem with bind on my debian box
<8> i have wireless network and users that are auth with radius server
<8> i have mail server on ns1 and web server on ns2
<8> but when someone
<8> in local want to send mail ., they are redirected
<8> to external ip adres for example 212.62.44.10
<8> i want to use 192.168.1.1
<8> i lost in speed because they use external
<8> if u understand me :)
<8> ?
<8> and
<9> use views for internal direct addresses
<8> hm i dont understand plz i am noob
<8> in dns world
<8> use view?
<9> views give different addresses to to internal ip than to external ips
<8> how to do that?
<8> with bind
<9> can also be done by editing the user pc's host file but that requires more upkeep
<8> on client dns server are 192.168.* format
<10> nuller: arm 4.4.3
<8> not external
<8> arm hm
<8> what is arm :)
<4> Administrative Reference Manual or somethin like that
<8> ok once again : can bind resolve my domain names www.blood.org for local users 192.168.1.1 and for externals 212.62.47.100
<10> http://www.google.com/search?q=bind+arm
<10> nuller: as archivist said - use view statements.
<8> i never use that statements
<8> syntax? or some doc :)
<8> or just use google :)
<10> did you look at the link i gave?
<8> yep i am on it now
<8> DNS BIND view Clause
<8> :)
<8> i need to read some artocles tnx on right track
<11> can I use somthing like this?
<11> $ORIGIN *.example.com.
<11> to set ns for every upcomming subdomains?
<11> OR this one
<11> * IN CNAME www.example.com.
<2> no.
<2> err.
<2> the ORIGIN cannot be a wildcard. you can have wildcard data.
<5> my freaking PHB is trying to manage dns... Is supplying an A record for a child zone like this legal? http://pastebin.ca/80279
<11> twkm, you know what I want every subdomain like blah.exemple.com points to www.example.com
<11> twkm, but *blah* is variable it could be twkm
<5> raidman your origin should be example.com
<5> then the wildcard record.
<5> wildcarding an ns record is dumb.
<11> hmm!
<5> there is no reason to wildcard an ns record, ever, because ns records work like wildcards.
<11> |ryan-, you know really my problem what is?
<5> i have an ns record for blaw.example.com, *.blaw.example.com is looked up via that name server.
<10> |ryan-: how else would an ip for that zone's nameserver be resolved?
<11> |ryan-, I whant every upcoming subdomain points to a directory in public_html
<5> yeah, a wildcard cname record will work for that.
<11> |ryan-, then when I need a subdomain I have to create a directory in there
<11> |ryan-, thanks :)
<11> twkm, thanks :)
<11> is this correct?
<11> http://pastebin.ca/80586
<11> last three lines
<11> brb
<2> |ryan-: you must provide an a record when the delegation is to a name within the delegated zone, this is called glue.
<2> raidman|Away: actually i had no idea what you wanted.
<2> raidman|Away: i tend never to use $ORIGIN.
<2> raidman|Away: your mx needs a preference value.
<2> raidman|Away: you should provide a $TTL.
<2> raidman|Away: using rfc-1918 data in a public zone isn't too useful, unless the dns traffic will p*** thru a alg that will convert the values.
<11> hi again :)
<11> |ryan-, it was correct?
<2> i wouldn't bother with a cname for the wildcard, since the address is known use an a record instead.
<11> twkm, so what's the best way for doing that?
<2> which?
<11> twkm, you don't agree with wildcard in CNAME right?
<2> well. if you have a known ip address i see no reason to use a cname.
<2> and, i think wildcards are silly - and quite prone to cause problems.
<11> thanks twkm :)
<1> m4n_away: it was authorative
Return to
#dns
or
Go to some related
logs:
nessus-services could not be found
#web
apache2 site-enable
#linux
#javascript
ati m9700 open source drivers xorg
#python
compiz plugin wobby
#perl
gentoo mplex emerge
|
|