| |
| |
| |
|
Page: 1 2
Comments:
<0> megaTherion: from the logs i can't figure out why it doesn't start , if i start it non-chroot is works
<1> linnewbye: most probably a path problem
<0> megaTherion: so why doesn't it says something in the logs
<0> the path is ok
<0> in /chroot/named is etc/named.conf
<0> megaTherion: http://rafb.net/p/txyzgt33.html
<1> linnewbye: cant you check logs? ;)
<1> linnewbye: maybe you used wrong path in named.conf
<0> megaTherion: i've pasted earlyer what logs say
<0> teFeb 8 16:46:38 ns named[14421]: starting BIND 9.3.2-P1 -t /chroot/named -c /etc/named.conf
<0> Feb 8 14:46:38 ns named[14421]: found 1 CPU, using 1 worker thread
<0> Feb 8 14:46:38 ns named[14421]: loading configuration from '/etc/named.conf'
<0> root@ns:/var/log#
<0> this is what syslog says
<1> linnewbye: and whats the problem, it doesnt start?
<0> yes
<1> linnewbye: rdnc doesnt work
<1> ?
<0> oot@ns:/chroot/named/etc# rndc reload
<0> rndc: connect failed: connection refused
<0> which seems perfectly normal since named it's not running
<1> sure
<1> no clue then
<1> its a configuration problem
<1> sure
<0> megaTherion: any ideea how can i make more verbose logs so i can troubleshoot this ?
<1> linnewbye: uhm there are some logging { } stuff in named.conf you better check the manualk
<1> -k
<2> Hi all!
<2> I've got a customer whose WHOIS record has the correct nameservers, but the root nameservers don't have any SOA record for the domain.
<2> What gives?
<2> whois nancykoerbel.com. works, but dig nancykoerbel.com. soa returns NXDOMAIN
<2> how can this be? Did the registrar fsckup?
<1> alephant: then the auth. nservers obviously dont provide any zone record
<2> uh... I thought it worked differently :-)
<2> I thought that the registrar created the SOA based on the webform, and p***ed it to the root nameservers
<2> sorry, dropped a piece of info from my "dig"
<2> the dig was actually @a.gtld-servers.net.
<2> am I wrong in my understanding of how the SOA works?
<1> alephant: the SOA record is in the zone file which belongs to the authorative nameservers
<2> I thought that recursive resolution asked the roots for SOA .com., then asks the .com. auth for SOA foo.com., then asks the foo.com. auth for www.foo.com.
<2> so how does the .com. auth know who's auth for foo.com. if not from an SOA?
<1> alephant: the .com contains the NS records for foo.com and asks them
<2> really!
<2> so .com auth ns doesn't have SOA records for subdomains, it asks the auth NS directly!?
<2> learn something new every day
<2> now that doesn't explain WHY (or really, HOW, or WHOBROKEIT) our nameservers don't have SOA for this domain :-b
<1> alephant: I told ya already, please dont ask the same question twic, I said: the auth. nservers dont have no zone file for the domain
<2> uh, asking the same question twice != restating a surprising fact to ensure understanding
<2> "P*** the peas." "I didn't make peas." "I thought you said you'd make peas! They're my favorite!"
<3> anyone have details (packet rate) on the root dns attack?
<4> can i get a ip for a good working dns server? starbucks in kairo ****s...
<5> run one yourself
<4> well i dont have time now.
<6> hi
<6> i have registered a domain, let's say foo.com, my nameserver is ns.hesperia.com. how can i make my nameserver resolve foo.com into my ip?
<1> @ IN A x.x.x.x
<6> @ ?
<6> megaTherion: care to explain a bit..? :-) thanks
<7> in bind 9, how are views handled with slaves...does the slave just get the view that it matches or do you specify it somehow?
<1> hesperia: @ means the $ORIGIN you are in (the zone)
<6> megaTherion: ok, my zone is hesperia.com. how does the above help resolve foo.com ? (not my zone)
<1> hesperia: it doesnt you cannot manipulate forgein zones except you have access to the zonefile
<8> If i haver reverse delegation for a C subnet: like /27, does the SOA server need to be one of the delegated dns servers?
<1> hesperia: maybe you are in the wrong channel
<1> xai: no
<1> xai: that has nothing to do with DNS
<6> megaTherion: i want to host foo.com
<1> hesperia: then get foo.com
<6> which one is the appropriate channel ?
<8> Ok, good.. The dns servers that the delegation points to are not responding though.. oh boy..
<1> hesperia: that depends till now you told me you want to access foo.com but you dont own foo.com
<7> anybody here know how views work with slaves?
<7> i'm probably over thinking it, but do i have to specify which view i want to replicate to the slave?
<7> or does it just pick the view based on the match-clients
<8> jcims: Should be per zone probably..
<8> Im not sure if you can slave a view though..
<7> hmmm.
<7> that would be unfortunate
<7> ok...guess i'll have to play a bit
<7> thanks!
<8> But I know little about views so wait a sec.
<6> <6> actually i am a member of a wireless community
<6> <6> we have the awmn. root zone
<6> <6> my zone is bedazzled.awmn
<6> <6> my nameserver is ns.bedazzled.awmn
<6> <6> i have registered security.awmn and acrobase.awmn
<6> <6> bash-3.1$ grep security awmn.
<6> <6> security NS ns0.bedazzled.ns
<8> http://www.knowplace.org/pages/howtos/split_view_with_bind_9_howto.php
<6> <6> bash-3.1$ grep acrobase awmn.
<6> <6> acrobase NS ns0.bedazzled.ns
<6> <6> see what i mean? :)
<6> now, HOW can i make security.awmn and acrobase.awmn resolve into ns.bedazzled.awmn ?!
<7> xai: i got inspired to google it again..funny how 'bind view slave' points right at the bind faq: How can I make a server a slave for both an internal and an external view at the same time?
<7> lol..
<7> thanks
<8> nice work.. share your findings.
<8> oh, you did :)
<6> anyone ?
<7> hesperia: is that file you're grepping the awmn root zone file?
<6> jcims: yeap
<7> so what does 'dig @that.server security.awmn ns' return?
<7> ns0.bedazzled.ns?
<6> ns0.bedazzled.ns.awmn. is the FQDN
<6> or ns.bedazzled.awmn.
<7> which?
<7> both?
<6> yeap
<7> who owns ns.awmn. ?
<6> the hostmaster
<6> what do i put in "that.server" ?
<7> the awmn. root server
<7> i'm no guru :) just thinking it through with you :)
<6> bash-3.1$ dig @www.awmn security.awmn ns
<6> ; <<>> DiG 9.3.2-P1 <<>> @www.awmn security.awmn ns
<6> ; (1 server found)
<6> ;; global options: printcmd
<6> ;; Got answer:
<6> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34132
<6> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
<6> ;; QUESTION SECTION:
<6> ;security.awmn. IN NS
<6> ;; Query time: 36 msec
<6> ;; SERVER: 10.19.143.13#53(10.19.143.13)
<6> ;; WHEN: Thu Feb 8 23:30:44 2007
<6> ;; MSG SIZE rcvd: 31
<7> so you have security.awmn ns -> ns0.bedazzled.ns.awmn. is ns.bedazzled.awmn a cname for ns0?
<7> looks broken
<7> wonder why there is no server in there...
<7> are you sure ns0.bedazzled.ns.awmn. has an A record?
<6> bash-3.1$ nslookup ns.bedazzled.awmn
<6> Server: 127.0.0.1
<6> Address: 127.0.0.1#53
<6> ns.bedazzled.awmn canonical name = server.bedazzled.awmn.
<6> Name: server.bedazzled.awmn
<6> Address: 10.83.253.2
<6> bash-3.1$ nslookup ns0.bedazzled.ns.awmn
<6> ;; Truncated, retrying in TCP mode.
<6> Server: 127.0.0.1
<6> Address: 127.0.0.1#53
<6> Name: ns0.bedazzled.ns.awmn
<6> Address: 10.83.253.2
<7> ok...there's nothing linking ns.bedazzled.awmn to ns0.bedazzled.ns.awmn, right?
<7> i think that's where its broken
<6> why broken? it's the same IP address :|
<7> this is where my recursion knowledge fails me. client goes to root for the ns record, gets ns0....
<7> brb
<6> see this one also, from the bedazzled.awmn. zone
<6> @ SOA ns0.bedazzled.ns.awmn. hostmaster.bedazzled.awmn. (
Return to
#dns
or
Go to some related
logs:
hexidigital
#python
kcontrolrc not writable
write: Broken pipe
transcode syncinfo write error (0) broken pipe
#math
debian realtek 8185
#perl
#css
#ubuntu
pfsense speedtouch
|
|