| |
| |
| |
|
Page: 1 2
Comments:
<0> check your root cache file is upto date and configured in named.conf, check your forwaders clause(s), check your resolv.conf, nsswitch.conf files
<0> make sure bind is listening on your outside facing interface
<0> check your firewall allows outbound queries and inbound answers
<1> also check for packet filters.
<2> uptodate: yes, resolv.conf: nameserver (theip), nsswitch: hosts: files dns, listening on 0.0.0.0 and explicit ip, doing within local network (and even on local machine)
<2> i can `dig @(isp's dns server) www.google.com` fine
<2> but when using the bind server it's not
<0> pastebin your named.conf options directives
<3> woah
<3> populated
<2> even `dig @192.168.1.1` works for outbound, 1.1 is the exposed router/firewall and takes on dns from dhcp
<2> EyeCue: will do
<0> hang, configuring my tv epg.
<2> EyeCue: my named.conf: http://pastebin.com/719513
<0> you will want to set forwarders
<2> EyeCue: I want to forward requests to 192.168.1.1
<2> forward first;
<2> forwarders {
<2> 192.168.1.1;
<2> };
<2> isn't correct
<2> ?
<0> ah
<0> scuse, saw commented entries
<2> EyeCue: ah, using webmin and had another do inital conf. so there's some muck in there so to speak
<0> might want to clean it up, might help you identify where the problem might be
<0> try also running a tcpdump on -ioutside_if udp 53
<0> port 53
<0> rather
<0> see whats leaving and comin in
<0> and if its all expected, or if anythings missing
<2> EyeCue: alright. What is a delegation zone?
<2> I have this commented out: zone "COM" { type delegation-only; };
<0> gno idea
<2> rgr
<0> you prolly dont need it, ive never seen it before
<0> prolly related to stubbing
<0> delegate a zone to another ns,
<0> twkm can prolly clear it up
<2> EyeCue: emerging tcpdump =)
<0> its not in your base?!
<2> EyeCue: nope
<2> I'm a programmer playing the sysadmin role, haven't needed it yet (it is a relatively new machine too)
<0> weird :D
<0> Im from the FreeBSD camp.
<2> The company is large enough to need net admins but small enough that the programmers are multitasking =)
<0> Such is life :D
<2> EyeCue: hmm, doing a `tcpdump -ieth1 port 53` and running a dig but getting no output
<0> udp port 53
<0> try on the internal interface as well
<2> shouldn't port do tcp and udp?
<2> sorry, 'internal interface' ?
<0> spose
<0> um
<2> i'm runnign the dig on thes ame machine
<0> how many nics has this thing got?
<2> only 1 that's active
<0> whats its ip address
<2> (onboard and pci gigabit)
<2> 192.168.1.2
<0> it uses a gateway? and its not a live ip?
<0> hmm.
<0> and you see nothing outbound
<2> EyeCue: ah, getting output now, not sure what I had wrong
<0> mind you, outbound stuff is probably on unprivileged ports
<2> pastebin?
<0> sure
<2> here's an interesting tidbit
<2> a dig @127.0.0.1 works...
<2> but a dig @192.168.1.2 doesn't
<0> whats the entire query
<2> dig @127.0.0.1 www.google.com
<0> netstat -an
<0> paste named named related lines
<2> udp 0 0 192.168.1.2:53 0.0.0.0:*
<2> udp 0 0 127.0.0.1:53 0.0.0.0:*
<0> strange :D
<2> tcp 0 0 192.168.1.2:53 0.0.0.0:* LISTEN 31491/named
<2> tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 31491/named
<2> tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 31491/named
<2> EyeCue: pastebin still upping, been slow today
<0> k
<0> has been yeh
<2> sending directly as it has some more sensitive info
<2> two www.google.com requests
<2> the first using @192.168.1.2 the second @127..., both from the same machine
<2> along with some other request traffic
<0> uh
<0> that dump is from what box?
<0> .1.2 right?
<2> yes
<2> (fiona)
<0> its asking 1.1 for answers
<0> if that expected?
<2> resolv.conf has 1.2
<0> #
<0> 16:37:27.477927 IP fiona.pilgrimpage.local.32806 > 192.168.1.1.domain: 44062+ [1au] A? www.google.com. (43)
<2> yeah that's waht i want
<0> you want fiona to ask .1.1 for answers?
<2> well christ
<2> for outside names
<2> a dig at 1.2 is working now
<2> but didn't before
<0> odd.
<0> so sorted?
<2> sorry, sorted?
<0> problem is gone now?
<0> all done?
<2> oh it'll be back, I didn't modify anything
<2> EyeCue: well, it's working now
<0> set your resolv.conf nameserver entry to 127.0.0.1
<0> set multiple forwarders in named.conf
<0> let bind take care of resolving ****
<2> EyeCue: works as well
<0> what was nameserver set to before in resolv?
<2> 1.2
<2> this ultimately needs to go into windows dns conf
<2> (through a dhcp server)
<0> sure
<2> it's working from other machines as well
<2> hmm
<2> so many hours and I dont' know why it works now
<2> gotta love thgat feeling..
<0> it got scared
<0> that you were in #dns
<0> so it decided to behave
<2> damn bind
<0> shh
<0> :)
<2> I was considering djbdns
<2> heh
<2> maybe it realized that and got into shape
<0> dont use evil words in here :)
<2> heh
<2> alright, well I'm going to sheepishly clock my time and get a drink
<2> thanks for the help EyeCue
<0> welcome
<4> hi guys, if i want to handle the sub domain names myself, does that mean i need to setup a dns server?
<1> L-----D: well, "myself" seems to say that you would.
<1> L-----D: of course you can probably do just as well with a service provider (see topic).
<5> hello
<5> i just was curious how long it takes for domains to be available?
<5> secondly if you do a bulk purchase of domains, should you receive 2 records from the noc of the registrar or just 1 with the primary or top domain?
<5> also if you have a voip adapter (it's really a router) and an existing router, do you need to turn off dchp on 1 of them?
<5> the reason i am asking is because i was using editzone or zoneedit and now that we have vonage i can no longer get things to work like before befcause of the addition of this voip adapter or router.
<0> its not wise two have 2 dhcp server on the same network segment that both think theyre authoritive
<5> that is probably the reason why i am unable to sync anything up anymore.
<6> i have a domain pointing to a dynamic ip. when i add the dns as the source address in iptables, it resolves the domain and points to the ip instead of the domain. how do i make it point to the domain name?
<7> Lopa: is that when you do iptables -L ?
<8> is it possible load balnace dns service without a load balancer service?
<8> or do you need some kind of load balancing gateway?
Return to
#dns
or
Go to some related
logs:
got bad file info torrent ubuntu
libstdc libc6 centos5
#gimp
#web
debian firefox 1.5 keeps crashing
ubuntu deutsch keymap
nondetermistic turing machine wikipedia
#math
apt-get gdk ubuntu
courier-pop ERR maildir
|
|