How do I know the reply was from caching-nameserver, master nameserver or slave nameserver in BIND DNS.? Can I trace the nameserver that replied my dns query? Like I have a master nameserver, a slave nameserver and a caching nameserver in my network. Is it possible to know that which of these servers replied my dns query? Also can i trace back that replying server exactly?
View 3 Replies
what is bind vs bind-chroot vs caching-nameserver ?what is the different between eatch others ?
View 7 Replies View RelatedMy configuration: CentOS in a VPS environment, I have 2 static IPs at my disposal.I'm having trouble setting up my nameservers. I've registered the nameservers with my registrar and supplied the GLUE records, however my registrar has not yet applied this information into the DNS zone, because my nameservers fail to generate a response on port 53.DNS check says the following about my nameserver address:Checking SOA records for domain. Domain server is not answering to UDP requests on port 53. Possible problems: A firewall is blocking port 53, server is down, server is not running software for handling dns requests.So the only two possibilities I see is that my port 53 is somehow blocked or not properly set to accept and send the correct traffic or that I've misconfigured BIND.
View 2 Replies View RelatedI am working one project and i want to know that is it possible to find out the DNS (BIND) QPS (query per second). I mean how many QPS BIND can handle.
View 2 Replies View Relatedthis is not on the master node, but rather the node that is being replicated to. The problem occurs when i query using ldapsearch or an `getent passwd` EG ldapsearch:
Code:
[root@cakeslave ~]# ldapsearch -x -b 'cn=Christian Unger,ou=People,dc=example,dc=org' -D "cn=replica,dc=example,dc=org" -H ldaps://cakeslave.example.org -w cakewalk
ldap_bind: Can't contact LDAP server (-1)
additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[code]....
The cacert.pem in /etc/ssl/certs and /etc/openldap/certificate are identical (check using md5sum). I have done an strace and found that it looks at /etc/pki/tls/cert.pem .
i am trying to run bind in centos 6 and bind keeps giving me errors every time i check all of the configurations. the named.conf file works fine but the zone files keep giving me errors heres the contents of my named.conf file
Code:
options {
directory "/var/named";
listen-on port 53 { any; };
allow-query { any; };
[Code]....
How to install bind 9.7 in centos 5.6 if i installed using yum means, its defaultly installing 9.3 version.
View 2 Replies View RelatedAm running the latest CentOS5 with Bind. Bind will run for a period(time period unknown) the shutsdoown. We need to every day start the service. When the service starts there are no errors given.
View 2 Replies View Relatedsetting up Bind for web-hosting as i am using Webmin to configure it?
View 4 Replies View RelatedI had centos 5-5 server with 6G of RAM and 4 core cpu 3GHZ i installed bind 9.7.1-p2 on my server with multi thread support there are a lot of dns requests on my server , about 2500 Packets/sec and 3Mbit UDP traffic but my server response week to most of them.
For example when i use nslookup or dig command to query Yahoo.com the response from server maybe deliver about 5 Sec or become timed out , but sometimes response time less than 1 sec!
I don't know why, perhaps kernel works week so i decided to do the following :
But the problem didn't solved
I previously had Freebsd with same version of bind and same configuration and everything worked fine.
don't find box of BIND so i was posting into this boxI have some problem when i config bind DNS for my domain and then i can't start named,this's error message
[root@server1 named]# service named restart
Stopping named: [ OK ]
Starting named:
[code]....
I installed BIND 9.7.3 from source on Centos 5.5, and chrooted it, and I'm getting an error when I run 'service named status' I get a reply, but at the end it says 'named dead but pid file exists'
Here's the entire output:
[root@ns etc]# service named status
version: 9.7.3
number of zones: 23
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running named dead but pid file exists Nothing is logged in /var/log/messages. Named is running and responding correctly. How can I get rid of this error?
i have xp and virtual guest centos 5.i install apache, bind, squid and webmin through xp, i can access URL...but when i start my squid, put the ip in the browser proxy settings, when i logon its ip turn to URL...I believe my bind is working. Though theres some little glitch. I dont know where.and i already put my servers bind ip to my winxp primary dns server settings.
View 1 Replies View RelatedI can't get the client server to authenticate to the openldap server. I can authenticate on the server itself though. I can su to, login and shh into the openldap server and become a ldap user. I just can't become an ldap user on the client.I didn't setup TLS/SSL. I can do that after I have it working. I'm using hashed passwords though. I don't have replication setup. I'm am tying to setup the most basic openldap environment then build from there. I have read the openldap section in the admin guide.
My setup at home.
Openldap server � light.deathnote.net -- 10.0.1.21
client server � vm-centos01.deathnote.net � 10.0.1.7 -- VM on virtualbox
Virtualbox host � L (OS MAC) � 10.0.1.2
router (apple airport extreme) / default gatway � 10.0.1.1
All computer can reach the internet and ping each other. When I installed centos I disabled SELinux.I used these guids to setup my openldap.
[URL]
Below I have included some output from the files I'm using with openldap.
[root@vm-centos01 ~]# tail /var/log/messages
Jul 2 09:25:33 vm-centos01 xfs: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
Jul 2 09:25:49 vm-centos01 xfs: nss_ldap: failed to bind to LDAP server ldap://light.deathnote.net: Can't contact LDAP server
Jul 2 09:25:49 vm-centos01 xfs: nss_ldap: failed to bind to LDAP server ldap://10.0.1.21/: Can't contact LDAP server
[code]....
I have setup two BIND9 servers as slaves for an internal Windows domain. I receive messages in my logs about a Windows server not being the master for the slave domain on BIND. I have placed the allow-notify statement in the global options section of named.conf, as well as setting the IP address in the masters section of the zone. I'm confused as to why I'm still getting this error message.
View 3 Replies View RelatedI've been looking for a good tutorial for setting up a BIND DNS server for my local network. What I want to do is..Have BIND running on my home server receiving all DNS requests.Have certain zones (my.zone.lan) pointing to custom IP addresses (I.E. server.lan points to 192.168.{server IP})Zones that don't exist should be passed on to OpenDNS for processing.
View 6 Replies View RelatedDon't work nslookup from clients guest OS.I have LinuxMint 7 and I'm installed VirtualBox on her. I created three guests OS. Two CentOS and XP
Name
The first CentOS linux1.starline.ca
The second CentOS centos.starline.ca
The third XP xp2.starline.ca[code].....
On the clients guest OS nslookup don't work. It write : timed out; no servers could be reached .What is going on? Why nslookup don't work from clients guest OS?On client machine in the file /etc/resolv.conf have record ameserver 168.135.88.2
I have installed bind with yum install bind bind-chroot.I am having query timeouts due to no ipv6 connectivity.Is there a way to re-compile and not loose the chroot structure?Or is there another way to disable ipv6 lookups?Example of issue resulting in ipv4 query timeout:
30-Dec-2010 17:52:03.226 client x.x.x.x#53593: view internal: query: paypal.com.cms.local IN A +
30-Dec-2010 17:52:03.227 client x.x.x.x#53594: view internal: query: paypal.com.cms.local IN AAAA +
30-Dec-2010 17:52:03.228 client x.x.x.x#53595: view internal: query: paypal.com IN A +
[code]....
I installed bind & did not install chroot. I set up a fictional domain kelly.local. I am able to resolve FQDN (example: angus.kelly.local) in both dig & nslookup & ping on linux boxes.
I want to be able to resolve bare host names (example: angus) using bind. I get mixed results.
(1) linux boxes resolve bare host names & FQDNs just fine using nslookup & ping, but not dig. dig gives error:
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> angus
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15241
[Code]....
I have updated bind using yum on a Centos 5.3 server, after restarting, I have this error now.
Error in named configuration:
zone localhost/IN: loaded serial 42
/var/named/mydomain.hosts:20: unknown RR type 'SPF'
My version of is : bind.x86_64 30:9.3.6-16.P1.el5
when client goes to bind to NFS share on remote server - they are getting access denied when using the mount command; [SERVER] - CentOS 5.3 /etc/exports /mnt/data 192.168.5.199(rw) - implying the client I want to have access
[Code]...
I am setting up a cluster of servers which use Centos Directory Server for control of logins, etc and kerberos for authentication. The basic setup is working fine, I have been able to manually create accounts using the directory console and these accounts seem to work. Now what I want to do is automate the process of creating new accounts. I am writing a perl script which can be run by one of the server administrators, they supply a small number of arguments and it should create a new user in the directory server, and also create a principal in the kerberos.
I want them to be able to do this using their logged-in kerberos credentials, i.e., without having to enter and re-enter their passwords. My first attempt was to use perl modules Net::LDAP and Authen::SASL. I could not get this working so fell back to using ldap command line tools, but even these I cannot seem to get working! When using mozldap tools, as specified in the admin manual, I get the following:
$ /usr/lib64/mozldap/ldapmodify -h ldaphost.mycompany.com -D uid=eharmic,ou=mydept,dc=mycompany -o mech=GSSAPI -o authid=eharmic < ../ldapmod.txt
Bind Error: Invalid credentials
Bind Error: additional info: SASL(-14): authorization failure:
Using openldap tools I strike exactly the same problem:
$ ldapmodify -Y GSSAPI -H LDAP://ldaphost.mycompany.com -D uid=eharmic,ou=mydept,dc=mycompany -U eharmic < ../ldapmod.txt
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-14): authorization failure:
I believe I have set up the mapping correctly:
dn: cn=MyMapping,cn=mapping,cn=sasl,cn=config
objectClass: top
objectClass: nsSaslMapping
cn: MyMapping
nsSaslMapRegexString: ^(.+)@MYCOMPANY.COM
nsSaslMapBaseDNTemplate: ou=mydept,dc=mycompany
nsSaslMapFilterTemplate: (uid=1)
It must be getting reasonably far because after doing the above I can see the LDAP service ticket in my "klist" output.
I meet this problem after i reformat the CentOS 5...I havent do any configuration, the named service start failed ? why ....
View 2 Replies View RelatedI am bit new to Linux and have setup caching-only name server with Centos 5.5. when i do dig server, it provide resolutions. but when i use the server IP as DNS on my windows client, it says, "connection refused" on the NSlookup output. (IP table didn't enable) My server Ip is 192.168.1.253 and bellow is the configuration of "/var/named/chroot/etc/named.conf"
options {
listen-on port 53 { 127.0.0.1; 192.168.1.253; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt"; .....
I updated bind to version bind-9.3.4-6.0.3.P1.el5_2 today, and then I started getting "Starting named: named: user 'named' unknown" messages. Selinux is enabled.
ID named shows:
uid=25(named) gid=25(named) groups=25(named) context=root:system_r:unconfined_t:SystemLow-SystemHigh
I set up a DNS server, and it works fine when being queried from other hosts.But if I query it from localhost (by using nslookup), it reports error:
======================================
** server can't find www.example.com: NXDOMAIN
======================================
[code]....
I have a domain name and I want to host it on my ISP.What my goal is is to have 2 nameservers:NS1.mydomain.com
NS2.mydomain.comI want to be able to put www.mydomain.com and have DNS do its thing. I want to use BIND to do this. This is a new realm for me, and i know exactly what I want to do, but I struggle putting it in words
I'm trying to install CentOS 5.5 on an old Pentium 4 desktop PC I have, which is not being used for much other than being a MTA, and I want to migrate this functionality onto the CentOS platform for stability (Windows is a perpetual nightmare. I partitioned a spare 20GB to experiment with, and I want to install CentOS into here to play around with first so I can move my files around between Windows and CentOS, until I'm happy all of the stuff is gone, then I can scrub the Windows partition and claim the space for CentOS.
So, I've downloaded and burned the DVD and tried to install. I start the install with no args from the main install menu, and the process goes through some probing and then comes up with the "Welcome to CentOS" menu. I go through this, and then it tries to start X Server. It fails, and falls back to text mode. I get the "Welcome to CentOS" screen again, and then proceed through it. I set my keyboard layout to UK, then this message comes up at the bottom of the screen:
"_X11TransSocketINETConnect() can't get address for localhost:6001: Temporary failure in name resolution"
then on the next line: "Cannot open display :1" If I force the install to text, by typing "linux text" at the first menu, I get about the same way through, but the install just hangs doing nothing, and no disc access to the install disc.
I use red hat Es 5.5 64 bit.. I find the item nameserver in resolv.conf cannnot be saved. Everytime ,reboot or restart the netwrok service . The data in resolv.conf will be removed and clear . I need to edit it again . I also try to add DNS1=XX.XX.XX.Xx in ifcfg-eth2 but the same problem. in it , the resolv.conf is still need to edit every network service restart . So, how to save the resolve.conf about nameserver forever ??
[root@vls etc]# cat resolv.conf
# Generated by NetworkManager
# No nameservers found; try putting DNS servers into your
# ifcfg files in /etc/sysconfig/network-scripts like so:
#
# DNS1=xxx.xxx.xxx.xxx
# DNS2=xxx.xxx.xxx.xxx
[Code]...
I have two mail accounts, a gmail and a gmx account (default). Kmail downloads emails from both mail services correctly. Kmail sends emails which I create from new. Kmail forwards and replys to emails arriving from gmx without issue. Kmail gives me and error:- The server did not accept the sender address "example.smith@gmail.com" The server responded:"5.7.0 Sender address does not belong to logged in user {mp-eu001}" when I try to reply or forward a messsage which came from gmail.
View 2 Replies View Related
