i am trying to setup a minimal bind9 dns on RHEL5.in /var/named/chroot/var/named/etc i have following files,after installing bind and caching-nameserver:
localdomain.zone
localhost.zone
named.broadcast
[code]....
The thing is, I've created a new local zone here (called "local.lan"), and, aparently, it is working fine, and DHCP3-SERVER is updating DNS info through the controls.But sometimes I get some strange answers from the server, like when I do the "arp" command in one of the clients, and get the server's hostname "mixed" with it's own reverse, like this: "dns.local.lan.2.168. | ether | 00:02:1e:f5:61:74 | C | eth0". Other thing is that sometimes my DNS don't update when a computer "enters" the lan. In the /var/log/syslog the DHCPOFFER appears, but the information about the DNS update isn't there.So, I would like to show you my named.conf file and my local zone db file, and get some feedback from you (what would you change... what is wrong...).
# ------------------- #
* named.conf:
# ------------------- #
[code]....
I have a dynamic-dns setup that updates from DHCP. In my reverse zone file, I have some mappings that are more or less static (as in, outside of the DHCP range that updates to dhcp-<ipaddr>.domain.tld)
When I add new records to this zone and then reload the zone file (making sure to update the serial number), the name server still does not serve these new records. For example, I might add the following to my 168.192.in-addr.arpa. zone under the $ORIGIN 25.168.192.in-addr.arpa. section:
Code:
45 IN PTR new-host.example.tld.
I then proceed to try:
Code:
rndc reload
/etc/init.d/bind9 reload
[Code]....
I am trying to get bind 9 up and running on a new installation of server 10.04 and keep getting errors when starting the daemon -
* /etc/bind/named.conf.local:19: unknown option 'zone'
* /etc/bind/named.conf.local:20: unknown option 'zone'
* /etc/bind/named.conf.default-zones:3: unknown option 'zone'
* /etc/bind/named.conf.default-zones:11: unknown option 'zone'
* /etc/bind/named.conf.default-zones:16: unknown option 'zone'
* /etc/bind/named.conf.default-zones:21: unknown option 'zone'
* /etc/bind/named.conf.default-zones:26: unknown option 'zone'
The onlything I could find after scrubbing the internet is once ina while there's a missing bracket. But I have checked and triple checked my config files and the syntax and can't find anything wrong. I have another installation of bind9 running on Fedora and the same exact syntax works just fine.
[Code]....
I've configured my dhcp server to update dynamically the DNS zones of BIND9 name server. Everything works ok, except for reverse nslookup:
nslookup 10.141.50.3
Server:127.0.0.1
Address:127.0.0.1#53
[code]....
I'm at a loss to why my reverse lookup zone doesn't work for me.I've got two views. One internal and one external. My domain is isp2.datornatverk.se. Public IP: 130.240.133.81.
dig -x @8.8.8.8 130.240.133.81
gives me:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
I've set it up so that the internal subnets gets the domains resolved to the internal IP-addresses. When querying from external addresses I will get public IP.My named.conf.local file:
Code:
acl internals {
127.0.0.0/8;[code]..........
I don't know whether the views has messed something up. It worked before I added the views.
Is leading whitespace significant in bind9 config files? This reverse lookup file (/var/chroot/bind9/etc/bind/zones/rev.168.168.192.in-addr.arpa) did not work; /var/log/messages had "zone 168.168.192.in-addr.arpa/IN: has no NS records".Inserting 3 spaces before IN in the NS line fixed it:
Code:
; IP Address-to-Host DNS Pointers for the 192.168.168.0 subnet
@ IN SOA CW8vDS.localdomain. hostmaster.localdomain. (
2011041901 ; serial
8H ; refresh
[code]...
Reading the man pages and netsearching, I did not find anything about indentation requirements except for "This is usually indented for readability, but the indents are required syntactically" here.Although the above file works, named-checkconf reports an error in it:
Code:
root@CW8vDS:/var/chroot/bind9/etc/bind/zones# named-checkconf rev.168.168.192.in-addr.arpa
rev.168.168.192.in-addr.arpa:1: syntax error near ';'
but named initialisation does not log any errors or warnings in /var/log/messages when processing this file except "/etc/bind/zones/rev.168.168.192.in-addr.arpa:2: no TTL specified; using SOA MINTTL instead".
Here's a little tool that does this:
Without arguments, updates the SOA serial in a zonefile to the current date. If the date was already updated, just updates the revision number (incrementing up to 99, and then again 01). Uses RFC 1912* recommended format.
With $1 == <two digit number>, auto updates (if necessary) just the date part and uses your provided revision number.
With $1 == <eight digit number>, uses that as a date (no validation of any kind), and just auto update the revision number
With $1 == <full serial>, will just replace whatever the serial is with the provided serial, without any validation
* YYYYMMDDRR (4-digit year, 2-digit month, 2-digit day of month, 2-digit revision number)
This script + keeping SOA/NS/MX/CNAME RRs in a common file $included from other files with $ORIGIN and A/PTR/TXT RRs, made everything way easier to manage, enabling me to script some zone switchers, automatic failover/redirection of DNS on WAN changes, etc, etc. I think this stuff might be cool to integrate with something like this script and make nice CLI toolset for bind. Looking forward to implement it.
Code in pastebin
Code:
#!/bin/bash
# globals
script_name="${0##*/}"
script_dir=$(readlink -f "${0%/*}")
script_version=1 .....
I run BIND9 in Debian on my server, and did a dist-upgrade last night. Prior to the dist-upgrade, everything worked fine. It does not appear that any of the configuration or zone files were changed. Right now, I am seeing ServFail replies to the A queries:
Code:
13:00:26.496391 IP 10.7.21.12.45956 > 10.7.7.2.53: 39290+ A? int0x80.com. (29)
0x0000: 4500 0039 603c 4000 4011 aa5c 0a07 150c E..9`<@.@......
[code]....
In our Server they configure Master / Slave Dns using SSL authentication while tranfering the zone files, i dont have much idea about ssl authentication for Dns, how it will works
View 3 Replies View RelatedThere are many time zone files accessible from the command line that don'thow up in the GUI ("system-config-time"). How do I add these time zones to the GUI
View 1 Replies View RelatedI am having problems with Open Java. I need to role in Sun Java. How? I have tried all the usual uninstall methods and hit a wall. I am using Kubuntu 10.10 on a 32 bit processor.
View 1 Replies View RelatedI installed Tomcat6.0.24 on my system(from their site not from repos) and i needed to add a manaager account ,
Code:
<role rolename="manager"/>
<user username="tomcat" password="s3cret" roles="manager"/>
[code]...
How to add a new role and profile for new user by using the command "useradd" in linux.In solaris there is an options(useradd -R and useradd -P) for these actions, like this how to add role and profile for new user in linux.
View 3 Replies View RelatedIt states there could be changes in role of system adminstrators. If this is going to happen, Being a system admin what are the skill sets do I have to develop ?
View 1 Replies View RelatedWhat is the role of the /etc/inet.d directory in a system restart.
View 4 Replies View RelatedCentoS 5.5
[root@osra ~]# rpm -q samba3x
samba3x-3.3.8-0.52.el5_5.2
[root@osra ~]# rpm -q krb5-workstation
krb5-workstation-1.6.1-36.el5_5.5
Domain controller windows 2k3 sp3
I follow those guides: [URL] and [URL]. I join the domain, I can test the user
[root@osra ~]# wbinfo -a mbottalico%
plaintext password authentication succeeded
challenge/response password authentication succeeded
[root@osra ~]# wbinfo -u
administrator
guest
krbtgt
[root@osra ~]# wbinfo -g
utenti wins
dhcp users
dhcp administrators
computer del dominio
controller di dominio
getent passwd and group ok without "DOMAIN+"
kinit e klist ok.
I can browser the samba server, but I can enter on "temp", but not in "test" (access denied)
[root@osra ~]# smbclient \\osra\test -U administrator
Enter administrator's password:
Domain=[DOMAINSHORT] OS=[Unix] Server=[Samba 3.3.8-0.52.el5_5.2]
smb: > ls
NT_STATUS_NETWORK_ACCESS_DENIED listing * (I noticed only writing this message)
[root@osra ~]# smbclient \\osra\tmp -U administrator
Enter administrator's password:
Domain=[DOMAINSHORT] OS=[Unix] Server=[Samba 3.3.8-0.52.el5_5.2]
smb: > dir .....
53488 blocks of size 2097152. 49908 blocks available
smb: > q
0 blocks of size 0. 511 blocks available .....
I cannot seem to find any good documentation on the role of flags -Bdynamic and -Bstatic in g++. The man pages are not very helpful either.I found an example on the web:"gcc object1.o object2.o -Wl,-Bstatic -lapplejuice -Wl,-Bdynamic -lorangejuice -o binary".According to which -Bstatic instructs the linker to statically link
the applejuice library and to dynamically link the orangejuice library. If orangejuice uses the applejuice library anywhere however,the applejuice is also linked dynamically. Is it correct to assume that this is correct and describes the true functionality of those two flags in gcc? (ie: Bstatic and Bdynamic are used for mixing static and shared libraries during linking)Is it correct to assume that the same applies to g++ as well?
So recently I've been trying out openSUSE, along with a few other distros, for use on my HTPC. Previously, I'd been using a hackintosh build, so my external media storage HDDs are all formated HFS+. It was actually surprisingly easy to get openSUSE to mount them for both reading and writing.
Only thing is, XBMC has been pretty unstable on all of the linux distros I've tried, and I'm wondering to what degree the HFS filesystem might be affecting things? It would take a fair bit of juggling -- or going out and buying a new multi-TB HDD -- to clear out the disks in turn so as to reformat them with an ext filesystem, but if that would help me get a more stable HTPC with opensuse -- the linux distro I've settled on -- it'd be worth it. I'll paste a link to the log from an xbmc crash, in case that would be helpful, but really, I'm just curious, since I don't really know all that much about how different filesystems work or anything, how much extra strain does the filesystem translating entail?
As per the bootchart png, what in the world is nautilus doing?
View 1 Replies View RelatedI'm trying to turn an old Acer Aspire One with a tiny 8GB solid-state drive into a lean web server, so I'd like to remove as many packages as possible to free up space. It will be running a standard LAMP install and nothing else. Right now it has Ubuntu Netbook installed, so I need to know everything I can delete and still have it boot and run mysql, apache, etc.
View 5 Replies View RelatedI've tried reading several tutorials on setting up a domain name with bind9, but I've never managed to get one working.
View 7 Replies View RelatedI have a web server on my local network with a couple domains facing the internet. When I visit these domains from within the network I'm directed to my routers configuration page due to hairpin NAT.
So I installed BIND9 on the server and set up my forwarders to Google DNS to act as a Caching Nameserver. Then I set my routers DNS primary and secondary nameservers to the IP of the local BIND server. Everything is working great.
Now I need help configuring BIND so that the domains hosted on the web server within the network are routed to the web server and not the routers configuration page.
Im install bind9 in ubentu 10 with this turotial [url]my dns server is work in linux but my client user cannot use dns when client run nslookup in cmd Cannot find server name for address my_ip_linux :server faild Server: Unknown. im on linux valid ip
View 5 Replies View RelatedI have the following bind9 configuration, and I'm trying to resolve reverse lookup IP address to name.
$ttl 38400
mydomain.org.INSOAmyhosting.com. (
1243281304
10800
[code]...
** server can't find 1.2.3.4.in-addr.arpa: NXDOMAIN
Is my PTR wrong, or what do I need to have the reverse lookup working ?
Note: I replace real IP by 1.2.3.4, same for my domain name.
Set up a server with Bind, Dovecote, Apache etc. Registered a domain and made all the necessary things for it to work. The server can send/receive mail on my domain, but when I try to look up the site I have it returns a lookup failure. I know Apache is working as I can browse the site when I used my ip address but I can't when I use the domain name. Anyone got a few tricks I could try to dumb down and find the possible failures I did when setting this up?
View 7 Replies View RelatedI have Ubuntu 9.10 PC on my home network acting as a VPN gateway. It is using vpnc & iptables to provide access to the remote network - other computers on my local network have routing rules in place to go via the Ubuntu gateway if trying to reach an IP on the remote network. This works just fine, except DNS lookups for names on the remote network don't work.
I'm trying to solve this by using Bind9 on the gateway, so it can act as DNS for the local network. I don't want to create excess VPN traffic or load on the remote DNS, so I want the gateway to forward the lookup to my ISPs DNS first and if the name is not found then try the remote network DNS. Is this possible, or is there another (better) way around this? The Bind9 configs seem to admit multiple DNSs, but use them in a failover sense - only using secondary DNSs when the first one in the list is not reachable at all.
I want to make BIND9 aware of my TLD so I need to give it an A record. Then I wanted to create CNAME for ftp, mail and so on as time permits
I have webmin so I need to work from that.
my TLD is [URL]
I wanted to bolt on www, ftp for now
www is port 80, ftp port 21 etc
when i started bind9, it showed me this error, Can anyone help me in this, according to me i dont have a file sysklogd so i can not restart that. that is why i think iam getting error while starting bind9. How to get that file and how to get started Bind9.
View 4 Replies View Relatedusing Ubuntu Server 10.10 x86_64 on this machine. It is used as a master DNS server for my domain. We have migrated it to Ubuntu from Gentoo. The problem is that AppArmor is spamming /var/log/syslog
Code:
Jan 3 14:38:40 hydra kernel: [2154828.893409] type=1400 audit(1294061920.141:660146): apparmor="DENIED" operation="mknod" parent=1 profile="/usr/sbin/named" name="/var/log/named_querylog" pid=15397 comm="named" requested_mask="c" denied_mask="c" fsuid=103 ouid=103
The zone files reside in /etc/bind/ and we have not changed anything in /etc/apparmor.d/usr.sbin.named .
We don't want to just uninstall apparmor, but how do we adjust its settings correctly?