Server :: Not Able To Write In Zone File / Resolve This?
Jul 1, 2011
This is the entry which iam seeing in my /var/log/messages. code...
because of the issue now i cant able to write the zone file, via my application. automatically..is it possible to resolve this issue!
View 17 Replies
ADVERTISEMENT
May 30, 2011
I am no expert when it comes to BIND. I seem to be able to resolve NS and A and TXT records for my domain, but I cannot get the MX records to come out. Does anyone have an idea what might be wrong with my BIND zone file? I wonder if it might have something to do with the fact that my IP is currently on a policy Block List?
Code:
View 4 Replies
View Related
Nov 12, 2010
1.How create a Zone file
2.Named.conf file conf...
3.Dig check is not working......
View 1 Replies
View Related
Mar 29, 2011
I want to compare zone file counting and same name, not records etc of master and slave dns server so that i sure both server contains same copy of the files at a time. Any utility to compare such files in linux?
View 5 Replies
View Related
Jul 13, 2011
I need to script to change TTL of all zone file in my DNS and aslo i require the serial to be updated to reduce my work load.
View 2 Replies
View Related
Jun 4, 2010
I chose -Server-, if this is more appropriate in -Networking-, just let me know. Basically, I need to be able to merge responses stored in a zone file with responses from an "upstream" authoritative server. I'm in the sad position of needing to "intercept" requests to *part* of a domain (but not restricted to a sub-domain!) and return results for *some* hosts that use an internally routed address, and results for the rest using the public internet addresses. Unfortunately, it's not my domain, so I can't just use views (although I suspect they could end up having some part to play in this, at least potentially)... but instead I have to actually send requests recursing to the other site's external DNS for any hosts my server doesn't have records for in the zone file.
Some background on the situation:
I work at a local government, which has a private link / VPN connection to a state government entity, and needs to use internal addresses for some of the state servers, which then get routed over an "internal" network link. But the state uses the same domain name internally and externally, just presenting views to internal clients vs. external clients. -- However, we are only being allowed access to certain of their servers through the internal link, which means that for any other servers that we don't have internal/private access for, we have to visit the public addresses just like anyone else on the internet... So, I can't just send all requests to their internal DNS and get responses, because we'd get IPs for some servers (e.g. their main web site) that we wouldn't then be able to reach using the internal network link.
For Example: Say I have a client machine, "client1", on my network ("my.net"), which uses "mydns1.my.net" for name resolution ... and which needs to access 2 servers on the state network, "private.st.us" and "public.st.us" -- so named based on how "my.net" needs to access them.
The external state DNS server/view ("ext-dns.st.us") responds to requests with something like:
private.st.us -- 1.2.3.456
public.st.us -- 1.2.3.457
(Those are just crap addresses, obviously.
The internal state DNS server/view ("int-dns.st.us") responds to requests with something like:
private.st.us -- 10.0.0.8
public.st.us -- 10.0.0.10
This works on their network because their own clients have access to all such IPs.
But for us, they only allow traffic flowing between "my.net" and their internal network to reach the 10.0.0.8 address, blocking all other address destinations. So, when "client1.my.net" asks "mydns1.my.net" for the address of "public.st.us", I need "mydns1" to recurse out to "ext-dns.st.us" to get an answer (1.2.3.457) and then return that IP to "client1" -- because "my.net" is blocked from accessing the server's 10.0.0.10 address. But, when client1 asks mydns1 for "private.st.us" I need to pull the IP (10.0.0.8) from a local zone file instead of asking either of the state DNS servers -- or optionally forward the request to "int-dns.st.us" I suppose -- because the state blocks access to certain services (which we need and are the whole cause of this problem!) via the public (1.2.3.456) address.
View 1 Replies
View Related
Apr 11, 2011
I just ordered a new unmanagd VPS I have already Apache, PHP and Mysql the only problem I have now is how to create a A,NS and MX record in CentOS. I dont know where the DNS zone file is in CentoS
View 2 Replies
View Related
Feb 17, 2010
I have installed a centos 5.4 server with Bind services running on the 2 servers.but getiing error "the working directory is not writable". while restarting the named services.
View 2 Replies
View Related
Oct 19, 2010
I install a Bind 9 with chroot in Centos 5, but the issue is the Reverse Name Resolution Zone File didn't create by default like other zone files, so i look into /var/named directory i don't find the reverse name resolution zone file even if i add this zone on named.conf
zone "1.168.192.in-addr.arpa" IN {
type master;
file "1.168.192.testsip.com.zone";
allow-update { key "rndckey"; };
notify yes;
};
View 1 Replies
View Related
Feb 7, 2011
My question is about DNS use of the $TTL directive. I realize the $TTL directive stands for TimeToLive, my question is why would you specify different TTLs in the zone file? I have a zone file with
$TTL 300
machine
machine
machine
TTL 3600
[code]....
I'm not sure why you just wouldn't specify the same TTL for all systems or at least not have all the 300's grouped together and all 3600s grouped together. The file I'm looking at has about 12 different groups of 300 and 3600 TTLs.
View 2 Replies
View Related
May 5, 2010
I have been trouble shoot for whole day. I still cant figure out where is my error on write access deny for backup directory on windows SP3. It can read data on explore users by \10.1.23.124�ackup code...
View 10 Replies
View Related
Feb 9, 2009
After the syslog facility rolls logs weekly, the Postfix cannot seem to write properly to the mail.log file. What I don't quite understand is that Postfix is still able to write the following error to the log file: ..."status=deferred (temporary failure. Command output: Can't open log file /var/log/mail.log: Permission denied )"It is my understanding that Postfix uses several different processes to write to log files, but I'm confused as to why it is able to write errors to the log but not able to write when sending/receiving mail. After I chmod 777 the mail.log file, Postfix slowly clears the queue and the mails are then received. Everything functions fine for another week, until the logs roll again.
View 6 Replies
View Related
Apr 23, 2011
I have a site hosted on a cheap hosting company and I need to allow write access to certain users in certain directories, sometimes on a file basis.
Q: how do I do that in a .htaccess file?
I have never used .htaccess although from what I read it looks straightforward but when I try it, I get a "500 server error" even with the example .htaccess file the hosting company suggested I use. (I have informed the host as they require and am awaiting their answer)
The site is automatically set up with a couple of dot file in the root directory when I got it, they are:
.htaccess file
AuthType Basic
AuthUserFile "/home/mydomain/www/www/.htpasswd"
AuthName Limited!
require valid-user
Q: Is there in this something overriding my .htaccess in a bad way? (googling for AuthName shed no light on my problem)
.htpasswd
mydomain:$apr1$vcPc9...$kz4vmtvfznKfFmHktN0CI0
Bill:$apr1$C.FLI...$KmvqrHFt6i/.rMhfREtRV0
I added the user Bill, apparently successfully, the first line and .htaccess were set up by the host.
View 2 Replies
View Related
Jan 30, 2011
I've been a Xubuntu/Ubuntu/Lubuntu hobby user for about 18 months now. I started using Linux as a way to revive older computers provide a backup and expand my knowledge of computing. The command line was something new to me but as long as I can find detailed directions on how to do what I want I can usually manage. I set up a Samba server for my home shared network and now I'd like to make the shared drives of that server accessible from outside my network. Via ssh or ftp or some program of the like. I'd like to have it user name and password protected. Configurable user rights would be nice. (read/write/delete/etc) As well as novice user friendly.
My end goal is a server with read/write capability that I will be able to access from work or a friends house or anywhere with an Internet connection and my laptop. I understand about port forwarding and have done so with my home network behind an AT&T U-verse router/modem. I've researched openssh and some ftp setups but they seem like they can be difficult. Now for the questions. Is this task something that can be accomplished without a degree in computer networking? Is there a program(s) that would make this a simpler task? Is this more complex than its worth? How would I go about setting up such a thing?
View 7 Replies
View Related
Oct 12, 2010
I currently have a debian hpc server unit of 10 p4 computers running under debian lenny in use for serving my home network via pxe. I was wondering if there was anything I could use to allow the same read and write acces that is on my pxe machines on my new palm pre plus. That would save me the hassle of syncing all my documents and movies etc to my phone every day or so.
So basically what I am asking is if I can use the current 5tb nfs raid and mount it some way to a remote ip that I can access fully on my phone without the need for a flash plugin. Btw the phone is homebrew app ready.
View 2 Replies
View Related
Nov 17, 2009
Ive installed Gaussian '03 on fedora Core 10, but I'm unable to run it. It aborts and i get the following error
Code:
Erroneous write during file extend. write -1 instead of 4096
Probably out of disk space.
Write error in NtrExt1
View 3 Replies
View Related
May 24, 2011
I am wanting assistance with getting Zoneminder working under ubuntu 11.04.I have ran the install and setup the settings via http://ipaddress/zmadded the camera re instructions.I cannot view anything via Zone Minder.Cam is a Logitech Pro 5000
View 13 Replies
View Related
Sep 20, 2010
The thing is, I've created a new local zone here (called "local.lan"), and, aparently, it is working fine, and DHCP3-SERVER is updating DNS info through the controls.But sometimes I get some strange answers from the server, like when I do the "arp" command in one of the clients, and get the server's hostname "mixed" with it's own reverse, like this: "dns.local.lan.2.168. | ether | 00:02:1e:f5:61:74 | C | eth0". Other thing is that sometimes my DNS don't update when a computer "enters" the lan. In the /var/log/syslog the DHCPOFFER appears, but the information about the DNS update isn't there.So, I would like to show you my named.conf file and my local zone db file, and get some feedback from you (what would you change... what is wrong...).
# ------------------- #
* named.conf:
# ------------------- #
[code]....
View 17 Replies
View Related
Feb 24, 2011
how to configure reverse zone for x.x.x.x/18 subnet ,all the example on the internet are for /24 or /16 subnets?
View 9 Replies
View Related
Mar 21, 2010
I have a DNS server with 3 zonesone is dynamic with an associated reverse and one is static
Everything was fine until I added a single host in the staticzone then the server stopped resolving names in that zoneThe only way I could get it to work again was delete the whole zone and re enter the zone and hosts
View 5 Replies
View Related
Apr 4, 2010
I have a server which time zone is in GMT format. I have a user which is also get time zone variable in GMT. But I want to run script which will start from crontab in EST time zone. For that I�m not suppose to give extra entry in crontab. May be it would be in script.
How can I achieve this?
View 1 Replies
View Related
Dec 9, 2010
It's possible to configure a second level zone like this:
IN CNAME www.domain2.ext
For example, if I want:
host domain1.ext -> CNAME of www.domain2.ext?
and NOT only www.domain1.ext -> CNAME of www.domain2.ext?
View 6 Replies
View Related
Mar 29, 2010
We have a 10.0.0.x network with a working DNS Server (BIND) setup. Recently we purchased Watchguard firewall and configured three networks, so that our internal network can be divided into three networks and talk to each other through firewall routing. So I configured three ips 192.168.0.1,172.16.0.1 and 10.0.0.1 for local network card in the firewall router. I separated three networks and individually configured machines with static ip and given gateway as the above ips. Now, I need to configure DNS server for each zone in the same server which is in the network 10.0.0.x, is this possible?. If yes do I need to setup ip aliases for eth0 in the DNS server with different ips from each network?
View 1 Replies
View Related
Apr 1, 2010
I'm having this problem that's driving me nuts.Basically I've set up 2 virtual DNS servers.1. Master on fictive domain "domain.xx". 2.ster of fictive domain "sub.domain.xx"NS 1 delegated sub. zone-space to the DNS 2.Everything works except for reverse lookup on sub-domain.For instance. 172.16.0.101 should resolve to my fictive mail.sub.domain.xxIf I try to resolve it with 'host 172.16.0.101' from domain.xx I get:Host 101.0.16.172.in-addr.arpa not found: 2(SERVFAIL)If I do the same from the actual sub.domain.xx I get:Host 101.0.16.172.in-addr.arpa. not found: 3(NXDOMAIN).
If I, on the other hand, try to resolve a hostname both from domain.xx or sub.domain.xx with 'host mail.sub.domain.xx' I get the proper address as the answer: 172.16.0.101I've delegated the in-addr.arpa space to sub.domain.xx dns-server according to RFC 2317 specification, at least I think...Please note this is a virtual network address 172.16.0.0/24Here are the excerpts of the in-arpa-files on both domain.xx and the sub.domain.xx server.
Code:
$TTL 12h
$ORIGIN 0.16.172.IN-ADDR.ARPA.
[code]...
View 14 Replies
View Related
Feb 25, 2011
Here's a little tool that does this:
Without arguments, updates the SOA serial in a zonefile to the current date. If the date was already updated, just updates the revision number (incrementing up to 99, and then again 01). Uses RFC 1912* recommended format.
With $1 == <two digit number>, auto updates (if necessary) just the date part and uses your provided revision number.
With $1 == <eight digit number>, uses that as a date (no validation of any kind), and just auto update the revision number
With $1 == <full serial>, will just replace whatever the serial is with the provided serial, without any validation
* YYYYMMDDRR (4-digit year, 2-digit month, 2-digit day of month, 2-digit revision number)
This script + keeping SOA/NS/MX/CNAME RRs in a common file $included from other files with $ORIGIN and A/PTR/TXT RRs, made everything way easier to manage, enabling me to script some zone switchers, automatic failover/redirection of DNS on WAN changes, etc, etc. I think this stuff might be cool to integrate with something like this script and make nice CLI toolset for bind. Looking forward to implement it.
Code in pastebin
Code:
#!/bin/bash
# globals
script_name="${0##*/}"
script_dir=$(readlink -f "${0%/*}")
script_version=1 .....
View 4 Replies
View Related
Feb 19, 2011
I have configured master and slave Bind servers. Everything works fine. But whenever I add a new zone entry at master server it is not getting updated at slave server in logs I see this error:
client 192.168.1.1#43428: view external: received notify for zone 'yourdomainname.com': not authoritative
At master server I do not see any error or warning message. This error clearly indicates that named.conf file does not have zone entry in it or domain name is wrong. While checking the named.conf file I see that the zone entry has not been updated at slave server. If I update it manually and reload named on slave then zone files (db files) are getting created without any issue and any modification at master server for the zone records are also getting updated. My concern is why zone record is not getting appended at slave server in named.conf file.
Is there anything I am missing in the configuration. I am pasting the steps which I have followed to configure my master and slave server:
Configure Bind as master and slave server
Install Bind on your server
yum install bind
OR
sudu apt-get install bind9
Generate RNDC Key using the command
rndc-confgen -a -k rndc-key
it will stored in /etc/rndc-key file
Master Server IP 192.168.0.1
Slave Server IP 192.168.1.1
Master Server Configuration
options .....
View 8 Replies
View Related
Apr 1, 2010
I have to deploy a server to some customers that should not be given access to the server itself. I know that nothing is 100% secure but I've searched without finding a decent answer (maybe I googled for the wrong terms ?)I need some advice about encrypted filesystem. * The server must boot without asking for a passphrase (the server will be in a restricted access area so typing a password could take a while). I can't store the password for luks in an unencrypted file so it seems a loop to me. The only way out I can see is to store the passphrase in the boot binaries (better than nothing...) but this results in more work for me.* possibly the customer should not be able to move the hard disks to another pc, i.e. reading the passphrase from some unique hardware ID. This is risky but I could add a master passphrase to be used in case of hardware replacement
View 3 Replies
View Related
Oct 24, 2010
I have set up a master DNS server at 192.168.50.9 and a slave DNS at 192.168.50.6. Both servers are BIND9.Machines are for testing/experimenting, hence the IP addresses. Initially, the zone transfer was blocked by the firewall on the master, as the slave uses randomly selected non-privileged ports for zone-transfer query. So, as far as I understand, there are two possible approaches:
1. Allow connections based on source, which should be
Code:
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW,ESTABLISHED -s 192.168.50.6 --sport 1024:65535 --dport 53 -j ACCEPT
(and it works for me fine)
2. Allow ESTABLISHED and RELATED connections, which would be something like
Code:
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
which was my initial idea but didn't work, but has inspired me to dig deeper into firewall configuration topics :).
Question: Does zone change notification message count for opening a dialog, or notification from master and slave zone update request are two absolutely separate actions? If the latter is true, that, of course, explains why option #2 didn't work.
View 2 Replies
View Related
Mar 8, 2011
I've run into a strange issue with a DHCP/DDNS setup whereby when the DHCP server asks the DNS server to add a new host, the forward map is added correctly but the reverse map has the subdomain added twice (e.g. 192.168.25.192.168.25.250)I'm running ISC DHCPd version 3.0.1 and BIND version 9.2.3 on SuSE 9.2 - 32bit.Here is my dhcpd.conf file:
# dhcpd.conf
authoritative;
include "/etc/named.keys";
[code]....
View 2 Replies
View Related
Mar 12, 2010
I have dedicated LAMP server running and I was wondering if I am able to run a dev/testing zone on it so to speak?...That way, I can have my come back soon, site is being constructed page live, and develop elsewhere on the server. I was trying a virtualhost, but since that is name based, the web browsers don't know what to do with it. I know the safest way is to develop on this machine then move to web server but I'm just seeing if what I was trying to do is possible.
View 4 Replies
View Related
