You'll also need to make sure that the IEDR have the correct Ips for both
nameservers as they are based on the domain itself.
If it is a new registration the easiest method would be to register the
domain using someone else's dns and once you are sure that it is working
properly (ie. IEDR DNS check passes) make the changes on the IEDR side.
If you are not comfortable editing zone files by hand I would recommend
using something like Webmin (http://www.webmin.com). Although it is not
infallible it will show you typos and other errors when you are looking at
zone in the Bind module (if that's what you are using)
HTH
Michele
Mr Michele Neylon
Blacknight Internet Solutions Ltd
http://www.blacknight.ie/
Tel. +353 59 9137101
-----Original Message-----
From: ilug-bounces at linux.ie [mailto:ilug-bounces at linux.ie] On Behalf Of
Feargal Reilly
Sent: 07 May 2004 14:08
To: ilug at linux.ie
Subject: Re: [ILUG] DNS problems
Sorry, just re-read your mail, assuming you're registering titan and
leviathan as the NS servers with the IEDR, you'll also need to take out the
ns.isi.ie. and ns2.esat.net. as they will not be publishing the same info,
and the IEDR won't like that.
-fr.
On Fri, 7 May 2004 05:56:56 -0700 (PDT)
Chris Boyd <chris_d_b71 at yahoo.com> wrote:
> I just recently did a full install of Fedora Core I (over RH 7.1,
> possibly not the best move) and I've having serious problems with
> named/DNS.
> I had thought that there was a problem with the name servers being
> registered with IEDR, but that doesn't seem to be the case.
> The named process is running and listening but nothing in mydomain
> resolves. It was working for a few days after (so I don't see how it
> could be the config
> files) I configured it after installing Fedora but it went down and I
> haven't been able to get it working since.
> After attempting to re-register the nameservers with IEDR I'm getting
> the following message from them:
>> OK: 09:45:43 UTC on Fri 7 May 2004
> OK: Verifying zone mydomain.ie.
> OK: Starting verification from server 194.x.x.x
> OK: Requesting NS list for zone mydomain.ie. from 194.x.x.x
> OK: No NS list in 'answer' section; checking 'authority' section
> FATAL: Empty NS list found for zone mydomain.ie. from 194.x.x.x
> OK: Querying server 194.x.x.x as 194.x.x.x
> FATAL: No authoritative answers obtained
> FATAL: Verification failed for zone mydomain.ie.
> FATAL: 09:45:43 GMT on Fri 7 May 2004
>> _____________________________________________
>> rndc -s host reload
>> tail -f /var/log/messages
>> May 7 08:35:21 leviathan named[22884]: loading configuration from
> '/etc/named.conf'
> May 7 08:35:21 leviathan named[22884]: no IPv6 interfaces found May
> 7 08:35:46 leviathan named[22884]: lame server resolving
> 'www.mydomain.ie' (in 'mydomain.ie'?):
> 194.x.x.x#53
> May 7 08:35:46 leviathan last message repeated 2 times
>>>> ps auxw|less
>> named 22884 0.0 1.4 40824 3636 ? May06 0:56
> /usr/sbin/named -u named -t /var/named/chroot
>> Here's named.conf:
>> // generated by named-bootconf.pl
>> options {
> directory "/var/named";
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
>> //query-source address * port 53; };
>> //
> // File: named.boot
> // Purpose: give the DNS its startup parameters and
> // list of startup files.
> //
> //
> //
> //
> // XFRNETS parameter limits the transfer of zone information // to
> machines matching the subnet wildcard/mask entries listed // // //
> XFRNETS // // establish a loopback entry for this machine, and tell //
> it to load its identity from db.127.0.0 // zone "0.0.127.IN-ADDR.ARPA"
> {
> type master;
> file "db.127.0.0";
> };
>> //
> // set ourselves as primary server for the zone // zone "mydomain.ie"
> {
> type master;
> file "db.zoneinfo";
> };
>> //
> // provide reverse address-to-host mapping // zone
> "x.x.194.in-addr.arpa" {
> type master;
> file "db.194.x.x";
> };
>> //
> // prime the DNS with root server 'hint' information // zone "." {
> type hint;
> file "db.cache";
> };
>> logging {
> category lame-servers{null;};
> };
> key rndc {
> algorithm hmac-md5 ;
> secret "x";
> };
> controls {
> inet 127.0.0.1 allow { localhost; } keys {rndc; }; };
>>> Here's /var/named/db.zoneinfo:
>> $ORIGIN .
> $TTL 172800 ; 2 days
> mydomain.ie IN SOA host.mydomain.ie.
> hostmaster.mydomain.ie. (
> 1998062504 ; serial
> 21600 ; refresh
> (6 hours)
> 7200 ; retry (2
> hours)
> 1209600 ; expire (2
> weeks)
> 172800 ; minimum
> (2 days)
> )
> NS ns.isi.ie
> NS ns2.esat.net
> NS titan.mydomain.ie.
> NS leviathan.mydomain.ie.
> A 194.x.x.x
> MX 5 GPO.mydomain.ie.
> MX 10 mxbackup.iol.net.
> MX 50 relay.pipex.net.
> $ORIGIN mydomain.ie.
> calisto A 194.x.x.2
> MX 1 leviathan
> $ORIGIN mydomain.ie.
> defunct A 194.x.x.111
> ftp CNAME leviathan
> $ORIGIN mydomain.ie.
> GPO CNAME leviathan
> $ORIGIN mydomain.ie.
> keeper A 194.x.x.112
> leviathan A 194.x.x.x
> MX 5 GPO
> MX 10 mail.iol.ie.
> MX 50 relay.pipex.net.
> localhost A 127.0.0.1
> mail CNAME leviathan
> $ORIGIN mydomain.ie.
> ns CNAME leviathan
> $ORIGIN mydomain.ie.
> titan CNAME leviathan
> ww2 CNAME leviathan
> www CNAME leviathan
>> Here's /var/named/db.194.x.x
>> $TTL 172800 ; 2 days
> x.x.194.in-addr.arpa. IN SOA
> leviathan.mydomain.ie. hostmaster.mydomain.ie. (
> 1998062504 ; serial
> 21600 ; refresh
> (6 hours)
> 7200 ; retry (2
> hours)
> 1209600 ; expire (2
> weeks)
> 172800) ; minimum
> (2 days)
>> NS ns.isi.ie
> NS ns2.esat.net
> NS leviathan.mydomain.ie.
> NS calisto.mydomain.ie
>>> >From the secondary DNS server:
>> /etc/rc.d/init.d/named restart
> Stopping named:
> [ OK ]
> Starting named:
> [ OK ]
> [root at calisto root]# tail -f /var/log/messages May 7 13:07:31 calisto
> named[23381]: zone
> mydomain.ie/IN: expired
> May 7 13:07:31 calisto named[23381]: zone
> x.x.194.in-addr.arpa/IN: refresh: non-authoritative answer from master
> 194.x.x.x#53 May 7 13:07:31 calisto named[23381]: zone
> irelands-web.ie/IN: refresh: non-authoritative answer from master
> 194.125.22.1#53
>> Anyway, not sure where to go from here and any help greatly
> appreciated.
>> TIA
>> Chris
>>>>>>>>> __________________________________
> Do you Yahoo!?
> Win a $20,000 Career Makeover at Yahoo! HotJobs
>http://hotjobs.sweepstakes.yahoo.com/careermakeover> --
> Irish Linux Users' Group
>http://www.linux.ie/mailman/listinfo/ilug/>>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
