Error in DNS configuration.

S

serjaomendes

Hi, I Need help to configure my DNS Server,

I have a domain, and need redirect to my server, and configure DNS Master. (sorry for my english)

Domain: atec.org.br
IP: 189.16.21.140

part of named.conf:
Code: 
// RFC 1912  zone "atec.org.br" { 	
type master; 	
file "atec.org.br"; };  

zone "localhost"	{ type master; file "master/localhost-forward.db"; }; 
zone "127.in-addr.arpa" { type master; file "master/localhost-reverse.db"; }; 
zone "255.in-addr.arpa"	{ type master; file "master/empty.db"; };

zone file: atec.org.br

Code: 
$TTL 86400
@ IN
SOA ns.atec.org.br. hostmaster.ns.atec.org.br. (
2003262236
1H
15
14D
12H )

atec.org.br.	IN NS ns.atec.org.br.
atec.org.br.	IN A 189.16.21.140
atec.org.br.	IN A 189.16.21.140

www.atec.org.br.	IN CNAME atec.org.br.

Code: 
PING ns.atec.org.br (189.16.21.140): 56 data bytes
64 bytes from 189.16.21.140: icmp_seq=0 ttl=64 time=0.224 ms
64 bytes from 189.16.21.140: icmp_seq=1 ttl=64 time=0.126 ms
64 bytes from 189.16.21.140: icmp_seq=2 ttl=64 time=0.129 ms
64 bytes from 189.16.21.140: icmp_seq=3 ttl=64 time=0.128 ms
64 bytes from 189.16.21.140: icmp_seq=4 ttl=64 time=0.133 ms
^C
 
Code: 
$TTL 86400
@ IN
SOA ns.atec.org.br. hostmaster.ns.atec.org.br. (
2003262236
1H
15
14D
12H )

[color=blue]atec.org.br.	IN NS ns.atec.org.br.[/color]
atec.org.br.	IN A 189.16.21.140


[color=blue]ns.atec.org.br.         IN A 189.16.21.140[/color]
www.atec.org.br.	IN A 189.16.21.140
You forgot to enter the A record for ns.atec.org.br. ;)

BTW There is no obligation to use CNAME, just use an A record, this saves an extra name lookup.
Don't forget to update the serial nr ;)
 
Thank's a lot!

Ok, I has modified...

Actually the domain atec.org.br is redirected to 200.234.203.76 in a DNS Brazil Server.

How to Test the DNS is ok to response for web domain?
 
Code: 
zone "21.16.189.in-addr.arpa" {
        type master;
        file "21.16.189.in-addr.arpa";
}

Code: 
$TTL 3600

21.16.189.in-addr.arpa. IN      SOA     ns.atec.org.br  hostmaster.atec.org.br (
        20091412;
        10800;
        3600;
        604800;
        300);

        IN      NS      ns.atec.org.br.

1       IN      PTR     atec.org.br.
2       IN      PTR     ns.atec.org.br.
3       IN      PTR     www.atec.org.br.

Code: 
FW_Lenke# nslookup
> 189.16.21.140
Server:         200.176.2.10
Address:        200.176.2.10#53

** server can't find 140.21.16.189.in-addr.arpa.: NXDOMAIN
>


FW_Lenke# nslookup
> ns.atec.org.br
Server:         200.176.2.10
Address:        200.176.2.10#53

** server can't find ns.atec.org.br: NXDOMAIN
>
 
Doing an external lookup on a zonefile that only you have won't give a lot of results. I'm guessing that DNS delegation for that in-addr.arpa zone isn't pointing to your namserver, so no one will ever query it. Try looking it up on your own nameserver ($ dig @your_ip -x 189.16.21.140). FYI, rDNS for your IP range is handled by embratel.net.br.
 
Code: 
FW_Lenke# dig 189.16.21.140 -x 189.16.21.140

; <<>> DiG 9.4.2 <<>> 189.16.21.140 -x 189.16.21.140
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51428
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;189.16.21.140.                 IN      A

;; AUTHORITY SECTION:
.                       10800   IN      SOA     A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2009121400 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 200.176.2.10#53(200.176.2.10)
;; WHEN: Mon Dec 14 12:59:44 2009
;; MSG SIZE  rcvd: 106

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33964
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;140.21.16.189.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
140.21.16.189.in-addr.arpa. 73681 IN    CNAME   140.128-191.21.16.189.in-addr.arpa.

;; AUTHORITY SECTION:
128-191.21.16.189.in-addr.arpa. 10800 IN SOA    ns.embratel.net.br. admin.embratel.net.br. 2008100901 3600 900 604800 86400

;; Query time: 72 msec
;; SERVER: 200.176.2.10#53(200.176.2.10)
;; WHEN: Mon Dec 14 12:59:44 2009
;; MSG SIZE  rcvd: 130

FW_Lenke#
 
Code: 
FW_Lenke# dig @189.16.21.140 -x 189.16.21.140

; <<>> DiG 9.4.2 <<>> @189.16.21.140 -x 189.16.21.140
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
FW_Lenke#
 
Here the same, but I can ping.
Code: 
$ dig -x 189.16.21.140 @189.16.21.140

; <<>> DiG 9.3.4 <<>> -x 189.16.21.140 @189.16.21.140
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached

$ ping -c2 189.16.21.140
PING 189.16.21.140 (189.16.21.140): 56 data bytes
64 bytes from 189.16.21.140: icmp_seq=0 ttl=45 time=267.380 ms
64 bytes from 189.16.21.140: icmp_seq=1 ttl=45 time=257.115 ms
--- 189.16.21.140 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 257.115/262.247/267.380/5.157 ms

Does netstat -an -f inet show that 189.16.21.140 is LISTENing on port 53 for TCP and UDP?
 
Code: 
FW_Lenke# netstat -an -f inet
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp4       0      0  189.16.21.140.22       189.16.21.130.61901    ESTABLISHED
tcp4       0      0  *.22                   *.*                    LISTEN
tcp4       0      0  *.*                    *.*                    CLOSED
tcp46      0      0  *.80                   *.*                    LISTEN
tcp4       0      0  *.3306                 *.*                    LISTEN
tcp4       0      0  *.3000                 *.*                    LISTEN
tcp4       0      0  *.199                  *.*                    LISTEN
tcp4       0      0  *.21                   *.*                    LISTEN
udp4       0      0  189.16.21.140.49755    200.176.2.10.53
udp4       0      0  *.3000                 *.*
udp4       0      0  *.161                  *.*
udp4       0      0  *.514                  *.*
udp4       0      0  *.520                  *.*
icm4       0      0  *.*                    *.*
FW_Lenke#

I Has started named
 
Code: 
FW_Lenke# /etc/rc.d/named onestart
wrote key file "/var/named/etc/namedb/rndc.key"
Starting named.
FW_Lenke# netstat -an -f inet
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp4       0     52  189.16.21.140.22       189.16.21.130.61901    ESTABLISHED
tcp4       0      0  *.22                   *.*                    LISTEN
tcp4       0      0  *.*                    *.*                    CLOSED
tcp46      0      0  *.80                   *.*                    LISTEN
tcp4       0      0  *.3306                 *.*                    LISTEN
tcp4       0      0  *.3000                 *.*                    LISTEN
tcp4       0      0  *.199                  *.*                    LISTEN
tcp4       0      0  *.21                   *.*                    LISTEN
udp4       0      0  *.3000                 *.*
udp4       0      0  *.161                  *.*
udp4       0      0  *.514                  *.*
udp4       0      0  *.520                  *.*
icm4       0      0  *.*                    *.*
FW_Lenke#
 
Well, it's not running .. as [cmd=]rndc status[/cmd] will probably tell you. See /var/log/messages for a reason. Named is picky about errors in named.conf and/or zonefiles, but rarely prints a helpful error to standard output.
 
Sorry for my ignorance.

Now I HAve started, is simples this :

Code: 
FW_Lenke# /etc/rc.d/named onestart
wrote key file "/var/named/etc/namedb/rndc.key"
Starting named.
Or more services ?
 
Starting != Running. What is the output of [cmd=]rndc status[/cmd], and what's in /var/log/messages about named?
 
Ok, an error in file named.conf was fixed...now:

Code: 
FW_Lenke# netstat -an -f inet
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
tcp4       0      0  127.0.0.1.953          *.*                    LISTEN
tcp4       0      0  127.0.0.1.53           *.*                    LISTEN
tcp4       0      0  189.16.21.140.22       189.16.21.130.61901    ESTABLISHED
tcp4       0      0  *.22                   *.*                    LISTEN
tcp4       0      0  *.*                    *.*                    CLOSED
tcp46      0      0  *.80                   *.*                    LISTEN
tcp4       0      0  *.3306                 *.*                    LISTEN
tcp4       0      0  *.3000                 *.*                    LISTEN
tcp4       0      0  *.199                  *.*                    LISTEN
tcp4       0      0  *.21                   *.*                    LISTEN
udp4       0      0  189.16.21.140.49275    200.176.2.10.53
udp4       0      0  189.16.21.140.52385    201.10.1.2.53
udp4       0      0  *.63692                *.*
udp4       0      0  127.0.0.1.53           *.*
udp4       0      0  *.3000                 *.*
udp4       0      0  *.161                  *.*
udp4       0      0  *.514                  *.*
udp4       0      0  *.520                  *.*
icm4       0      0  *.*                    *.*
FW_Lenke#

Log.....

Code: 
Dec 14 14:03:58 FW_Lenke named[7695]: starting BIND 9.4.2 -t /var/named -u bind
Dec 14 14:03:58 FW_Lenke named[7695]: command channel listening on 127.0.0.1#953
Dec 14 14:03:58 FW_Lenke named[7695]: command channel listening on ::1#953
Dec 14 14:03:59 FW_Lenke named[7695]: dns_master_load: atec.org.br:3: unexpected end of line
Dec 14 14:03:59 FW_Lenke named[7695]: dns_master_load: atec.org.br:2: unexpected end of input
Dec 14 14:03:59 FW_Lenke named[7695]: zone atec.org.br/IN: loading from master file atec.org.br failed:
Dec 14 14:03:59 FW_Lenke named[7695]: running
 
Ok, BIND is only running on localhost (not on the public IP address). If that's not what you want, you'll have to instruct named.conf(5) to bind to/listen on your public IP address as well.

Anyway, to return to the previous command, this is now (in this case):
[cmd=]dig @127.0.0.1 -x 189.16.21.140[/cmd].

Again: having a PTR (rDNS) record for this IP range is fine, but only you will use it, no one else. All PTR queries will be handled by Embratel's nameservers unless they delegate this range to your nameserver.
 
Code: 
Dec 14 14:18:26 FW_Lenke named[8042]: starting BIND 9.4.2 -t /var/named -u bind
Dec 14 14:18:27 FW_Lenke named[8042]: command channel listening on 127.0.0.1#953
Dec 14 14:18:27 FW_Lenke named[8042]: command channel listening on ::1#953
Dec 14 14:18:27 FW_Lenke named[8042]: dns_master_load: atec.org.br:3: unexpected end of line
Dec 14 14:18:27 FW_Lenke named[8042]: dns_master_load: atec.org.br:2: unexpected end of input
Dec 14 14:18:27 FW_Lenke named[8042]: zone atec.org.br/IN: loading from master file atec.org.br failed:
Dec 14 14:18:27 FW_Lenke named[8042]: running

Code: 
$TTL 86400
@ IN
SOA ns.atec.org.br. hostmaster.ns.atec.org.br. (
20091412;
1H;
15;
14D;
12H; )

atec.org.br.    IN NS ns.atec.org.br.
atec.org.br.    IN A 189.16.21.140

ns.atec.org.br.         IN A 189.16.21.140
www.atec.org.br.        IN A 189.16.21.140

Code: 
FW_Lenke# dig @127.0.0.1 -x 189.16.21.140

; <<>> DiG 9.4.2 <<>> @127.0.0.1 -x 189.16.21.140
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52217
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;140.21.16.189.in-addr.arpa.    IN      PTR

;; AUTHORITY SECTION:
21.16.189.in-addr.arpa. 300     IN      SOA     ns.atec.org.br.21.16.189.in-addr.arpa. hostmaster.atec.org.br.21.16.189.in-addr.arpa. 20091412 10800 3600 604800 300

;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 14 14:19:33 2009
;; MSG SIZE  rcvd: 106

FW_Lenke#

a question, my PC name FW_Lenke# How to change to NS.atec.org.br ?
 
btw,

Code: 
@ IN
SOA ns.atec.org.br. hostmaster.ns.atec.org.br. (

must be

Code: 
@ IN SOA ns.atec.org.br. hostmaster.ns.atec.org.br. (
 
You must log in or register to reply here.
Back
Top