[nzlug] Bind question:

Chris Hodgetts chris at archnetnz.com
Fri Jun 6 15:19:06 NZST 2008 

The minimal-responses fixed the AUTHORITY and ADDITIONAL..

Interesting when I query any host (google.com) it returns the same IP
address. .

when there are multiple A records, it increments the wrong IP address by
one eg:

10.0.0.1
10.0.0.2
10.0.0.3

Odd.. ok thanks will keep looking 




On Fri, 2008-06-06 at 15:05 +1200, Simon Lyall wrote:
> It might be that "minimal-responses: yes" set on the one that is not
> giving you the extra records.
> 
> 
> 
> On Fri, 6 Jun 2008, Chris Hodgetts wrote:
> > Having some really odd things with Bind.
> > I am running a hiddden master server:
> >
> > shaggy
> >
> > This server contains the following in a zone file:
> >
> >
> > $TTL 86400
> > @               IN      SOA     ns1.example.com.      soa.example.com. (
> >                         2008060710      ; serial number
> >                         28800           ; Refresh
> >                         7200            ; Retry
> >                         864000          ; Expire
> >                         86400           ; Min TTL
> >                         )
> >
> >                 NS      ns1.example.com.
> >                 NS      ns2.example.com.
> >
> >                 A       XXX.XXX.XXX.XXX
> >
> > caitlin         A       XXX.XXX.XXX.XXX
> >
> >
> > This is in the named.conf
> >
> > zone "example.com" {
> >         type master;
> >         file "bw-master-fwd/example.com";
> >         notify yes;
> >         allow-transfer { "slaves";
> >                         XXX.XXX.XXX.XXX;
> >                         XXX.XXX.XXX.XXX;
> >                         };
> >
> >         also-notify {
> >                         XXX.XXX.XXX.XXX;
> >                         XXX.XXX.XXX.XXX;
> >         };
> > };
> >
> >
> > The notify works, however each of the slave servers (which are public
> > accessible) (ns1.example.com and ns2.example.com) have the following in
> > the slaves file:
> >
> > $ORIGIN .
> > $TTL 86400      ; 1 day
> > example.com            IN SOA  master.example.com. soa.example.com. (
> >                                 2008060710 ; serial
> >                                 28800      ; refresh (8 hours)
> >                                 7200       ; retry (2 hours)
> >                                 864000     ; expire (1 week 3 days)
> >                                 86400      ; minimum (1 day)
> >                                 )
> >                         NS      ns1.example.com.
> >                         NS      ns2.example.com.
> >                         A       202.74.198.108
> > $ORIGIN example.com.
> > caitlin                 A       XXX.XXX.XXX.XXX
> >
> >
> > when you query each of the two name servers
> >
> > > dig SOA @ns1.example.com example.com
> > > dig SOA @ns2.example.com example.com
> >
> > They return the same serial number....
> >
> > when you dig @ns1.example.com example.com you get the correct
> > information from the zone file:
> >
> >
> > caitlin:/etc/bind/primary# dig @ns1.example.com example.com
> >
> > ; <<>> DiG 9.4.2 <<>> @master.example.com example.com
> > ; (1 server found)
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49577
> > ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> > ;; WARNING: recursion requested but not available
> >
> > ;; QUESTION SECTION:
> > ;example.com.			IN	A
> >
> > ;; ANSWER SECTION:
> > example.com.		86400	IN	A	XXX.XXX.XXX.XXX
> >
> > ;; Query time: 512 msec
> > ;; SERVER: XXX.XXX.XXX.XXX#53(XXX.XXX.XXX.XXX)
> > ;; WHEN: Fri Jun  6 14:23:12 2008
> > ;; MSG SIZE  rcvd: 54
> >
> >
> > but you dont get any authority sections, or additional results.
> >
> > when you dig @ns2.example.com
> >
> > caitlin:/etc/bind/primary# dig @ns2.example.com example.com
> >
> > ; <<>> DiG 9.4.2 <<>> @master.example.com example.com
> > ; (1 server found)
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64430
> > ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;example.com.		        IN      A
> >
> > ;; ANSWER SECTION:
> > example.com.   		0       IN      A       XXX.XXX.XXX.XXX
> >
> > ;; AUTHORITY SECTION:
> > example.com.		86400   IN      NS      ns2.example.com.
> > example.com.  		86400   IN      NS      ns1.example.com.
> >
> > ;; Query time: 237 msec
> > ;; SERVER: XXX.XXX.XXX.XXX#53(XXX.XXX.XXX.XXX)
> > ;; WHEN: Fri Jun  6 14:24:55 2008
> > ;; MSG SIZE  rcvd: 102
> >
> > caitlin:/etc/bind/primary#
> >
> > And the A records are different, but the SOA / Serial Numbers are
> > identical.
> >
> > When you query internally on the same network to ns1.example.com you get
> > the correct results, its just when you try and query it externally...
> >
> > There are no views set up (it's bind 9.2.2) and I am stumped, I even
> > tried to remove and reinstall the bind instance but that did not help
> > either..
> >
> > There does not appear to be any caching and when you turn off the server
> > on ns2.example.com the query times out, so I am pretty certain that I am
> > talking to the correct server.
> >
> > Any help comments, suggestions, remarks, that might help would be
> > appreciated.
> >
> > Thanks.
> >
> >
> > _______________________________________________
> > NZLUG mailing list NZLUG at linux.net.nz
> > http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
> >
>

More information about the NZLUG mailing list