Re: Help with DKIM record
Maybe try dig: dig -t txt google.com On 04/14/2014 10:23 AM, Felix Rubio Dalmau wrote: Hi everybody, I have set up a bind9 server, and everything works fine except when I try to request some fields (e.g., TXT) for any server. If I do host -t txt host I get host has no TXT record whereas if I do host -t txt host ns server I got the correct answer from that other server. Does anybody have any idea on how to fix this? Thank you, Felix ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
Maybe try dig: dig -t txt google.com On 04/14/2014 10:23 AM, Felix Rubio Dalmau wrote: Hi everybody, I have set up a bind9 server, and everything works fine except when I try to request some fields (e.g., TXT) for any server. If I do host -t txt host I get host has no TXT record whereas if I do host -t txt host ns server I got the correct answer from that other server. Does anybody have any idea on how to fix this? Thank you, Felix ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
On 4/14/2014 2:58 PM, Steven Carr wrote: On 14 April 2014 18:53, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: it is not actually a pure caching server (at least I didn't wanted it to be :S). I have server at home, and the DNS is properly configured at the internet. The problem is that my router is not capable to redirect my requests to my server when they come from the LAN. So, I have had to configure a dhcp+dns server to give the IPs to the machines in the LAN, and to use the dns server to resolve the local server using db.server.local and db.192 files. db.server.local wasn't in your config and your query is for www.server.org, myserver.org was listed in your config file. I understand that forward only; will not hurt but, right? After setting it, I do the dig and I get: Setting it to forward only means that anything that the server is not authoritative for it will forward to the specified servers. Actually -- small correction -- it's the forwarders statement that triggers _that_ behavior. Forward only/forward first is just a refinement of what happens if the forwarders are unresponsive (as implied in the remainder of your paragraph). Some additional semantic nitpicking... If you do not have that set then there are occasions where your DNS server will go to the Internet root and start to search for the requested record recursively, I think you mean iteratively here. if you're fine with that then is there a reason why you are forwarding requests to other DNS servers? I think you mean iterating rather than forwarding here. End semantic nitpicking :-) why not just allow your local DNS server to handle the whole resolution process? Totally agreed. Forwarding should not be added to a named.conf unless it is well considered and justified. Will not hurt? It very well *might* hurt. It often *does* hurt. - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
What isn't clear so far is whether the TXT record you're looking up is
in the myserver.org zone or some other zone.
If you're authoritative for myserver.org, you're authoritative for *all*
of myserver.org. named isn't going to do failover forwarding just
because you neglected to add a TXT record to your zone file. It'll give
a negative response to the query. forward first/forward only has no
effect whatsoever on that behavior.
- Kevin
On 4/14/2014 12:02 PM, Felix Rubio Dalmau wrote:
Maybe this is my problem: I have not created any zone file :s. The only files
I've created/modified are:
### named.conf.local
include /etc/bind/rndc.key;
zone myserver.org {
type master;
file /etc/bind/db.myserver.local;
allow-update { key rndc-key; };
};
zone 1.168.192.in-addr.arpa {
type master;
file /etc/bind/db.192;
allow-update { key rndc-key; };
};
### named.conf.options
options {
directory /var/cache/bind;
forwarders {
91.126.224.5;
91.126.224.6;
};
allow-query {
192.168.1.0/24;
127.0.0.1;
};
allow-transfer {
192.168.1.0/24;
127.0.0.1;
};
dnssec-validation auto;
auth-nxdomain no;# conform to RFC1035
listen-on-v6 { any; };
empty-zones-enable no;
};
###
I thought that when requesting fields that are not available in the local dns
server, such requests would be forwarded to the forwarders and its answers
cached :S. What should I do?
Felix
On Monday 14 April 2014 16:35:10 Steven Carr wrote:
On 14 April 2014 15:59, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote:
What files, exactly? Named.conf.local and named.conf.options is enough?
Yep, and the zone files that you have created that contain the TXT
records you want to query for.
Steve
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: Hi everybody, I have set up a bind9 server, and everything works fine except when I try to request some fields (e.g., TXT) for any server. If I do host -t txt host I get host has no TXT record whereas if I do host -t txt host ns server I got the correct answer from that other server. Does anybody have any idea on how to fix this? Thank you, Felix Do you know what default NS server you are querying when do do not specify the server in your command line? Does that server have the TXT record? --Barry Finkel ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
Hi Barry, yes, it is the server I've set up in my local LAN. How can I set it to have these TXT records? Thank you, Felix On Monday 14 April 2014 08:18:12 Barry S. Finkel wrote: Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: Hi everybody, I have set up a bind9 server, and everything works fine except when I try to request some fields (e.g., TXT) for any server. If I do host -t txt host I get host has no TXT record whereas if I do host -t txt host ns server I got the correct answer from that other server. Does anybody have any idea on how to fix this? Thank you, Felix Do you know what default NS server you are querying when do do not specify the server in your command line? Does that server have the TXT record? --Barry Finkel ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users signature.asc Description: This is a digitally signed message part. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
On 14 April 2014 14:21, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: yes, it is the server I've set up in my local LAN. How can I set it to have these TXT records? Post your current config and zone files (use pastebin if they are larger than a few lines). Then copy/paste the full host command and it's output, or even better use the dig command and post those commands/output. Steve ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
What files, exactly? Named.conf.local and named.conf.options is enough? Felix On Monday 14 April 2014 14:25:53 Steven Carr wrote: On 14 April 2014 14:21, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: yes, it is the server I've set up in my local LAN. How can I set it to have these TXT records? Post your current config and zone files (use pastebin if they are larger than a few lines). Then copy/paste the full host command and it's output, or even better use the dig command and post those commands/output. Steve signature.asc Description: This is a digitally signed message part. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
On 14 April 2014 15:59, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: What files, exactly? Named.conf.local and named.conf.options is enough? Yep, and the zone files that you have created that contain the TXT records you want to query for. Steve ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
Maybe this is my problem: I have not created any zone file :s. The only files
I've created/modified are:
### named.conf.local
include /etc/bind/rndc.key;
zone myserver.org {
type master;
file /etc/bind/db.myserver.local;
allow-update { key rndc-key; };
};
zone 1.168.192.in-addr.arpa {
type master;
file /etc/bind/db.192;
allow-update { key rndc-key; };
};
### named.conf.options
options {
directory /var/cache/bind;
forwarders {
91.126.224.5;
91.126.224.6;
};
allow-query {
192.168.1.0/24;
127.0.0.1;
};
allow-transfer {
192.168.1.0/24;
127.0.0.1;
};
dnssec-validation auto;
auth-nxdomain no;# conform to RFC1035
listen-on-v6 { any; };
empty-zones-enable no;
};
###
I thought that when requesting fields that are not available in the local dns
server, such requests would be forwarded to the forwarders and its answers
cached :S. What should I do?
Felix
On Monday 14 April 2014 16:35:10 Steven Carr wrote:
On 14 April 2014 15:59, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote:
What files, exactly? Named.conf.local and named.conf.options is enough?
Yep, and the zone files that you have created that contain the TXT
records you want to query for.
Steve
signature.asc
Description: This is a digitally signed message part.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
On 14 April 2014 17:02, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: Maybe this is my problem: I have not created any zone file :s. The only files I've created/modified are: I thought that when requesting fields that are not available in the local dns server, such requests would be forwarded to the forwarders and its answers cached :S. What should I do? OK, so you're implementing a caching server, you didn't state that in your original email. So check your /etc/resolv.conf file and see where it is pointing to for DNS, this is what the `host` command will use when querying for DNS, it should be your new server that you have setup. You probably also want to add the statement forward only; into your options section as well, otherwise your caching server might still try to query the Internet root if it didn't get a response from the servers you are forwarding to. Then use the `dig` command to look for the txt record e.g. dig host txt - post back the full command and the response. Steve ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
Hi Steve, it is not actually a pure caching server (at least I didn't wanted it to be :S). I have server at home, and the DNS is properly configured at the internet. The problem is that my router is not capable to redirect my requests to my server when they come from the LAN. So, I have had to configure a dhcp+dns server to give the IPs to the machines in the LAN, and to use the dns server to resolve the local server using db.server.local and db.192 files. I understand that forward only; will not hurt but, right? After setting it, I do the dig and I get: ; DiG 9.8.4-rpz2+rl005.12-P1 www.server.org txt ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 52796 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.server.org. IN TXT ;; AUTHORITY SECTION: server.org. 604800 IN SOA server.org. root.server.org. 10420141 604800 86400 2419200 604800 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Apr 14 19:53:01 2014 ;; MSG SIZE rcvd: 72 Felix On Monday 14 April 2014 17:36:36 Steven Carr wrote: On 14 April 2014 17:02, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: Maybe this is my problem: I have not created any zone file :s. The only files I've created/modified are: I thought that when requesting fields that are not available in the local dns server, such requests would be forwarded to the forwarders and its answers cached :S. What should I do? OK, so you're implementing a caching server, you didn't state that in your original email. So check your /etc/resolv.conf file and see where it is pointing to for DNS, this is what the `host` command will use when querying for DNS, it should be your new server that you have setup. You probably also want to add the statement forward only; into your options section as well, otherwise your caching server might still try to query the Internet root if it didn't get a response from the servers you are forwarding to. Then use the `dig` command to look for the txt record e.g. dig host txt - post back the full command and the response. Steve signature.asc Description: This is a digitally signed message part. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Help with DKIM record
On 14 April 2014 18:53, Felix Rubio Dalmau felixrubiodal...@gmail.com wrote: it is not actually a pure caching server (at least I didn't wanted it to be :S). I have server at home, and the DNS is properly configured at the internet. The problem is that my router is not capable to redirect my requests to my server when they come from the LAN. So, I have had to configure a dhcp+dns server to give the IPs to the machines in the LAN, and to use the dns server to resolve the local server using db.server.local and db.192 files. db.server.local wasn't in your config and your query is for www.server.org, myserver.org was listed in your config file. I understand that forward only; will not hurt but, right? After setting it, I do the dig and I get: Setting it to forward only means that anything that the server is not authoritative for it will forward to the specified servers. If you do not have that set then there are occasions where your DNS server will go to the Internet root and start to search for the requested record recursively, if you're fine with that then is there a reason why you are forwarding requests to other DNS servers? why not just allow your local DNS server to handle the whole resolution process? Steve ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
