Re: [gentoo-user] DNS Expert Required
You might want to set your serial to a date format like: 2006032600 When you do an update on the same day you just increment the last digit(s). 2006032601 You are more likely to remember when you have done updates with a date. On Sun, 26 Mar 2006, Hiren Dave wrote: Hi Uwe, The main problem in my configuration was this: search server1.guru.com server2.guru.com search guru.com zone "server1.guru.com" IN { make this: zone "guru.com" IN { After changing this, my dns server is working fine. Thanks a lot dude. Hiren On 3/26/06, Uwe Thiem <[EMAIL PROTECTED]> wrote: On 26 March 2006 10:01, Hiren Dave wrote: Alright, I'll bite. ;-) Some small errors. server1.guru.com (192.168.0.2) Primary DNS Server server2.guru.com (192.168.0.3) Secondary DNS Server => Here is my configuration file for server1.guru.com machine. ###/etc/resolve.conf## domain guru.com search server1.guru.com server2.guru.com search guru.com (the search string gets appended to non-qualified names) nameserver 192.168.0.2 nameserver 192.168.0.3 ## /var/named/chroot/etc/named.conf## options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; allow-transfer { 192.168.0.3; 192.168.0.1; }; allow-query { 192.168.0.0/24; localhost; }; allow-recursion { 192.168.0.0/24; localhost; }; }; allow-tansfer: take out 192.168.0.1; it's unnecessary. [ snip ] zone "server1.guru.com" IN { make this: zone "guru.com" IN { type master; file "server1.guru.com.zone"; make this: file "guru.com"; (not strictly necessary) allow-query { any; }; In the general options, you restrict queries to your local network. Why do you now allow queries from anywhere? allow-update { key rndckey; }; }; #include "/etc/rndc.key"; ## ###/var/named/chroot/var/named/server1.guru.com.zone## make the file "guru.co" $TTL 86400 @ IN SOA server1.guru.com. root.server1.guru.com. ( BTW, *not* a good idea to make "root" the technical contact for your domain. Now most stuff below can be much easier. 1 ; serial 300; refresh (5 minutes) 10 ; retry (10 seconds) 86400 ; expire (1 day) 600; minimum (10 minutes) ) @ IN NS server1.guru.com. @ IN MX 10 server1.guru.com. server1.guru.com. IN A 192.168.0.2 server2.guru.com. IN A 192.168.0.3 win2k.guru.com. IN A 192.168.0.1 www1 CNAME server1.guru.com. www2 CNAME server2.guru.com. www3 CNAME win2k.guru.com. server2 IN MX 0 server1.guru.com. win2k IN MX 0 server1.guru.com. The lines above can now look this way: IN NS server1.guru.com. IN NS server2.guru.com. IN MX 10 server1.guru.co. *.guru.com IN MX 10 server1.guru.com. server1 IN A 192.168.0.2 server2 IN A 192.168.0.3 win2k IN A 192.168.0.1 www1CNAME server1 www2CNAME server2 www3CNAME win2k (Note where I put a fullstop at the end of a name and where not. It's important. Your MX statements above are contradictory. So I don't know exactly which box your email server is and if you really have more than one. If so you have to adjust my two MX entries above.) Adjust server2 accordingly. I cannot guarantee that I caught all mistakes. Just try it out. Uwe -- Why do consumers keep buying products they will live to curse? -- gentoo-user@gentoo.org mailing list -- Bryan Whitehead Email:[EMAIL PROTECTED] -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] DNS Expert Required
Hi Uwe, The main problem in my configuration was this:> search server1.guru.com server2.guru.comsearch guru.com > zone "server1.guru.com" IN {make this: zone "guru.com" IN { After changing this, my dns server is working fine. Thanks a lot dude. Hiren On 3/26/06, Uwe Thiem <[EMAIL PROTECTED]> wrote: On 26 March 2006 10:01, Hiren Dave wrote:Alright, I'll bite. ;-)Some small errors. > server1.guru.com (192.168.0.2) Primary DNS Server> server2.guru.com (192.168.0.3 ) Secondary DNS Server>> => Here is my configuration file for server1.guru.com machine.>> ###/etc/resolve.conf## > domain guru.com> search server1.guru.com server2.guru.comsearch guru.com (the search string gets appended to non-qualified names)> nameserver 192.168.0.2> nameserver 192.168.0.3> ## > /var/named/chroot/etc/named.conf##> options {> directory "/var/named";> dump-file "/var/named/data/cache_dump.db";> statistics-file "/var/named/data/named_stats.txt"; > allow-transfer { 192.168.0.3; 192.168.0.1; };> allow-query { 192.168.0.0/24; localhost; };> allow-recursion { 192.168.0.0/24; localhost; };> };allow-tansfer: take out 192.168.0.1; it's unnecessary.[ snip ]> zone " server1.guru.com" IN {make this: zone "guru.com" IN {> type master;> file "server1.guru.com.zone";make this: file " guru.com"; (not strictly necessary)> allow-query { any; };In the general options, you restrict queries to your local network. Why do younow allow queries from anywhere?> allow-update { key rndckey; }; > };> #include "/etc/rndc.key";> ##> ###/var/named/chroot/var/named/server1.guru.com.zone## make the file "guru.co"> $TTL 86400> @ IN SOA server1.guru.com. root.server1.guru.com . (BTW, *not* a good idea to make "root" the technical contact for your domain.Now most stuff below can be much easier.> 1 ; serial> 300; refresh (5 minutes) > 10 ; retry (10 seconds)> 86400 ; expire (1 day)> 600; minimum (10 minutes)> )>> @ IN NS server1.guru.com .> @ IN MX 10 server1.guru.com.>> server1.guru.com. IN A 192.168.0.2> server2.guru.com. IN A 192.168.0.3> win2k.guru.com. IN A 192.168.0.1>> www1 CNAME server1.guru.com.> www2 CNAME server2.guru.com.> www3 CNAME win2k.guru.com.>> server2 IN MX 0 server1.guru.com.> win2k IN MX 0 server1.guru.com.The lines above can now look this way: IN NS server1.guru.com . IN NS server2.guru.com. IN MX 10 server1.guru.co.*.guru.com IN MX 10 server1.guru.com.server1 IN A 192.168.0.2server2 IN A 192.168.0.3win2k IN A 192.168.0.1www1CNAME server1www2CNAME server2www3CNAME win2k(Note where I put a fullstop at the end of a name and where not. It'simportant. Your MX statements above are contradictory. So I don't know exactly which box your email server is and if you really have more than one.If so you have to adjust my two MX entries above.)Adjust server2 accordingly.I cannot guarantee that I caught all mistakes. Just try it out. Uwe--Why do consumers keep buying products they will live to curse?--gentoo-user@gentoo.org mailing list
Re: [gentoo-user] DNS Expert Required
On 26 March 2006 10:01, Hiren Dave wrote: Alright, I'll bite. ;-) Some small errors. > server1.guru.com (192.168.0.2) Primary DNS Server > server2.guru.com (192.168.0.3) Secondary DNS Server > > => Here is my configuration file for server1.guru.com machine. > > ###/etc/resolve.conf## > domain guru.com > search server1.guru.com server2.guru.com search guru.com (the search string gets appended to non-qualified names) > nameserver 192.168.0.2 > nameserver 192.168.0.3 > ## > /var/named/chroot/etc/named.conf## > options { > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > allow-transfer { 192.168.0.3; 192.168.0.1; }; > allow-query { 192.168.0.0/24; localhost; }; > allow-recursion { 192.168.0.0/24; localhost; }; > }; allow-tansfer: take out 192.168.0.1; it's unnecessary. [ snip ] > zone "server1.guru.com" IN { make this: zone "guru.com" IN { > type master; > file "server1.guru.com.zone"; make this: file "guru.com"; (not strictly necessary) > allow-query { any; }; In the general options, you restrict queries to your local network. Why do you now allow queries from anywhere? > allow-update { key rndckey; }; > }; > #include "/etc/rndc.key"; > ## > ###/var/named/chroot/var/named/server1.guru.com.zone## make the file "guru.co" > $TTL 86400 > @ IN SOA server1.guru.com. root.server1.guru.com. ( BTW, *not* a good idea to make "root" the technical contact for your domain. Now most stuff below can be much easier. > 1 ; serial > 300; refresh (5 minutes) > 10 ; retry (10 seconds) > 86400 ; expire (1 day) > 600; minimum (10 minutes) > ) > > @ IN NS server1.guru.com. > @ IN MX 10 server1.guru.com. > > server1.guru.com. IN A 192.168.0.2 > server2.guru.com. IN A 192.168.0.3 > win2k.guru.com. IN A 192.168.0.1 > > www1 CNAME server1.guru.com. > www2 CNAME server2.guru.com. > www3 CNAME win2k.guru.com. > > server2 IN MX 0 server1.guru.com. > win2k IN MX 0 server1.guru.com. The lines above can now look this way: IN NS server1.guru.com. IN NS server2.guru.com. IN MX 10 server1.guru.co. *.guru.com IN MX 10 server1.guru.com. server1 IN A 192.168.0.2 server2 IN A 192.168.0.3 win2k IN A 192.168.0.1 www1CNAME server1 www2CNAME server2 www3CNAME win2k (Note where I put a fullstop at the end of a name and where not. It's important. Your MX statements above are contradictory. So I don't know exactly which box your email server is and if you really have more than one. If so you have to adjust my two MX entries above.) Adjust server2 accordingly. I cannot guarantee that I caught all mistakes. Just try it out. Uwe -- Why do consumers keep buying products they will live to curse? -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] DNS Expert Required
Am Sonntag 26 März 2006 10:01 schrieb Hiren Dave: > WHAT IS WRONG IN SETUP? PLEASE HELP ME. Your zone files are borked. Check them for consistency (for example, don't define the zone to be server1.guru.com, but guru.com... --- Heiko. -- gentoo-user@gentoo.org mailing list
[gentoo-user] DNS Expert Required
Hi, There are two DNS server in my local network. server1.guru.com (192.168.0.2) Primary DNS Serverserver2.guru.com (192.168.0.3 ) Secondary DNS Server => Here is my configuration file for server1.guru.com machine. ###/etc/resolve.conf##domain guru.comsearch server1.guru.com server2.guru.comnameserver 192.168.0.2nameserver 192.168.0.3##/var/named/chroot/etc/named.conf## options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; allow-transfer { 192.168.0.3; 192.168.0.1; }; allow-query { 192.168.0.0/24; localhost; }; allow-recursion { 192.168.0.0/24 ; localhost; };}; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; };}; logging { category dnssec { security_log; }; category update { security_log; }; category security { security_log; }; channel security_log { file "/var/named/dns-security.log" versions 5 size 20m; print-time yes; print-category yes; print-severity yes; severity info; }; }; //Root server hintszone "." IN { type hint; file "named.ca";}; zone "localhost" IN { type master; file "localhost.zone";}; zone "0.0.127.in-addr.arpa" IN { type master; file "127.0.0.zone";}; acl "dhcp-clients" { 192.168.0/24;}; key rndckey { algorithm hmac-md5; secret "OhoyIvQSE0MULVwlAXJom24RnpFUMhXdwihJHkECEBUQd9MKz0qcHKMphT8o";}; zone "server1.guru.com" IN { type master; file "server1.guru.com.zone"; allow-query { any; }; allow-update { key rndckey; };}; zone "0.168.192.in-addr.arpa" IN { type master; file "0.168.192.zone"; allow-query { any; }; allow-update { key rndckey; };}; #include "/etc/rndc.key";#/var/named/chroot/var/named/server1.guru.com.zone##$TTL 86400@ IN SOA server1.guru.com. root.server1.guru.com. (1 ; serial300 ; refresh (5 minutes)10 ; retry (10 seconds)86400 ; expire (1 day) 600 ; minimum (10 minutes)) @ IN NS server1.guru.com.@ IN MX 10 server1.guru.com. server1.guru.com. IN A 192.168.0.2server2.guru.com. IN A 192.168.0.3 win2k.guru.com. IN A 192.168.0.1 www1 CNAME server1.guru.com.www2 CNAME server2.guru.com.www3 CNAME win2k.guru.com. server2 IN MX 0 server1.guru.com.win2k IN MX 0 server1.guru.com.## ###/var/named/chroot/var/named/0.168.192.zone#$TTL 86400@ IN SOA server1.guru.com. root.server1.guru.com . (0 ; serial300 ; refresh (5 minutes)60 ; retry (1 minute)86400 ; expire (1 day)600 ; minimum (10 minutes)) @ IN NS server1.guru.com. 2.0.168.192.in-addr.apra. IN PTR server1.guru.com.1.0.168.192.in-addr.arpa. IN PTR win2k.guru.com.3.0.168.192.in-addr.arpa. IN PTR server2.guru.com.## => Here is my configuration file for server2.guru.com machine. ###/etc/resolve.conf##domain guru.comsearch server1.guru.com server2.guru.comnameserver 192.168.0.2nameserver 192.168.0.3##/var/named/chroot/etc/named.conf## options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; allow-transfer { none; }; allow-query { 192.168.0.0/24; localhost; }; allow-recursion { 192.168.0.0/24; localhost; };}; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; };}; //Root server hintszone "." IN { type hint; file "named.ca";}; zone "localhost" IN { type master; file "localhost.zone";}; zone "0.0.127.in-addr.arpa" IN { type master; file "127.0.0.zone";}; zone "server1.guru.com" IN { type slave; file "server1.guru.com.zone"; masters { 192.168.0.2; }; allow-query { any; }; }; zone "0.168.192.in-addr.arpa" IN { type slave; file "0.168.192.zone"; masters { 192.168.0.2; }; allow-query { any; };}; #include "/etc/rndc.key";#/var/named/chroot/var/named/server1.guru.com.zone##$ORIGIN guru.com.$TTL 86400 ; 1 dayserver1 IN SOA server1 root.server1 (1 ; serial300 ; refresh (5 minutes)10 ; retry (10 seconds)86400 ; expire (1 day) 600 ; minimum (10 minutes)) NS server1 A 192.168.0.2 MX 0 server1 MX 10 server1$ORIGIN server1.guru.com .server1 MX 0 server1.guru.com.server2 MX 0 server1.guru.com.win2k MX 0 server1.guru.com. www1 CNAME server1.guru.com.www2 CNAME server2.guru.com.www3 CNAME win2k.guru.com.$ORIGIN guru.com.server2 A 192.168.0.3 MX 10 server1win2k