In article <mailman.696.1255498841.14796.bind-us...@lists.isc.org>, Robert Moskowitz <r...@htt-consult.com> wrote:
> Barry Margolin wrote: > > In article <mailman.693.1255466849.14796.bind-us...@lists.isc.org>, > > Robert Moskowitz <r...@htt-consult.com> wrote: > > > > > >> I have been running BIND here on my net for quite a few years time and > >> run 2 views on my main server, for internal and external users. I also > >> have a separate BIND server on a test bed that uses a test TLD of htt. > >> It has worked well for the past year. > >> > >> Now I have installed an Amahi server (amahi.org) and it is running its > >> own BIND server with dynamic updates, as it is supporting NetBios > >> clients. My Amahi server is set up for home.htt and works for systems > >> on its subnet (it also runs DHCPD). I want access to the various Amahi > >> apps to other systems here so I first: > >> > >> Set up my main server to be a slave for my test htt domain in its > >> internal view. > >> > >> That is working well and I can get all the DNS information supported > >> there (both hosts in htt and its sub-zone of mobile.htt). Fine so far. > >> > >> Then I added a couple records to the zone file in htt to delegate home.htt: > >> > >> home.htt. IN NS amahi.home.htt. > >> amahi.home.htt. IN A 192.168.1.2 > >> > >> And nothing. > >> > >> I am NOT getting any information on the home.htt. sub-zone. If I run > >> 'nslookup - 192.168.1.2' I get all the information in the DNS, but > >> neither of my internal BIND servers are getting information. Almost as > >> if the Amahi server is not honoring requests from other BIND servers or > >> perhaps not on its net. > >> > > > > Are you sure they're sending the queries to it? Have you done a packet > > capture to see what's being sent? > > > > Well I did some more testing. Here are some results when host is run on > my main DNS server which is a slave server for htt. Can you post the named.conf file for the server you're querying, not the server that hosts the subdomain? BTW, why are you using query source-port 53? > > # host wiki.home.htt > wiki.home.htt has address 192.168.1.2 > Host wiki.home.htt not found: 2(SERVFAIL) > Host wiki.home.htt not found: 2(SERVFAIL) > > # host search.home.htt > Host search.home.htt not found: 2(SERVFAIL) > > The later should also have responded with the same IP address. And why > the two servfails? Here is records from a TCPDUMP of the first host > command: > > # grep 1.2 trace.1 > 23:18:24.142341 IP 208.83.67.148.domain > 192.168.1.2.domain: 9401 > [1au] A? wiki.home.htt. (42) > 23:18:24.144246 IP 192.168.1.2.domain > 208.83.67.148.domain: 9401*- > 1/1/1 A 192.168.128.2 (72) > 23:18:24.149357 IP 208.83.67.148.domain > 192.168.1.2.domain: 11640% > [1au] A? home.htt. (37) > 23:18:24.149786 IP 208.83.67.148.domain > 192.168.1.2.domain: 46350% > [1au] AAAA? home.htt. (37) > 23:18:24.150804 IP 192.168.1.2.domain > 208.83.67.148.domain: 11640*- > 0/1/1 (78) > 23:18:26.152190 IP 208.83.67.148.domain > 192.168.1.2.domain: 11257% > [1au] AAAA? home.htt. (37) > 23:18:26.152635 IP 208.83.67.148.domain > 192.168.1.2.domain: 22505% > [1au] AAAA? hda.home.htt. (41) > 23:18:26.153864 IP 192.168.1.2.domain > 208.83.67.148.domain: 11257*- > 0/1/1 (78) > 23:18:28.154700 IP 208.83.67.148.domain > 192.168.1.2.domain: 49416% > [1au] AAAA? hda.home.htt. (41) > 23:18:28.156390 IP 192.168.1.2.domain > 208.83.67.148.domain: 49416*- > 0/1/1 (82) > > And for the second command there were NO records to 192.168.1.2 > > And on my notebook that uses 208.83.67.148 as its only nameserver, 'host > search.home.htt' has the following dump: > > # tcpdump -n -i eth1 port 53 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes > 01:28:34.615393 IP 208.83.67.158.35220 > 208.83.67.148.domain: 4544+ A? > search.home.htt. (33) > 01:28:34.618864 IP 208.83.67.148.domain > 208.83.67.158.35220: 4544 > ServFail 0/0/0 (33) > > So I am quite perplexed. > > > > >> Here are the named.conf and zone files: > >> > >> # automatically generated file by hdactl > >> options { > >> listen-on-v6 port 53 { ::1; }; > >> directory "/var/named"; > >> dump-file "/var/named/data/cache_dump.db"; > >> statistics-file "/var/named/data/named_stats.txt"; > >> memstatistics-file "/var/named/data/named_mem_stats.txt"; > >> forward only; > >> forwarders { 208.67.222.222; 208.67.220.220; }; > >> listen-on port 53 { 192.168.1.2; 127.0.0.1; }; > >> }; > >> logging { > >> channel default_debug { > >> file "data/named.run"; > >> severity dynamic; > >> }; > >> }; > >> key "ddnskey" { > >> algorithm hmac-md5; > >> secret "----------------------"; > >> }; > >> > >> zone "home.htt" IN { > >> type master; > >> notify no; > >> file "dynamic/hda-n2a.conf"; > >> allow-update { key ddnskey; }; > >> check-names ignore; > >> }; > >> > >> zone "1.168.192.in-addr.arpa" IN { > >> type master; > >> notify no; > >> file "dynamic/hda-a2n.conf"; > >> allow-update { key ddnskey; }; > >> check-names ignore; > >> }; > >> > >> > >> and dynamic/hda-n2a.conf: > >> > >> $TTL 86400 > >> @ IN SOA home.htt. root.home.htt. ( > >> 0909130103 ; Serial > >> 28800 ; Refresh > >> 14400 ; Retry > >> 3600000 ; Expire > >> 86400 ) ; Minimum > >> IN NS home.htt. > >> IN MX 10 home.htt. > >> * IN MX 10 home.htt. > >> > >> h001 A 192.168.1.1 > >> . > >> . > >> . > >> hda A 192.168.1.2 > >> search A 192.168.1.2 > >> setup A 192.168.1.2 > >> calendar A 192.168.1.2 > >> help A 192.168.1.2 > >> wiki A 192.168.1.2 > >> > >> > >> So any tips on what to look for to get this working? > >> > >> I shot the day digging, and I can do things with BIND, but I am not all > >> that skilled... > >> > > > > -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users