Loopback configuration
Hello, I have a new router that is apparently making it impossible for me to view my personal sites from behind the router by domain name, a function that is necessary. I can see the sites by local 192.168 ip address and port number and others have confirmed they are available on the www, so the server is running and named is resolving properly outside the LAN. This is the hosts.conf, where I think my error might lie: > ## > # Host Database > # > # localhost is used to configure the loopback interface > # when the system is booting. Do not change this entry. > ## > 127.0.0.1 localhost web2 > 255.255.255.255 broadcasthost > ::1 localhost > fe80::1%lo0 localhost > 184.70.190.122 mail.normanfournier.com mail web1-ext > 184.70.190.126 web2.normanfournier.com www web2-ext > 192.168.0.1 nf-telus-gw-int > 192.168.0.100 norman-desktop > 192.168.0.101 ns2 > 184.70.190.122 ns1 I *added* these lines to the bottom of hosts.conf > 192.168.0.101 creativeprocess.biz > 192.168.0.101 thecocoapod.com > 192.168.0.101 rogueagent.ca > 192.168.0.101 e4edmonton.com > 192.168.0.101 brandasset.net > 192.168.0.101 greaterthanhtml.com > 192.168.0.101 kawacatoose.com I rebooted and something killed my mailserver when I did this, and I still could now view the sites by domain name behind the router, so I reverted to the old file. Is here another place I should add the domain names, is there an error in my syntax (this has worked perfectly before) or it this the entirely wrong place to be looking to solve this problem? Thank you. Norman___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: PTR files
Thank you everyone, this glitch is solved, the problem was rndc.conf Norman On 2013-06-17, at 10:23 PM, John Miller wrote: > Norman, > > Everyone who's posted has probably been correct--this doesn't look like > _either_ an httpd or BIND problem, but rather in general name resolution and > perhaps in how you've configured things. Happy to assist off-list (see > separate cover), but let's leave it there until it's clear that your issue is > with BIND and how you've configured it. > > John > > > > > > On Mon, Jun 17, 2013 at 11:37 PM, Doug Barton wrote: > Norman, > > It's virtually certain that the error you're seeing is not related to BIND. > You would almost certainly get your problem solved faster by posting on a > list related to the web server software that you are using and walking > through your complete configuration with them. > > Good luck, > > Doug > > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > > -- > John Miller > Systems Engineer > Brandeis University > johnm...@brandeis.edu > (781) 736-4619 > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: PTR files
On 2013-06-17, at 4:11 PM, Charles Swiger wrote: > On Jun 17, 2013, at 3:00 PM, Norman Fournier > wrote: >> [ ... ] >> (...Members of the httpd-users list says the same thing - its not an httpd >> problem. > > From what you've said below, they're quite right. > >> I am just trying to take possibilities off my list of potential errors, >> sorry if I am annoying you, it's unintentional and symptomatic of my >> ignorance, so I'm asking questions. I think that is a legitimate use of my >> subscription to this list, and the list's raison d'être. Surely the list is >> not exclusively for individuals who know what they're talking about?..) > > This list is for discussion of ISC's BIND. For me, the list is called bind-users, not bind-discussion. BIND discussion would be a higher echelon than a user list. I'm a bind user and I have a Domain Name Server problem, somewhere, that I have been trying to solve for a long time and am going over my steps once again. I need to get my webserver online and there is a problem with the name or lookup or the router. I have not found any errors in httpd, bind or the router configuration that have solved it. The latest hint I got was an ostensible missing in-addr.arpa PTR record, which, to me, made it relevant to BIND. > Let's assume that you've got a D-Link router which has a single public IP > from your provider, and provides NAT translation for a private RFC-1918 > subnet, and you've placed your webserver on a VM which lives behind that > D-Link router. If so, you will need to enable static port forwarding for > 80/tcp to the VM running the webserver, or perhaps place that IP in the > router's "Enable DMZ Host" section of the firewall config. > > This is basic networking; it doesn't have any close relationship to either > DNS or webservers. The ports forwarded to the 192.168.0.101 webserver are unchanged since 2005; dns, http and ssh to appropriate ports. The router did change, the static ips changed, as well as the physical location of the network and servers. I don't know what the issue is, that's why I asked about including explicit PTR files to the domain name, as well as the localhost in-addr.arpa, which is the latest in a list of "possible irregularities" I have turned up so far that I need to confirm one way or the other. I do appreciate you taking valuable time to answer. I have to wade into it all again. I hope I am still welcome to ask questions here as I have seen others do, since I subscribed to this list in an effort to learn about BIND and DNS, a number of years ago. Norman ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: PTR files
On 2013-06-17, at 3:29 PM, Charles Swiger wrote: > On Jun 17, 2013, at 2:21 PM, Norman Fournier > wrote: >> I am working on bringing a virtual webserver behind a router online and am >> encountering problems. > > OK. The odds are very good that you should ask about this on an > Apache/nginx/etc forum, as it's unlikely to be related to DNS or BIND. > >> In my named.conf, this is my in-addr.arpa entry: >> >> zone "0.0.127.in-addr.arpa" IN { >> type master; >> file "named.local"; >> allow-update { none; }; >> }; >> >> Should I explicitly define the reverse lookup for my ip or does this entry >> accomplish the same thing, as it seem to have done so in the past. > > It provides a PTR record for 127.0.0.1; equivalent to the standard /etc/hosts > entry of: > > 127.0.0.1 localhost > > There's nothing you should change here. > > Regards, > -- > -Chuck Thank you for your response (...Members of the httpd-users list says the same thing - its not an httpd problem. I am just trying to take possibilities off my list of potential errors, sorry if I am annoying you, it's unintentional and symptomatic of my ignorance, so I'm asking questions. I think that is a legitimate use of my subscription to this list, and the list's raison d'être. Surely the list is not exclusively for individuals who know what they're talking about?..) This is the error message my browser returns: > The server at dlinkrouter can't be found, because the DNS lookup failed. DNS > is the network service that translates a website's name to its Internet > address. This error is most often caused by having no connection to the > Internet or a misconfigured network. It can also be caused by an unresponsive > DNS server or a firewall... Instead of "The server at mydomain.com can't be found", etc., - the error message states my router brand name. My router config seems fine. How would my router name get swapped for my domain name? And where might that error be located? In my httpd.conf? named.conf seemed a more likely place, although it looks okay to me. What question might I ask the httpd list that might be enlightening? Thanks again. Norman___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
PTR files
Hello, I am working on bringing a virtual webserver behind a router online and am encountering problems. In my named.conf, this is my in-addr.arpa entry: zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; Should I explicitly define the reverse lookup for my ip or does this entry accomplish the same thing, as it seem to have done so in the past. Thank you. Norman ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: [users@httpd] webservers not responding properly after hardware change
Hello, I posted this to httpd.apache.org but have not had any response, so I think it may be more related to BIND than DNS. Apologies for the cross-post. I have setup two webservers on my network, one connected directly to the ISP with an ethernet card installed to bring it to the router where, it was give an internal ip address and ports opened for ftp, smtp and pop. It is ns1. ns2 is behind the router and handles http, dns and ssh. Mail is currently being properly delivered although my smtp server going out is no longer working for obvious reasons. I can't ping ns1 from ns2. apachectl say my configuration is correct. The only change I made that I can see is the ethernet card in ns1 died. How would this impact my DNS? None of the domains on ns2 are available on the web although the websites on ns1 are. The attached diagram shows before and after. Any help would be greatly appreciated. http://www.normanfournier.com/nf-network-diagram-v9.jpg The ns2 webserver is serving plone instances via a Zope webserver behind Apache. It appears that the apache webserver is already loaded and that might be the problem, although it is not serving any pages. The following is my terminal output. ns2:~ norman$ apachectl -t Syntax OK ns2:~ norman$ apachectl restart launchctl: CFURLWriteDataAndPropertiesToResource(/System/Library/LaunchDaemons/org.apache.httpd.plist) failed: -10 ns2:~ norman$ apachectl start launchctl: CFURLWriteDataAndPropertiesToResource(/System/Library/LaunchDaemons/org.apache.httpd.plist) failed: -10 org.apache.httpd: Already loaded ns2:~ norman$ Norman___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: couldn't add command channel 127.0.0.1#54 error
On 2011-09-07, at 11:11 AM, michoski wrote: > On 9/7/11 10:02 AM, "michoski" wrote: >> I'm guessing the BIND upgrade caused your startup script, named.conf >> location, >> or something critical to change location... >> >> Cliché I know, but there are good pointers on Google: >> >> http://is.gd/create.php > > Apologies, > > For the record, URL shorteners w/o coffee are hazardous to your health: > > http://is.gd/T2mV6j > > The thing is, if you look through the first few...it really sounds like a > simple problem relating to your upgrade OS X. There are even identical > comments in this thread: > > http://hints.macworld.com/article.php?story=20050420025219402 > > And this may be useful: > > http://www.dan.co.jp/cases/macosx/tiger/bind-tiger.html > > Back to the triple. > > -- > By nature, men are nearly alike; > by practice, they get to be wide apart. >-- Confucius Thank you michoski and Bill Owens. With your help I was able to get named running now. Norman --- www: http://www.normanfournier.com facebook: http://www.facebook.com/normanfournierdotcom linkedin: http://www.linkedin.com/profile/view?id=18127460 youtube: http://www.youtube.com/user/normanfournier ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
couldn't add command channel 127.0.0.1#54 error
Hello, I was running BIND successfully on OS X 10.4 Tiger. That webserver crashed and I replaced it with a new cpu and installed OS X 10.5 Leopard and have encountered a number of errors in my configuration. This is the latest error from the old config files. Any suggestions or pointers as to what might be using this address or how I could find out would be appreciated. Thank you! Norman >From Terminal: Sep 7 09:27:55 norman-fourniers-mac-mini named[3500]: could not listen on UDP socket: address in use Sep 7 09:27:55 norman-fourniers-mac-mini named[3500]: creating IPv4 interface lo0 failed; interface ignored Sep 7 09:27:55 norman-fourniers-mac-mini named[3500]: could not listen on UDP socket: address in use Sep 7 09:27:55 norman-fourniers-mac-mini named[3500]: creating IPv4 interface en0 failed; interface ignored Sep 7 09:27:55 norman-fourniers-mac-mini named[3500]: not listening on any interfaces Sep 7 09:27:55 norman-fourniers-mac-mini named[3500]: /etc/named.conf:18: couldn't add command channel 127.0.0.1#54: address in use >From named.conf: // // Include keys file // include "/etc/rndc.key"; // Declares control channels to be used by the rndc utility. // // It is recommended that 127.0.0.1 be the only address used. // This also allows non-privileged users on the local host to manage // your name server. // // Default controls // acl "internal-net" { 192.168.0.0/24; }; controls { inet 127.0.0.1 port 54 allow {any;} keys { "rndc-key"; }; }; options { directory "/var/named"; /* * If there is a firewall between you and nameservers you want * to talk to, you might need to uncomment the query-source * directive below. Previous versions of BIND always asked * questions using port 53, but BIND 8.1 uses an unprivileged * port by default. */ // query-source address * port 53; }; // // a caching only nameserver config // view "internal" { match-clients { internal-net; 127.0.0.1/8; }; recursion yes; zone "." IN { type hint; file "named.ca"; }; zone "localhost" IN { type master; file "localhost.zone"; allow-update { none; }; }; zone "0.0.127.in-addr.arpa" IN { type master; file "named.local"; allow-update { none; }; }; snip- - - - http://www.normanfournier.com --- www: http://www.normanfournier.com facebook: http://www.facebook.com/normanfournierdotcom linkedin: http://www.linkedin.com/profile/view?id=18127460 youtube: http://www.youtube.com/user/normanfournier ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users