Loopback configuration

[Norman Fournier]

Hello,

I have a new router that is apparently making it impossible for me to view my 
personal sites from behind the router by domain name, a function that is 
necessary. I can see the sites by local 192.168 ip address and port number 
and others have confirmed they are available on the www, so the server is 
running and named is resolving properly outside the LAN.

This is the hosts.conf, where I think my error might lie:

> ##
> # Host Database
> #
> # localhost is used to configure the loopback interface
> # when the system is booting.  Do not change this entry.
> ##
> 127.0.0.1 localhost web2
> 255.255.255.255   broadcasthost
> ::1 localhost 
> fe80::1%lo0   localhost
> 184.70.190.122  mail.normanfournier.com mail web1-ext
> 184.70.190.126  web2.normanfournier.com www web2-ext
> 192.168.0.1 nf-telus-gw-int
> 192.168.0.100   norman-desktop
> 192.168.0.101   ns2
> 184.70.190.122  ns1



I *added* these lines to the bottom of hosts.conf

> 192.168.0.101   creativeprocess.biz
> 192.168.0.101   thecocoapod.com
> 192.168.0.101   rogueagent.ca
> 192.168.0.101   e4edmonton.com
> 192.168.0.101   brandasset.net
> 192.168.0.101   greaterthanhtml.com
> 192.168.0.101   kawacatoose.com


I rebooted and something killed my mailserver when I did this, and I still 
could now view the sites by domain name behind the router, so I reverted to the 
old file. Is here another place I should add the domain names, is there an 
error in my syntax (this has worked perfectly before) or it this the entirely 
wrong place to be looking to solve this problem?

Thank you.

Norman___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: PTR files

[Norman Fournier]

Thank you everyone, this glitch is solved, the problem was rndc.conf

Norman

On 2013-06-17, at 10:23 PM, John Miller wrote:

> Norman,
> 
> Everyone who's posted has probably been correct--this doesn't look like 
> _either_ an httpd or BIND problem, but rather in general name resolution and 
> perhaps in how you've configured things.  Happy to assist off-list (see 
> separate cover), but let's leave it there until it's clear that your issue is 
> with BIND and how you've configured it.
> 
> John
> 
> 
> 
> 
> 
> On Mon, Jun 17, 2013 at 11:37 PM, Doug Barton  wrote:
> Norman,
> 
> It's virtually certain that the error you're seeing is not related to BIND. 
> You would almost certainly get your problem solved faster by posting on a 
> list related to the web server software that you are using and walking 
> through your complete configuration with them.
> 
> Good luck,
> 
> Doug
> 
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> 
> 
> -- 
> John Miller
> Systems Engineer
> Brandeis University
> johnm...@brandeis.edu
> (781) 736-4619
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: PTR files

[Norman Fournier]

On 2013-06-17, at 4:11 PM, Charles Swiger wrote:

> On Jun 17, 2013, at 3:00 PM, Norman Fournier  
> wrote:
>> [ ... ]
>> (...Members of the httpd-users list says the same thing - its not an httpd 
>> problem.
> 
> From what you've said below, they're quite right.
> 
>> I am just trying to take possibilities off my list of potential errors, 
>> sorry if I am annoying you, it's unintentional and symptomatic of my 
>> ignorance, so I'm asking questions. I think that is a legitimate use of my 
>> subscription to this list, and the list's raison d'être. Surely the list is 
>> not exclusively for individuals who know what they're talking about?..)
> 
> This list is for discussion of ISC's BIND.

For me, the list is called bind-users, not bind-discussion. BIND discussion 
would be a higher echelon than a user list. I'm a bind user and I have a Domain 
Name Server problem, somewhere, that I have been trying to solve for a long 
time and am going over my steps once again. I need to get my webserver online 
and there is a problem with the name or lookup or the router. I have not found 
any errors in httpd, bind or the router configuration that have solved it. The 
latest hint I got was an ostensible missing in-addr.arpa PTR record, which, to 
me, made it relevant to BIND.

> Let's assume that you've got a D-Link router which has a single public IP 
> from your provider, and provides NAT translation for a private RFC-1918 
> subnet, and you've placed your webserver on a VM which lives behind that 
> D-Link router.  If so, you will need to enable static port forwarding for 
> 80/tcp to the VM running the webserver, or perhaps place that IP in the 
> router's "Enable DMZ Host" section of the firewall config.
> 
> This is basic networking; it doesn't have any close relationship to either 
> DNS or webservers.

The ports forwarded to the 192.168.0.101 webserver are unchanged since 2005; 
dns, http and ssh to appropriate ports. The router did change, the static ips 
changed, as well as the physical location of the network and servers. I don't 
know what the issue is, that's why I asked about including explicit PTR files 
to the domain name, as well as the localhost in-addr.arpa, which is the latest 
in a list of "possible irregularities" I have turned up so far that I need to 
confirm one way or the other.

I do appreciate you taking valuable time to answer. I have to wade into it all 
again. I hope I am still welcome to ask questions here as I have seen others 
do, since I subscribed to this list in an effort to learn about BIND and DNS, a 
number of years ago.

Norman
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: PTR files

[Norman Fournier]

On 2013-06-17, at 3:29 PM, Charles Swiger wrote:

> On Jun 17, 2013, at 2:21 PM, Norman Fournier  
> wrote:
>> I am working on bringing a virtual webserver behind a router online and am 
>> encountering problems.
> 
> OK.  The odds are very good that you should ask about this on an 
> Apache/nginx/etc forum, as it's unlikely to be related to DNS or BIND.
> 
>> In my named.conf, this is my in-addr.arpa entry:
>> 
>> zone "0.0.127.in-addr.arpa" IN {
>>  type master;
>>  file "named.local";
>>  allow-update { none; };
>> };
>> 
>> Should I explicitly define the reverse lookup for my ip or does this entry 
>> accomplish the same thing, as it seem to have done so in the past.
> 
> It provides a PTR record for 127.0.0.1; equivalent to the standard /etc/hosts 
> entry of:
> 
> 127.0.0.1 localhost
> 
> There's nothing you should change here.
> 
> Regards,
> -- 
> -Chuck

Thank you for your response

(...Members of the httpd-users list says the same thing - its not an httpd 
problem. I am just trying to take possibilities off my list of potential 
errors, sorry if I am annoying you, it's unintentional and symptomatic of my 
ignorance, so I'm asking questions. I think that is a legitimate use of my 
subscription to this list, and the list's raison d'être. Surely the list is not 
exclusively for individuals who know what they're talking about?..)

This is the error message my browser returns:

> The server at dlinkrouter can't be found, because the DNS lookup failed. DNS 
> is the network service that translates a website's name to its Internet 
> address. This error is most often caused by having no connection to the 
> Internet or a misconfigured network. It can also be caused by an unresponsive 
> DNS server or a firewall...


Instead of "The server at mydomain.com can't be found", etc., - the error 
message states my router brand name. My router config seems fine. How would my 
router name get swapped for my domain name? And where might that error be 
located? In my httpd.conf? named.conf seemed a more likely place, although it 
looks okay to me.

What question might I ask the httpd list that might be enlightening?

Thanks again.

Norman___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

PTR files

[Norman Fournier]

Hello,

I am working on bringing a virtual webserver behind a router online and am 
encountering problems.

In my named.conf, this is my in-addr.arpa entry:

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

Should I explicitly define the reverse lookup for my ip or does this entry 
accomplish the same thing, as it seem to have done so in the past.

Thank you.

Norman
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: [users@httpd] webservers not responding properly after hardware change

[Norman Fournier]

Hello,

I posted this to httpd.apache.org but have not had any response, so I think it 
may be more related to BIND than DNS. Apologies for the cross-post.

I have setup two webservers on my network, one connected directly to the ISP 
with an ethernet card installed to bring it to the router where, it was give an 
internal ip address and ports opened for ftp, smtp and pop. It is ns1. ns2 is 
behind the router and handles http, dns and ssh. Mail is currently being 
properly delivered although my smtp server going out is no longer working for 
obvious reasons.

I can't ping ns1 from ns2. apachectl say my configuration is correct. The only 
change I made that I can see is the ethernet card in ns1 died. How would this 
impact my DNS?

None of the domains on ns2 are available on the web although the websites on 
ns1 are.

The attached diagram shows before and after. Any help would be greatly 
appreciated.

http://www.normanfournier.com/nf-network-diagram-v9.jpg

The ns2 webserver is serving plone instances via a Zope webserver behind Apache.

It appears that the apache webserver is already loaded and that might be the 
problem, although it is not serving any pages. The following is my terminal 
output.

ns2:~ norman$ apachectl -t
Syntax OK
ns2:~ norman$ apachectl restart
launchctl: 
CFURLWriteDataAndPropertiesToResource(/System/Library/LaunchDaemons/org.apache.httpd.plist)
 failed: -10
ns2:~ norman$ apachectl start
launchctl: 
CFURLWriteDataAndPropertiesToResource(/System/Library/LaunchDaemons/org.apache.httpd.plist)
 failed: -10
org.apache.httpd: Already loaded
ns2:~ norman$ 

Norman___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: couldn't add command channel 127.0.0.1#54 error

[Norman Fournier]

On 2011-09-07, at 11:11 AM, michoski wrote:

> On 9/7/11 10:02 AM, "michoski"  wrote:
>> I'm guessing the BIND upgrade caused your startup script, named.conf 
>> location,
>> or something critical to change location...
>> 
>> Cliché I know, but there are good pointers on Google:
>> 
>> http://is.gd/create.php
> 
> Apologies,
> 
> For the record, URL shorteners w/o coffee are hazardous to your health:
> 
> http://is.gd/T2mV6j
> 
> The thing is, if you look through the first few...it really sounds like a
> simple problem relating to your upgrade OS X.  There are even identical
> comments in this thread:
> 
> http://hints.macworld.com/article.php?story=20050420025219402
> 
> And this may be useful:
> 
> http://www.dan.co.jp/cases/macosx/tiger/bind-tiger.html
> 
> Back to the triple.
> 
> -- 
> By nature, men are nearly alike;
> by practice, they get to be wide apart.
>-- Confucius

Thank you michoski and Bill Owens. With your help I was able to get named 
running now.

Norman
---
www: http://www.normanfournier.com
facebook: http://www.facebook.com/normanfournierdotcom
linkedin: http://www.linkedin.com/profile/view?id=18127460
youtube: http://www.youtube.com/user/normanfournier


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

couldn't add command channel 127.0.0.1#54 error

[Norman Fournier]

Hello,

I was running BIND successfully on OS X 10.4 Tiger. That webserver crashed and 
I replaced it with a new cpu and installed OS X 10.5 Leopard and have 
encountered a number of errors in my configuration. This is the latest error 
from the old config files. Any suggestions or pointers as to what might be 
using this address or how I could find out would be appreciated.

Thank you!

Norman

>From Terminal:

Sep  7 09:27:55 norman-fourniers-mac-mini named[3500]: could not listen on UDP 
socket: address in use
Sep  7 09:27:55 norman-fourniers-mac-mini named[3500]: creating IPv4 interface 
lo0 failed; interface ignored
Sep  7 09:27:55 norman-fourniers-mac-mini named[3500]: could not listen on UDP 
socket: address in use
Sep  7 09:27:55 norman-fourniers-mac-mini named[3500]: creating IPv4 interface 
en0 failed; interface ignored
Sep  7 09:27:55 norman-fourniers-mac-mini named[3500]: not listening on any 
interfaces
Sep  7 09:27:55 norman-fourniers-mac-mini named[3500]: /etc/named.conf:18: 
couldn't add command channel 127.0.0.1#54: address in use

>From named.conf:

//
// Include keys file
//
include "/etc/rndc.key";

// Declares control channels to be used by the rndc utility.
//
// It is recommended that 127.0.0.1 be the only address used.
// This also allows non-privileged users on the local host to manage
// your name server.

//
// Default controls
//
acl "internal-net" { 192.168.0.0/24; };

controls {
inet 127.0.0.1 port 54 allow {any;}
keys { "rndc-key"; };
};

options {
directory "/var/named";
/*
 * If there is a firewall between you and nameservers you want
 * to talk to, you might need to uncomment the query-source
 * directive below.  Previous versions of BIND always asked
 * questions using port 53, but BIND 8.1 uses an unprivileged
 * port by default.
 */
// query-source address * port 53;
};
// 
// a caching only nameserver config
// 
view "internal" {

match-clients { internal-net; 127.0.0.1/8; };
recursion yes;

zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

snip-


- - - http://www.normanfournier.com
---
www: http://www.normanfournier.com
facebook: http://www.facebook.com/normanfournierdotcom
linkedin: http://www.linkedin.com/profile/view?id=18127460
youtube: http://www.youtube.com/user/normanfournier


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users