RE: What is wrong with my second $ORIGIN
Just as a general piece of advice, if you're trying to troubleshoot a zonefile parsing issue, sometimes it's useful to just do a zone transfer of the loaded zone and eyeball it. This is obviously more practical with a smaller zone (such as the one you showed) than a huge one, but even if the zone is large, you can focus on only the specific names/RRsets that you consider problematic. In this case, a zone transfer would have shown the $ORIGIN being appended to the name in the input file which was missing the trailing period. It should have stuck out like a sore thumb, as they say, because the name would have been long and strange-looking. Sometimes that's a really quick way to home in on the problem than to stare at the input zone file and mimic the zonefile-parsing algorithm in one's head. Of course, this assumes the zone loaded at all. It's possible to mess up a zonefile so much that it doesn't even load, but, in such cases, BIND usually gives a very specific error message about what's wrong. So those don't tend to lead to "mysteries" like the more subtle errors do (e.g. trailing-period omissions). - Kevin -Original Message- From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Harshith Mulky Sent: Friday, September 15, 2017 4:16 AM To: bind-users@lists.isc.org Subject: Re: What is wrong with my second $ORIGIN Than you All. Did not notice I had missed a trailing '.' Will make sure I do not miss these things the next time I test -- Sent from: http://bind-users-forum.2342410.n4.nabble.com/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
Than you All. Did not notice I had missed a trailing '.' Will make sure I do not miss these things the next time I test -- Sent from: http://bind-users-forum.2342410.n4.nabble.com/ ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
Am 14.09.2017 um 14:40 schrieb Alan Clegg: On 9/14/17 8:35 AM, Reindl Harald wrote: so that it doesn't matter whether you have the trailing . or not. Downside, of course, is that you have to repeat your domain name about a gazillion times. scripting is the better answer Dynamic zones is the better, better answer. 8-) not if you maintain a internal and a external view of some hundret zones because you have to replace public against private IP's and feed tw namserver pairs :-) with a cisco router you have two options: * no connection to public IPs answered by your nameserver * enable DNS-ALG which would translate problem is that DNS-ALG fucks up DNS heavily - one example is that the zone-transfer between master/slave get rewritten and frankly in front of every CNAME a line placed setting TTL to 0 it took hours to find out why the secondary nameserver responds to the hwole world with other TTL and how it can be that the zonefiles between slave and master are completly different :-) ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
On 9/14/17 8:35 AM, Reindl Harald wrote: >> so that it doesn't matter whether you have the trailing . or not. >> >> Downside, of course, is that you have to repeat your domain name about a >> gazillion times. > > scripting is the better answer Dynamic zones is the better, better answer. 8-) Have a great day! AlanC signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
Am 14.09.2017 um 14:21 schrieb Tony Finch: Mukund Sivaraman wrote: Missing a trailing period(.) Here's a fun trick to avoid making this mistake: use FQDNs everywhere in the zone file, and use the directive $ORIGIN . so that it doesn't matter whether you have the trailing . or not. Downside, of course, is that you have to repeat your domain name about a gazillion times. scripting is the better answer our toolset just would have added to "ns1.mail.lab.example.com" at final dot because it contains more than one dot like it would to with "mail.exmaple.com" while "mail.example" would not get touched sicne it's clearly a subdmain how often do you have "sub.sub.sub" within a zone and how often it's a external server - if you really need "sub.sub.sub" then you are require to type it full-qualified including the domain name, well and then the final dot is added again automatically - that don't happen that often and if you have a larger subdomain that deep just maintain it in a own zone file that is catching real life for many years now and generates complete zone files out of a simple database with a small webinterface ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
Mukund Sivaraman wrote: > > Missing a trailing period(.) Here's a fun trick to avoid making this mistake: use FQDNs everywhere in the zone file, and use the directive $ORIGIN . so that it doesn't matter whether you have the trailing . or not. Downside, of course, is that you have to repeat your domain name about a gazillion times. Tony. -- f.anthony.n.finchhttp://dotat.at/ - I xn--zr8h punycode Malin, Hebrides: Northwest 5 to 7, occasionally gale 8 at first. Rough or very rough in west, moderate or rough in east. Showers. Good, occasionally moderate. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
Please read the error message *carefully*. ns1.mail.lab.example.com.lab.example.com != ns1.mail.lab.example.com. You are missing a terminating period on the MX record. Mark In message , Harshith Mulky writes: > Hello Experts, > > > Whats wrong with my second $ORIGIN here: > > > $ORIGIN lab.example.com. > $TTL 1d > @ IN SOA colombo root.lab.example.com. ( > 2003022720 ; Serial > 56800 ; Refresh > 14400 ; Retry > 360; Expire > 2h ); Min > > ;NS Records > @ IN NS ns1.lab.example.com. > @ IN NS ns2.lab.example.com. > mail IN NS ns1.mail.lab.example.com > > ;A Records > ns1IN A 192.0.2.123 > ns2IN A 192.0.2.124 > > $ORIGIN mail.lab.example.com. > ns1IN A 192.0.2.155 > > > > > > When I try this > > > named-checkzone lab.example.com lab.example.zone > zone lab.example.com/IN: mail.lab.example.com/NS > 'ns1.mail.lab.example.com.lab.example.com' has no address records (A or > ) > zone lab.example.com/IN: loaded serial 2003022720 > OK > > > > named-checkzone is saying it is fine > > > But why do I get error/warning like > > > zone lab.example.com/IN: mail.lab.example.com/NS > 'ns1.mail.lab.example.com.lab.example.com' has no address records (A or > ) > > > > My Bind version is: bind-9.9.5P1-2.2.2.x86_64 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: What is wrong with my second $ORIGIN
On Thu, Sep 14, 2017 at 07:02:52AM +, Harshith Mulky wrote: > Whats wrong with my second $ORIGIN here: > > > $ORIGIN lab.example.com. > $TTL 1d > @ IN SOA colombo root.lab.example.com. ( > 2003022720 ; Serial > 56800 ; Refresh > 14400 ; Retry > 360; Expire > 2h ); Min > > ;NS Records > @ IN NS ns1.lab.example.com. > @ IN NS ns2.lab.example.com. > mail IN NS ns1.mail.lab.example.com Missing a trailing period(.) "ns1.mail.lab.example.com" is not an absolute name. "ns1.mail.lab.example.com." is absolute. Mukund ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
What is wrong with my second $ORIGIN
Hello Experts, Whats wrong with my second $ORIGIN here: $ORIGIN lab.example.com. $TTL 1d @ IN SOA colombo root.lab.example.com. ( 2003022720 ; Serial 56800 ; Refresh 14400 ; Retry 360; Expire 2h ); Min ;NS Records @ IN NS ns1.lab.example.com. @ IN NS ns2.lab.example.com. mail IN NS ns1.mail.lab.example.com ;A Records ns1IN A 192.0.2.123 ns2IN A 192.0.2.124 $ORIGIN mail.lab.example.com. ns1IN A 192.0.2.155 When I try this named-checkzone lab.example.com lab.example.zone zone lab.example.com/IN: mail.lab.example.com/NS 'ns1.mail.lab.example.com.lab.example.com' has no address records (A or ) zone lab.example.com/IN: loaded serial 2003022720 OK named-checkzone is saying it is fine But why do I get error/warning like zone lab.example.com/IN: mail.lab.example.com/NS 'ns1.mail.lab.example.com.lab.example.com' has no address records (A or ) My Bind version is: bind-9.9.5P1-2.2.2.x86_64 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
