Date: Mon, 27 Sep 1999 20:54:04 +0100 From: "Richard Morte" <richard@sinclairassoc.force9.co.uk> To: <FreeBSD-questions@FreeBSD.ORG> Subject: DNS Configuration just needs tweaking - suggestions? Message-ID: <LOBBKEGHCNEHPLGFIAKPGEMMCAAA.richard@sinclairassoc.force9.co.uk>
next in thread | raw e-mail | index | archive | help
Dear all,
Thanks for your help in the past. Sorry this posting is a bit long, but I've
included the DNS config files in the hope someone will give them the
once-over and spot any errors.
The network configuration is a FreeBSD box (3.2-RELEASE) connected to a
number of win95/98 boxes. Domain is 'at.home' and the network address is
192.168.120. I want to make sure DNS is up and running correctly before I
fully implement ppp on the unix side (ppp currently enabled only for the
unix box). TCP/IP connectivity seems fine: I can scan the network from
Windows and resolve the name of other hosts - the Unix box reports
"192.168.120.001 DNS FTP SMTP sparky.at.home". The main problem is that I
seem to be generating a lot of internet traffic to the root servers when I
use nslookup. Although I can resolve the local network names/addresses and
everything _appears_ to work, I'm not so sure everything is as it should be.
Can anyone make any suggestions?
### Here are my configuration files:
########################################
rc.conf file (overrides):
########################################
named_enable="YES"
#named_flags="-b /etc/namedb/named.boot" # flags for named
### ie, NO flags passed to named so /etc/namedb/named.conf used by default
########################################
Named.conf file (comments stripped out):
########################################
options {
directory "/etc/namedb";
// forward only;
// forwarders {
// // replace next line with ISP Primary DNS IP Address
// 127.0.0.1;
// };
// query-source address * port 53;
// dump-file "s/named_dump.db";
};
// Setting up secondaries is way easier <snip> ...
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
// NB: Do not use the IP addresses below, they are faked, <snip>...
zone "at.home" {
type slave;
file "db.athome";
masters {
192.168.120.1;
};
};
zone "120.168.192.in-addr.arpa" {
type slave;
file "db.athome.rev";
masters {
192.168.120.1;
};
};
########################################
localhost.rev file:
########################################
@ IN SOA sparky.at.home. root.sparky.at.home. (
19990923 ; Serial
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS sparky.at.home.
1 IN PTR localhost.at.home.
########################################
db.athome file:
########################################
; Definition : zone "at.home."
at.home. IN SOA at.home. root.at.home. (
1999092205 ; Serial
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
; Definitions : name servers (ie, this machine only)
IN NS ns
ns IN A 192.168.120.1
; Definitions : hosts
; note: we supply the relative domain name of, for example, "sparky" rather
; than the FQDN of "sparky.at.home." ie, with the terminating period)
; the same is true for the remaining machines in the domain.
sparky IN A 192.168.120.1 ; FreeBSD on P166
rics IN A 192.168.120.101 ; Win 98 on P166
ians IN A 192.168.120.102 ; Win 98 on PII400
rics2 IN A 192.168.120.103 ; Win 95 on 486DX50
########################################
db.athome.rev file:
########################################
; Definition : zone "at.home"
@ IN SOA sparky.at.home. root.sparky.at.home. (
1999092205 ; Serial
3600 ; Refresh
900 ; Retry
3600000 ; Expire
3600 ) ; Minimum
; Definitions : name servers (ie, this machine only)
IN NS sparky.at.home.
; Definitions : reverse lookups
1 IN PTR sparky.at.home.
101 IN PTR rics.at.home.
102 IN PTR ians.at.home.
103 IN PTR rics2.at.home.
### end of config files ...
### nslookup started. All hosts resolve OK (both forwards
and backwards (address <--> name) for all addresses
in the domain 192.168.120 (ie, 1, 101, 102 & 103).
### However, there are problems when trying to resolve
'localhost' and 'localhost.at.home'. Note that
127.0.0.1 resolves successfully to 'localhost.at.home'.
### output of named.run checked for errors, etc. For the
most part it seems OK, but there are one or two things
that do not seem right. These are highlighted below...
##########################################
Output of named.run 990925/2220
##########################################
update_pid_file()
getnetconf(generation 938061529)
getnetconf: SIOCGIFCONF: ifc_len = 280
pn0 sa_len = 20
getnetconf: pn0 AF 18 != INET
pn0 sa_len = 16
getnetconf: considering pn0 [192.168.120.1]
### next line shows duplicate address ###
dup interface addr [192.168.120.1].53 (pn0)
lp0 sa_len = 20
getnetconf: lp0 AF 18 != INET
tun0 sa_len = 20
getnetconf: tun0 AF 18 != INET
sl0 sa_len = 20
getnetconf: sl0 AF 18 != INET
ppp0 sa_len = 20
getnetconf: ppp0 AF 18 != INET
lo0 sa_len = 20
getnetconf: lo0 AF 18 != INET
lo0 sa_len = 16
getnetconf: considering lo0 [127.0.0.1]
### and again... ###
dup interface addr [127.0.0.1].53 (lo0)
evDeselectFD(fd 5, mask 0x1)
fwd ds 5 addr [0.0.0.0].1139
Forwarding source address is [0.0.0.0].1139
evSelectFD(ctx 0x80cd000, fd 5, mask 0x1, func 0x8057cb0, uap 0)
content of zones after loading
zone 1: 0.0.127.IN-ADDR.ARPA, class IN, type master
source localhost.rev
flags 41, serial 19990923, minimum 3600
refresh 0, retry 900, expire 3600000
z_time 0
zone 2: at.home, class IN, type slave
source db.athome
flags 8051, serial 1999092205, minimum 3600
refresh 3600, retry 900, expire 3600000
z_time 938061554 (now 938061529, left: 25)
zone 3: 120.168.192.in-addr.arpa, class IN, type slave
source db.athome.rev
flags 8041, serial 1999092205, minimum 3600
refresh 3600, retry 900, expire 3600000
z_time 938061549 (now 938061529, left: 20)
exit ns_init()
Ready to answer queries.
################################
Output of named.run:
(sample of logged DNS queries)
################################
### typical output of successful query ###
datagram from [192.168.120.1].1140, fd 20, len 40
req: nlookup(1.0.0.127.in-addr.arpa) id 5090 type=12 class=1
req: found '1.0.0.127.in-addr.arpa' as '1.0.0.127.in-addr.arpa' (cname=0)
ns_req: answer -> [192.168.120.1].1140 fd=20 id=5090 size=128
<snip> ... <snip>
### following extract shows findns error (NXDOMAIN) ###
datagram from [192.168.120.1].1141, fd 20, len 44
req: nlookup(1.120.168.192.in-addr.arpa) id 5091 type=12 class=1
req: found '1.120.168.192.in-addr.arpa' as '1.120.168.192.in-addr.arpa'
(cname=0)
sysquery: findns error (NXDOMAIN) on ns.at.home.120.168.192.in-addr.arpa?
ns_req: answer -> [192.168.120.1].1141 fd=20 id=5091 size=121
do_zone_maint for zone 120.168.192.in-addr.arpa (class IN)
zone_maint('120.168.192.in-addr.arpa'); now 938061549
<snip>
### as does this one... ###
datagram from [192.168.120.1].1142, fd 20, len 46
req: nlookup(101.120.168.192.in-addr.arpa) id 5092 type=12 class=1
req: found '101.120.168.192.in-addr.arpa' as '101.120.168.192.in-addr.arpa'
(cname=0)
sysquery: findns error (NXDOMAIN) on ns.at.home.120.168.192.in-addr.arpa?
ns_req: answer -> [192.168.120.1].1142 fd=20 id=5092 size=121
etc...
### What are these errors and are they serious? If so, any idea what to do?
### the following shows the screen output from nslookup...
########################################
terminal output using nslookup:
(queries not resolved properly)
########################################
### query localhost... ###
> localhost
Server: sparky.at.home
Address: 0.0.0.0
<longish wait whilst trying to access servers in named.root.
ppp.log shows lots of traffic...>
*** Request to sparky.at.home timed out
### Is this a problem with localhost.rev? ie. no reference to localhost.
### try localhost.at.home. ###
> localhost.at.home
Server: sparky.at.home
Address: 0.0.0.0
sparky.at.home can't find localhost.at.home: non-existent host/domain
### same problem?
> 127.0.0.1
Server: sparky.at.home
Address: 0.0.0.0
Name: localhost.at.home
Address: 127.0.0.1
### At this point I realised that resolv.conf was incorrect. It had:
127.0.0.1 sparky.at.home sparky
### This was changed to:
domain at.home
nameserver 127.0.0.1
### after changing this and restarting named with 'named.reload', the
only difference in output was a change in the name of the reported
server and its coresponding IP address:
> localhost
Server: localhost.at.home
Address: 127.0.0.1 ### which I dont' think is correct...
*** Request to localhost.at.home timed out
What I intended was for the local DNS to service calls to the local network
and non local network calls to pass through to the net. I'm know I'm going
wrong somewhere, but for days now I just cannot seem to spot it. Any ideas?
Sincerely,
Richard Morte
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LOBBKEGHCNEHPLGFIAKPGEMMCAAA.richard>