Date: Sat, 08 Sep 2001 11:13:04 -0500 From: Len Conrad <LConrad@Go2France.com> To: <freebsd-isp@freebsd.org> Subject: Re: Some problems with DNS server.. Message-ID: <5.1.0.14.0.20010908110243.0285ab68@mail.Go2France.com> In-Reply-To: <007101c1387f$dff71ac0$0200a8c0@lv> References: <5.1.0.14.0.20010908101920.02fe7740@mail.Go2France.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>nslookup -q=a www.astranet.lv ns1.astranet.lv >*** Can't find server name for address 62.85.45.34: Non-existent host/domain >*** Default servers are not available > nslookup -q=ptr 34.45.85.62.in-addr.arpa. ns1.astranet.lv >*** Can't find server name for address 62.85.45.34: Non-existent host/domain >*** Default servers are not available I said: use dig, not nslookup >You see, the main problem is, that our nameserver doesn't responds properly, >as far as i'm concerned. use dig, your concerns, if any remain with dig, will be better founded >Ok, I'm not the authority for 45.85.62 zone yet with my ns1.astranet.lv. >ns3.delfi.lv is supposed to be a secondary for that zone, as soon as i >finish my configuration. But I am the authority for astranet.lv domain, so >this must be ok, but it isn't. nslookup stupidly requires the queried NS to have PTR record. forward and reverse authority are totally independent. ; <<>> DiG 8.3 <<>> astranet.lv any ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 3 ;; QUERY SECTION: ;; astranet.lv, type = ANY, class = IN ;; ANSWER SECTION: astranet.lv. 30M IN NS ns1.astranet.lv. astranet.lv. 30M IN NS ns2.astranet.lv. astranet.lv. 1d23h21m48s IN SOA ns1.astranet.lv. hostmaster.astranet.lv.astranet.lv. ( 2001090800 ; serial 1D ; refresh 2H ; retry 5w6d16h ; expiry 2D ) ; minimum (note: the last field in SOA is now negative TTL, no longer zone default TTL) astranet.lv. 2d23h21m48s IN MX 9 mail.astranet.lv. ;; AUTHORITY SECTION: astranet.lv. 30M IN NS ns1.astranet.lv. astranet.lv. 30M IN NS ns2.astranet.lv. ;; ADDITIONAL SECTION: ns1.astranet.lv. 30M IN A 62.85.45.34 ns2.astranet.lv. 30M IN A 62.85.45.35 mail.astranet.lv. 2d23h2m58s IN A 62.85.45.36 ;; Total query time: 197 msec ;; FROM: Lists.Opt-In4Email.com to SERVER: default -- 209.25.194.212 ;; WHEN: Sat Sep 8 12:04:02 2001 ;; MSG SIZE sent: 29 rcvd: 221 Since your NS has not been delegated reverse zone authority from delfi and there is no PTR for your ipīs, nslookup fails. >Anyway, dig DOES a greater output where everythings allright.. >I still can't get it. So, maybe there is a problem with /etc/resolv.conf? nope > or >with /etc/namedb/named.conf? nope, but have you turned on logging to see what errors you have and what queries bind is seeing? > /etc/namedb/named.root? nope > /etc/namedb/zone file? stay with dig. Hereīs a zone analysis Errors ---------------------------------------------------------------------- o Non-authoritative data received from the server "ns2.astranet.lv." The server "ns2.astranet.lv." is listed as being authoritative for the domain, but it does not contain authoritative data for it. o Only one of your name servers has autoritative data for the zone. The server "ns1.astranet.lv." is the only server that has authoritaive data for the zone. If this server becomes unavailable, your domain will become inacessible. o The hostmaster address "hostmaster.astranet.lv@astranet.lv" does not exist. None of the mail servers for "astranet.lv." recognized the hostmaster address "hostmaster.astranet.lv@astranet.lv" Warnings ---------------------------------------------------------------------- o The name server "ns1.astranet.lv." does not permit zone transfers The name server "ns1.astranet.lv." has been configured to reject unauthorized zone transfers and the application will not be able to use data from this server while analyzing the zone. o Zone transfer from authoritative servers not possible It was not possible to perform a zone transfer from any of the authoritative name servers for the zone. This will limit the range of tests performed for the zone. o The TTL field in the SOA record contains an unusually high value The value 259200 of the TTL field in the SOA record is unusually high. The value for this field should be within the range 3600 - 172800. o The TTL value 259200, in the A record "ns2.astranet.lv." is rather high The TTL value 259200, used in the A record "ns2.astranet.lv.", is unusually high. The TTL value should be within the range 3600 - 172800. o The TTL value 259200, in the A record "ns1.astranet.lv." is rather high The TTL value 259200, used in the A record "ns1.astranet.lv.", is unusually high. The TTL value should be within the range 3600 - 172800. o The TTL value 259200, in the A record "mail.astranet.lv." is rather high The TTL value 259200, used in the A record "mail.astranet.lv.", is unusually high. The TTL value should be within the range 3600 - 172800. o The TTL value 259200, in the NS record "astranet.lv." is rather high The TTL value 259200, used in the NS record "astranet.lv.", is unusually high. The TTL value should be within the range 3600 - 172800. o The TTL value 259200, in the MX record "astranet.lv." is rather high The TTL value 259200, used in the MX record "astranet.lv.", is unusually high. The TTL value should be within the range 3600 - 172800. o There is only one MX record in the zone The zone contains only one MX record. This will cause mail delivery problems if the primary mail server becomes unavailable. For safety purposes, there should be two or more mail servers for every zone, the extra mail servers being used as backup (secondary) servers for the primary server. Len http://MenAndMice.com/DNS-training http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010908110243.0285ab68>