First speedbump passed - Re:DNS question

Madison Kelly linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Fri Jan 16 22:22:11 UTC 2004 

Hi all,

  For the archives;

   The problem turned out to be the result of 'named' not having write 
permissions to it's default directory of '/var/run/named/named.pid' thus 
not being able to create that file (named.pid). I used;

options {
	...
         pid-file "/var/named/named.pid";
	...
};

'named' has write permissions there so all is good. I am not sure yet 
what possible security issues may resolve from this but I will worry 
about that before going live as I refine the config.

Thanks all for (yet again) putting up with my endless questions!

Madison

(PS - Was TLUG essentially dead today or did I not get any messages from 
TLUG?)

Madison Kelly wrote:
> Hi everyone,
> 
>   I am venturing tentatively and carefully into DNS (Bind 9.2.2) with 
> the help of my trusty O'Reilly book but I have hit a snag that I am 
> hoping someone here might be able to help me over. Here's the setup:
> 
>   I have two machines on two public IP addresses (209.167.86.46 = 
> ns1.alteeve.com, 209.167.86.38 = ns2.alteeve.com) which currently are 
> behind a firewall blocking port 53 (I am waiting for our ISP admins to 
> respond to fix that). In the mean time though I have made pretty sure 
> that the config file and zone files are okay (using 'named-checkconf' 
> and 'named-checkzone') and everything looks okay.
> 
>   Now, knowing that the DNS servers are not yet available on the web I 
> decided to try testting the servers on the LAN behind the firewall. To 
> verify that the ports are up and listening I used 'nmap' to check the 
> ns1.alteeve.com server; ports 22, 53, 111 and 1026 are accessible (from 
> behind the FW only). I have 'named' running, too.
> 
>   Now despite all this when I try to use 'dig' or 'nslookup' (specifying 
> the local IP as the server as the name 'ns[1|2].alteeve.com' will not 
> resolve until the DNS servers are live) I get server timeout (can't 
> connect). Now, the DNS is configured for the zone 'madisonave.ca' so 
> that is what I try to resolve in the following examples of what goes wrong:
> 
> [root-uRZ2/RANkOA at public.gmane.org boot]# dig @209.167.68.46 madisonave.ca
> 
> ; <<>> DiG 9.2.2-P3 <<>> @209.167.68.46 madisonave.ca
> ;; global options:  printcmd
> ;; connection timed out; no servers could be reached
> [root-uRZ2/RANkOA at public.gmane.org boot]#
> 
> [root-uRZ2/RANkOA at public.gmane.org boot]# nslookup
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.  Run nslookup with
> the `-sil[ent]' option to prevent this message from appearing.
>  > server 209.167.86.46
> Default server: 209.167.86.46
> Address: 209.167.86.46#53
>  > madisonave.ca
> ;; connection timed out; no servers could be reached
>  >
> 
>   Would it help if I posted 'named.conf' and zone files?
> 
>   Thanks everyone!
> 
> Madison


--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

More information about the Legacy mailing list