FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

 
 
LinkBack Thread Tools
 
Old 08-22-2008, 07:42 AM
randall
 
Default bind9 ns1 and ns2 not authorative

dear all,

i'm doing an attempt to set up a master and slave setup with bind9, at
the moment i have setup 2 etch Vservers on the same machine as ns1 and ns2.


on NS2.itech.nl i get the message "not authorative" and for these
domains there is no transfer between ns1 and ns2.
1 zone (itech.nl) that has been added via smbind transfers OK, so i
guess its not a permission problem. still not sure what to think of the
message "not authorative" is it about ns1 or ns2 or the zone file itself?


Aug 22 09:28:45 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone 'localhost'
Aug 22 09:28:46 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone '255.in-addr.arpa'
Aug 22 09:28:46 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone '127.in-addr.arpa'
Aug 22 09:28:46 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone 'euronic.nl': not authoritative
Aug 22 09:28:46 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone '0.in-addr.arpa'
Aug 22 09:28:46 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone 'unitedmembers.com': not authoritative
Aug 22 09:28:46 ns2 named[19979]: client 212.123.250.54#33799: received
notify for zone 'itech.nl'
Aug 22 09:28:46 ns2 named[19979]: zone itech.nl/IN: notify from
212.123.250.54#33799: zone is up to date



on PRIMARY NS1.itech.nl i have installed smbind to have a nice interface
for adding new domains.


i left named.conf in its original state

i changed /etc/bind/named.conf.options to look as below (not sure if the
allow-transfer is the correct syntax)

options {
forwarders { 208.67.222.222; 208.67.220.220; };
listen-on { 212.123.250.54; };
also-notify {212.123.250.55;}; // all zones
allow-transfer { 212.123.250.55; };

};

/etc/bind/named.conf.local i added:

include "/etc/smbind/smbind.conf";

smbind.conf reads as:

zone "euronic.nl" {
type master;
file "/etc/smbind/zones/euronic.nl";
};

zone "itech.nl" {
type master;
file "/etc/smbind/zones/itech.nl";
};

zone "unitedmembers.com" {
type master;
file "/etc/smbind/zones/unitedmembers.com";
};




on SECONDARY NS2.itech.nl

/etc/bind/named.conf.options
options {
forwarders { 208.67.222.222; 208.67.220.220; };

listen-on { 212.123.250.55; };

allow-notify { 212.123.250.54; };
};






--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 10:03 AM
randall
 
Default bind9 ns1 and ns2 not authorative

Giacomo A. Catenazzi wrote:



you should include also one of these files. Do they contain the
SOA record ("Start of Authority")?

ciao
cate



forgot this one, should the SOA include ns2?



/etc/smbind/zones/euronic.nl
$TTL 86400
@ IN SOA ns1.itech.nl. hostmaster@unitedmembers.com. (
2008082225 ; Serial
28800 ; Refresh
7200 ; Retry
1209600 ; Expire
86400) ; Negative Cache TTL
;
@ IN NS ns1.itech.nl.
@ IN NS ns2.itech.nl.

thanks randall


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 11:27 AM
"Giacomo A. Catenazzi"
 
Default bind9 ns1 and ns2 not authorative

randall wrote:
> Giacomo A. Catenazzi wrote:
>>
>>
>> you should include also one of these files. Do they contain the
>> SOA record ("Start of Authority")?
>>
>> ciao
>> cate
>>
>>
> forgot this one, should the SOA include ns2?
>
>
>
> /etc/smbind/zones/euronic.nl
> $TTL 86400
> @ IN SOA ns1.itech.nl. hostmaster@unitedmembers.com. (

rname should not have the @. You should instead use ".", i.e.:

@ IN SOA ns1.itech.nl. hostmaster.unitedmembers.com. (


BTW these command are useful to check for configuration errors:
named-checkconf /etc/bind/named.conf
named-checkzone /etc/smbind/zones/euronic.nl

ciao
cate


> 2008082225 ; Serial
> 28800 ; Refresh
> 7200 ; Retry
> 1209600 ; Expire
> 86400) ; Negative Cache TTL
> ;
> @ IN NS ns1.itech.nl.
> @ IN NS ns2.itech.nl.
>
> thanks randall
>
>


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 11:32 AM
randall
 
Default bind9 ns1 and ns2 not authorative

Giacomo A. Catenazzi wrote:


rname should not have the @. You should instead use ".", i.e.:

@ IN SOA ns1.itech.nl. hostmaster.unitedmembers.com. (


BTW these command are useful to check for configuration errors:
named-checkconf /etc/bind/named.conf
named-checkzone /etc/smbind/zones/euronic.nl

ciao
cate




2008082225 ; Serial
28800 ; Refresh
7200 ; Retry
1209600 ; Expire
86400) ; Negative Cache TTL
;
@ IN NS ns1.itech.nl.
@ IN NS ns2.itech.nl.

thanks randall






i noticed the @ . thing while copying this earlier, but it does not make
any difference to the original issue tough,

tried both commands but no error or anything.

p.s.
if i'm not misstaking that would be
ns1:/# named-checkzone euronic.nl /etc/smbind/zones/euronic.nl
zone euronic.nl/IN: loaded serial 2008082200
OK


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 01:06 PM
Phil Dyer
 
Default bind9 ns1 and ns2 not authorative

On 08/22/2008 03:42 AM, randall wrote:

> on SECONDARY NS2.itech.nl
>
> /etc/bind/named.conf.options
> options {
> forwarders { 208.67.222.222; 208.67.220.220; };
>
> listen-on { 212.123.250.55; };
>
> allow-notify { 212.123.250.54; };
> };


Do you have ns2 configured as a slave for these zones in it's
/etc/bind/named.conf.local?

zone "unitedmembers.com" {
type slave;
....
};


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 01:37 PM
randall
 
Default bind9 ns1 and ns2 not authorative

Phil Dyer wrote:

On 08/22/2008 03:42 AM, randall wrote:



on SECONDARY NS2.itech.nl

/etc/bind/named.conf.options
options {
forwarders { 208.67.222.222; 208.67.220.220; };

listen-on { 212.123.250.55; };

allow-notify { 212.123.250.54; };
};




Do you have ns2 configured as a slave for these zones in it's
/etc/bind/named.conf.local?

zone "unitedmembers.com" {
type slave;
....
};




no i didn't,

i assumed it would not be necessary to manually add each new zone on
each slave dns server, at least it does not make much sense in my
reasoning, hope i'm not to wrong here



--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 01:42 PM
Stephen Gran
 
Default bind9 ns1 and ns2 not authorative

This one time, at band camp, randall said:
> no i didn't,
>
> i assumed it would not be necessary to manually add each new zone on
> each slave dns server, at least it does not make much sense in my
> reasoning, hope i'm not to wrong here

You are wrong here
--
-----------------------------------------------------------------
| ,'`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
 
Old 08-22-2008, 01:47 PM
randall
 
Default bind9 ns1 and ns2 not authorative

Stephen Gran wrote:

This one time, at band camp, randall said:


no i didn't,

i assumed it would not be necessary to manually add each new zone on
each slave dns server, at least it does not make much sense in my
reasoning, hope i'm not to wrong here



You are wrong here


mmmmm.....at least i'm happy to find out then..

anyway to automate this process? seems like a lot of manual work here.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-22-2008, 01:56 PM
Stephen Gran
 
Default bind9 ns1 and ns2 not authorative

This one time, at band camp, randall said:
> Stephen Gran wrote:
> >This one time, at band camp, randall said:
> >
> >>no i didn't,
> >>
> >>i assumed it would not be necessary to manually add each new zone on
> >>each slave dns server, at least it does not make much sense in my
> >>reasoning, hope i'm not to wrong here
> >>
> >
> >You are wrong here
> >
> mmmmm.....at least i'm happy to find out then..
>
> anyway to automate this process? seems like a lot of manual work here.

Lots of people have lots of hand-rolled scripts that do this sort of
thing. I guess it really depends on how many zones you plan to have and
how many nameservers you have - it's usually not worth the
infrastructure to automate if it's a small setup, but it is once it
starts scaling.
--
-----------------------------------------------------------------
| ,'`. Stephen Gran |
| : :' : sgran@debian.org |
| `. `' Debian user, admin, and developer |
| `- http://www.debian.org |
-----------------------------------------------------------------
 
Old 08-22-2008, 02:04 PM
randall
 
Default bind9 ns1 and ns2 not authorative

Stephen Gran wrote:

This one time, at band camp, randall said:


Stephen Gran wrote:


This one time, at band camp, randall said:



no i didn't,

i assumed it would not be necessary to manually add each new zone on
each slave dns server, at least it does not make much sense in my
reasoning, hope i'm not to wrong here



You are wrong here



mmmmm.....at least i'm happy to find out then..

anyway to automate this process? seems like a lot of manual work here.



Lots of people have lots of hand-rolled scripts that do this sort of
thing. I guess it really depends on how many zones you plan to have and
how many nameservers you have - it's usually not worth the
infrastructure to automate if it's a small setup, but it is once it
starts scaling.

the number of zones will be several hundreds, and the reason i planned
to use smbind is because i need them added by somebody who is not
familiar with hand editing files.


any script recommendations?






--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 09:56 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org