1

Bind9 DNS sever

I have problem with setting up my dns server and another domain under it.

First I have my master domain set up as a ns1 name server and it works.

I need to add another domain which will use the ns1 name server. And when I set up it in my domain registrator with ns1.xxx ns2.xxx ns3.xxx (where ns2 and ns2) are slave name servers from free name server provider.

my /named.conf.local

zone "xxx.pl" {
        type master;
        notify yes;
        allow-transfer {
                zz.zz.zz.zz; 
                yy.yy.yy.yy; 
                kk.kk.kk.kk; 
        };
        file "/etc/bind/domains/xxx.pl";
};

zone "xx.xx.xx.xx.in-addr.arpa" IN {
        type master;
        file "/etc/bind/domains/xxx.pl.rev";
        allow-update { none; };
};

zone "yyy.pl" {
        type master;
        file "/etc/bind/domains/yyy.pl";
        allow-update { none; };
};

my /domains/xxx.pl

$TTL            86400
$ORIGIN         xxx.pl.
@       IN      SOA     ns1.xxx.pl. postmaster.xxx.pl. (#times etc);

@       IN      NS      ns1.xxx.pl.
@       IN      NS      ns2.xxx.pl.
@       IN      NS      ns3.xxx.pl.

@       IN      A       xx.xx.xx.xx
ns1     IN      A       xx.xx.xx.xx
ns2     IN      A       yy.yy.yy.yy
ns3     IN      A       zz.zz.zz.zz

@       IN      MX 10   mx
mx      IN      A       xx.xx.xx.xx

www     IN      A       xx.xx.xx.xx

so till this point it seems to be fine, at least I think so ;)

but when I need to add a new domain there is some kind of problem. I tried to look for something, but whenever I change anything I doesn't affect it at all.

my domains/yyy.pl

$TTL            86400
$ORIGIN         yyy.pl.
@       IN      SOA     ns1.xxx.pl. postmaster.xxx.pl. (#times etc);

@       IN      NS      ns1.xxx.pl.
@       IN      NS      ns2.xxx.pl.
@       IN      NS      ns3.xxx.pl.

@       IN      MX 10   ns1.xxx.pl.

@       IN      A       xx.xx.xx.xx
www     IN      A       xx.xx.xx.xx

my domains/xxx.pl.rev

$TTL            86400
$ORIGIN         xx.xx.xx.xx.in-addr.arpa.
@       IN      SOA     ns1.xxx.pl. postmaster.xxx.pl. (#times etc);

@       IN      NS      ns1.xxx.pl.
@       IN      NS      ns2.xxx.pl.
@       IN      NS      ns3.xxx.pl.

xx.xx.xx.xx.in-addr.arpa      IN      PTR     ns1.xxx.pl.

So domain xxx.pl works good but domain yyy.pl doesn't work at all I cannot even ping it.

Thanks for any clues, and if anyone keen to look at it I can pass more info.

//edit

I updated the config files and now I can dig on the yyy.pl domain

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;yyy.pl.            IN  A

;; AUTHORITY SECTION:
yyy.pl.     10672   IN  SOA ns1.xxx.pl. postmaster.xxx.pl. 2013041010 10800 3200 604800 10800

//edit updated and this configuration works as far as I'm aware, thanks for help!

l1em1on1
  • 57
  • 1
  • 7
  • What do your bind logs say? Errors, warnings, etc? – NickW Apr 19 '13 at 11:05
  • Also, is the missing IN for the MX in xxx.pl a typo? – NickW Apr 19 '13 at 11:06
  • do you mean this: `@ MX 10 mx` if so I think it should be like that, but if not then its a bug then. But still this domain works perfectly fine. At least I think so. – l1em1on1 Apr 19 '13 at 11:08
  • 1
    I haven't read through properly but a quick glance shows multiple entries in the zone files missing dots on the end, and there's an A record in the yyy zone file where the value is a hostname not an IP address. If that's the actual file you'll probably find Bind isn't loading it and you'll see format errors in the logs. – USD Matt Apr 19 '13 at 11:10
  • damn I didn't notice that, so thats may be the problem for sure ;) thanks for pointing it. Will check it right away. – l1em1on1 Apr 19 '13 at 11:11
  • @ l1em1on1 well, either it's an error in the xxx.pl zone, or an error in the yyyy.pl zone.. given that the IN should be there, I'd say it's an error in xxxx.pl. – NickW Apr 19 '13 at 11:13
  • The class (IN) is optional which is why xxx still works. Regarding the missing dots, the MX records in yyy & xx.rev should have a dot on the end (although I don't think you really need an MX record in the reverse zone). Also the PTR record should have a dot on the end of the resource and value. – USD Matt Apr 19 '13 at 11:19
  • I've added an answer and also pointed out the TTL line should be $TTL, as in xxx.pl. When reloading Bind please check your logs and make sure it's not rejecting the zone due to format errors before attempting further tests. – USD Matt Apr 19 '13 at 11:30
  • Also of note, you don't have an A record for 'yyy.pl', only 'www.yyy.pl'. You'll want an '@ IN A x.x.x.x' line if you want 'ping yyy.pl' to work. – USD Matt Apr 19 '13 at 11:32
  • oh well see the point ;) it may be it! – l1em1on1 Apr 19 '13 at 11:39
  • @USDMatt you my HERO!! ;) thank you very much for help indeed the missing dots were a problem and then '@ IN' missing in **yyy.pl** domain for `ping yyy.pl`. Thank again! – l1em1on1 Apr 19 '13 at 11:46
  • l1em1on1, I'm glad USDMatt has found a fix for you. I note that you're new to SF, so I hope you'll forgive me for pointing out that local etiquette is that, when you're happy with an answer, you accept it by clicking on the "tick" outline you see next to it. That drives the SF reputation system both for you and for USDMatt (who I agree is a hero). – MadHatter Apr 19 '13 at 12:04
  • I'd love to but I haven't seen anything like that, and still don't. Where exactly is it? next to the comment or what? – l1em1on1 Apr 19 '13 at 12:22

1 Answers1

1

The incorrect A record in yyy.pl is most likely the reason why that zone is not working. A quick check of the logs should show it rejecting that line of the file. A records should be an IP address not a hostname.

There's also quite a few missing dots off the end of some of the entries. Remember that for fields that take a hostname, a missing dot on the end means it'll add the origin. In the case of yyy.pl for example, the missing dot on the MX record will make that ns1.xxx.pl.yyy.pl.

I guess MX records will porbably work in a reverse zone but I can't see you needing it.

Also the PTR line is missing dots. Following the logic above it's actually adding a record for the following:

xx.xx.xx.xx.in-addr.arpa.xx.xx.xx.xx.in-addr.arpa.      IN      PTR     ns1.xxx.pl.xx.xx.xx.xx.in-addr.arpa.

Edit: There's also a $ missing from the TTL setting in yyy.pl

USD Matt
  • 5,381
  • 15
  • 23
  • the $ in yyy.pl is just typo, it is in config files. I would love to see logs, but have no idea where should I look for them ;). I tried in /var/log and can't see anything related to **named** nor **bind** – l1em1on1 Apr 19 '13 at 11:31
  • Depends on the OS but it's /var/log/messages for me (FreeBSD). As I commented above 'ping yyy.pl' won't work even if the zone is working as you have no A record for it, only 'www.yyy.pl'. I would try a 'dig @localhost soa yyy.pl' first just to make sure the zone is loaded and working, then work on testing the rest of the records. – USD Matt Apr 19 '13 at 11:39