Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 20 of 20
# rndc stats # rndc status number of zones: 6 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF server is ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Just Joined!
    Join Date
    Apr 2005
    Posts
    11

    # rndc stats
    # rndc status
    number of zones: 6
    debug level: 0
    xfers running: 0
    xfers deferred: 0
    soa queries in progress: 0
    query logging is OFF
    server is up and running

    # grep '^success' /var/named/named.stats
    success 0
    success 0 localhost
    success 0 0.0.127.in-addr.arpa
    success 0 dnstest.com
    success 0 8.b.d.0.1.0.0.2.ip6.arpa
    success 0
    success 0 localhost
    success 0 0.0.127.in-addr.arpa
    success 0 dnstest.com
    success 0 8.b.d.0.1.0.0.2.ip6.arpa
    success 0
    success 0 localhost
    success 0 0.0.127.in-addr.arpa
    success 0 dnstest.com
    success 0 8.b.d.0.1.0.0.2.ip6.arpa

    # rndc flush
    # dig +norec @127.0.0.1 dnstest.com soa

    ; <<>> DiG 9.2.1 <<>> +norec @127.0.0.1 dnstest.com soa
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29333
    ;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;dnstest.com. IN SOA

    ;; ANSWER SECTION:
    dnstest.com. 38400 IN SOA jedy.dnstest.com. root.jedy.dnstest.com. 2005042905 10800 3600 604800 38400

    ;; AUTHORITY SECTION:
    dnstest.com. 38400 IN NS jedy.dnstest.com.

    ;; ADDITIONAL SECTION:
    jedy.dnstest.com. 38400 IN AAAA 2001:db8:0:1:2e0:29ff:fe9e:eb29

    ;; Query time: 2 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Sat Apr 30 09:42:18 2005
    ;; MSG SIZE rcvd: 117

  2. #12
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    That's what I'm talking about. Something HAD changed. It looks like it just might work. Let's do this thing:

    dig jedy.dnstest.com aaaa

  3. #13
    Just Joined!
    Join Date
    Apr 2005
    Posts
    11
    dig jedy.dnstest.com aaaa

    ; <<>> DiG 9.2.1 <<>> jedy.dnstest.com aaaa
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35885
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;jedy.dnstest.com. IN AAAA

    ;; AUTHORITY SECTION:
    dnstest.com. 3600 IN SOA dnstest.com.dnstest.com. dnsrecord.dnstest.com. 504302229 172800 3600 1728000 3600

    ;; Query time: 203 msec
    ;; WHEN: Sun May 1 07:27:45 2005
    ;; MSG SIZE rcvd: 92

  4. #14
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    Ok, so nothing changed. This is fast looking like a bug in BIND. Your dns server is supposed to be authoritative for dnstest.com. We've confirmed that in more than one way. Let's explore this problem a bit by showing me the results for the following commands:

    rndc flush
    dig +norec jedy.dnstest.com aaaa
    dig +norec jedy.dnstest.com any
    dig +norec dnstest.com any
    dig dnstest.com axfr

  5. #15
    Just Joined!
    Join Date
    Apr 2005
    Posts
    11
    rndc flush
    dig +norec jedy.dnstest.com aaaa

    ; <<>> DiG 9.2.1 <<>> +norec jedy.dnstest.com aaaa
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57856
    ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 11

    ;; QUESTION SECTION:
    ;jedy.dnstest.com. IN AAAA

    ;; AUTHORITY SECTION:
    com. 149454 IN NS H.GTLD-SERVERS.NET.
    com. 149454 IN NS I.GTLD-SERVERS.NET.
    com. 149454 IN NS J.GTLD-SERVERS.NET.
    com. 149454 IN NS K.GTLD-SERVERS.NET.
    com. 149454 IN NS L.GTLD-SERVERS.NET.
    com. 149454 IN NS M.GTLD-SERVERS.NET.
    com. 149454 IN NS A.GTLD-SERVERS.NET.
    com. 149454 IN NS B.GTLD-SERVERS.NET.
    com. 149454 IN NS C.GTLD-SERVERS.NET.
    com. 149454 IN NS D.GTLD-SERVERS.NET.
    com. 149454 IN NS E.GTLD-SERVERS.NET.
    com. 149454 IN NS F.GTLD-SERVERS.NET.
    com. 149454 IN NS G.GTLD-SERVERS.NET.

    ;; ADDITIONAL SECTION:
    C.GTLD-SERVERS.NET. 152788 IN A 192.26.92.30
    D.GTLD-SERVERS.NET. 152788 IN A 192.31.80.30
    E.GTLD-SERVERS.NET. 152788 IN A 192.12.94.30
    F.GTLD-SERVERS.NET. 152689 IN A 192.35.51.30
    G.GTLD-SERVERS.NET. 152788 IN A 192.42.93.30
    H.GTLD-SERVERS.NET. 152788 IN A 192.54.112.30
    I.GTLD-SERVERS.NET. 152788 IN A 192.43.172.30
    J.GTLD-SERVERS.NET. 152788 IN A 192.48.79.30
    K.GTLD-SERVERS.NET. 152788 IN A 192.52.178.30
    L.GTLD-SERVERS.NET. 152788 IN A 192.41.162.30
    M.GTLD-SERVERS.NET. 152788 IN A 192.55.83.30

    ;; Query time: 1 msec
    ;; WHEN: Mon May 2 00:47:02 2005
    ;; MSG SIZE rcvd: 434

    dig +norec jedy.dnstest.com any

    ; <<>> DiG 9.2.1 <<>> +norec jedy.dnstest.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43582
    ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 11

    ;; QUESTION SECTION:
    ;jedy.dnstest.com. IN ANY

    ;; AUTHORITY SECTION:
    com. 149394 IN NS B.GTLD-SERVERS.NET.
    com. 149394 IN NS C.GTLD-SERVERS.NET.
    com. 149394 IN NS D.GTLD-SERVERS.NET.
    com. 149394 IN NS E.GTLD-SERVERS.NET.
    com. 149394 IN NS F.GTLD-SERVERS.NET.
    com. 149394 IN NS G.GTLD-SERVERS.NET.
    com. 149394 IN NS H.GTLD-SERVERS.NET.
    com. 149394 IN NS I.GTLD-SERVERS.NET.
    com. 149394 IN NS J.GTLD-SERVERS.NET.
    com. 149394 IN NS K.GTLD-SERVERS.NET.
    com. 149394 IN NS L.GTLD-SERVERS.NET.
    com. 149394 IN NS M.GTLD-SERVERS.NET.
    com. 149394 IN NS A.GTLD-SERVERS.NET.

    ;; ADDITIONAL SECTION:
    C.GTLD-SERVERS.NET. 152728 IN A 192.26.92.30
    D.GTLD-SERVERS.NET. 152728 IN A 192.31.80.30
    E.GTLD-SERVERS.NET. 152728 IN A 192.12.94.30
    F.GTLD-SERVERS.NET. 152629 IN A 192.35.51.30
    G.GTLD-SERVERS.NET. 152728 IN A 192.42.93.30
    H.GTLD-SERVERS.NET. 152728 IN A 192.54.112.30
    I.GTLD-SERVERS.NET. 152728 IN A 192.43.172.30
    J.GTLD-SERVERS.NET. 152728 IN A 192.48.79.30
    K.GTLD-SERVERS.NET. 152728 IN A 192.52.178.30
    L.GTLD-SERVERS.NET. 152728 IN A 192.41.162.30
    M.GTLD-SERVERS.NET. 152728 IN A 192.55.83.30

    ;; Query time: 2 msec
    ;; WHEN: Mon May 2 00:48:02 2005
    ;; MSG SIZE rcvd: 434

    dig +norec dnstest.com any

    ; <<>> DiG 9.2.1 <<>> +norec dnstest.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58619
    ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 11

    ;; QUESTION SECTION:
    ;dnstest.com. IN ANY

    ;; AUTHORITY SECTION:
    com. 149372 IN NS I.GTLD-SERVERS.NET.
    com. 149372 IN NS J.GTLD-SERVERS.NET.
    com. 149372 IN NS K.GTLD-SERVERS.NET.
    com. 149372 IN NS L.GTLD-SERVERS.NET.
    com. 149372 IN NS M.GTLD-SERVERS.NET.
    com. 149372 IN NS A.GTLD-SERVERS.NET.
    com. 149372 IN NS B.GTLD-SERVERS.NET.
    com. 149372 IN NS C.GTLD-SERVERS.NET.
    com. 149372 IN NS D.GTLD-SERVERS.NET.
    com. 149372 IN NS E.GTLD-SERVERS.NET.
    com. 149372 IN NS F.GTLD-SERVERS.NET.
    com. 149372 IN NS G.GTLD-SERVERS.NET.
    com. 149372 IN NS H.GTLD-SERVERS.NET.

    ;; ADDITIONAL SECTION:
    C.GTLD-SERVERS.NET. 152706 IN A 192.26.92.30
    D.GTLD-SERVERS.NET. 152706 IN A 192.31.80.30
    E.GTLD-SERVERS.NET. 152706 IN A 192.12.94.30
    F.GTLD-SERVERS.NET. 152607 IN A 192.35.51.30
    G.GTLD-SERVERS.NET. 152706 IN A 192.42.93.30
    H.GTLD-SERVERS.NET. 152706 IN A 192.54.112.30
    I.GTLD-SERVERS.NET. 152706 IN A 192.43.172.30
    J.GTLD-SERVERS.NET. 152706 IN A 192.48.79.30
    K.GTLD-SERVERS.NET. 152706 IN A 192.52.178.30
    L.GTLD-SERVERS.NET. 152706 IN A 192.41.162.30
    M.GTLD-SERVERS.NET. 152706 IN A 192.55.83.30

    ;; Query time: 1 msec
    ;; WHEN: Mon May 2 00:48:25 2005
    ;; MSG SIZE rcvd: 429

    dig dnstest.com axfr

    ; <<>> DiG 9.2.1 <<>> dnstest.com axfr
    ;; global options: printcmd
    ; Transfer failed.

  6. #16
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    Well that wasn't nice. Total, absolute failure. Let's try querying the IPv4 loopback IP again.

    dig +norec @127.0.0.1 jedy.dnstest.com aaaa

  7. #17
    Just Joined!
    Join Date
    Apr 2005
    Posts
    11
    # dig +norec @127.0.0.1 jedy.dnstest.com aaaa

    ; <<>> DiG 9.2.1 <<>> +norec @127.0.0.1 jedy.dnstest.com aaaa
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3450
    ;; flags: qr aa ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;jedy.dnstest.com. IN AAAA

    ;; ANSWER SECTION:
    jedy.dnstest.com. 38400 IN AAAA 2001:db8:0:1:2e0:29ff:fe9e:eb29

    ;; AUTHORITY SECTION:
    dnstest.com. 38400 IN NS jedy.dnstest.com.

    ;; Query time: 2 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon May 2 01:51:21 2005
    ;; MSG SIZE rcvd: 76

  8. #18
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    welp, it looks like we've isolated the problem. All queries to the loopback IPv4 work normally. BIND is listening on all IPv6 addresses, and responds to queries sent to those addresses, but somehow ignores the dnstest.com zone. My recommendation is to do 1 of two things.

    1) Change the resolv.conf to use 127.0.0.1 as the nameserver IP.
    2) Upgrade BIND to 9.3.1. If you need help upgrading or the problem persists, let me know.

  9. #19
    Just Joined!
    Join Date
    Apr 2005
    Posts
    11
    I added nameserver 127.0.0.1 into /etc/resolve.conf , result is still the same:
    # nslookup
    Note: nslookup is deprecated and may be removed from future releases.
    Consider using the `dig' or `host' programs instead. Run nslookup with
    the `-sil[ent]' option to prevent this message from appearing.
    > jedy.dnstest.com
    Server: 2001:db8:0:1:2e0:29ff:fe9e:eb29
    Address: 2001:db8:0:1:2e0:29ff:fe9e:eb29

    ** server can't find jedy.dnstest.com: NXDOMAIN

    bind-9.2.1 is the lastest RPM file so far, although 9-3-1 is sourcefile.
    I saw some websites that say bind8 already supports IPv6, like
    http://www.isi.edu/~bmanning/v6DNS.html#Introduction
    http://www.visc.vt.edu/ipv6/doc/dns.html

    do you think my dnstest.com.zone file is correct by the way?

  10. #20
    Linux Newbie
    Join Date
    Mar 2005
    Posts
    230
    Depends on what you mean by asking if your zone file is fine. If fine means BIND is loading it without errors, then yes, that is the case. You can see this most easily by running the following command:

    named-checkzone dnstest.com /var/named/dnstest.com.zone

    It should say 'Ok, loaded serial #####' or something like that. Yes, your version of redhat probably doesn't have some of the requirements that the latest Redhat Development BIND RPM need. But, if you build an RPM from a source package then you can install BIND with dependancies that better fit your system. Here's the steps for building a BIND 9.3.1 rpm from the srpm.

    cd /usr/src/redhat/SRPMS
    wget ftp://rpmfind.net/linux/fedora/core/...-2_FC4.src.rpm
    rpm -ivh bind-9.3.1-2_FC4.src.rpm
    cd /usr/src/redhat/SPECS
    rpmbuild -bb bind.spec
    cd /usr/src/redhat/RPMS/i386
    rpm -Uvh bind-9.3.1-2_FC4.i386.rpm bind-utils-9.3.1-2_FC4.i386.rpm

    This is only a rough estimate of course. It may not be that simple for you.

    Also, the nslookup isn't right. If you had changed your nameserver in /etc/resolv.conf, then it will be querying 127.0.0.1 instead of the IPv6 address. Maybe it's just a case of the system not having reloaded the /etc/resolv.conf file.

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •