[SOLVED] MX and CNAME notworking together

**vern** · 07-06-2010

Running BIND9 on CentOS4

I have the following in my Primary zone file, the CNAME entry works fine. However the MX record is coming up as @in.students.schoolname.edu rather than @students.schoolname.edu

students IN CNAME login.live.com.

$ORIGIN students.schoolname.edu.

IN MX 10 1##14#####.mail.outlook.com.

If I do a test with this set up the MX reports back as @IN.students.schoolname.edu

I had the MX record in a subdomain zone and it worked great, however, no matter which way I turn I cannot get both the cname and MX records to work at the same time, any and all ideas appreciated.

**Lazydog** · 07-06-2010

MX records are to point to A records only. Also if you are wanting to post code and keep the format use the code tags.

**abarclay** · 07-07-2010

You've done a good job obfuscating all the details in your zone file - so good that I really have no idea what the problem is.

Can you just post your zone file - including the SOA. As the previous responder indicated, an MX must point to a DNAME, not to an IP address....

Also, can you post the output from either dig or nslookup indicating what you get back and what you expect? You keep saying you get back @something - but I doubt that is what is really coming back.

Is your zone file for the zone "IN.students.schoolname.edu"? If so, then you are
not allowed to have entries with DNAMEs in the "students.schoolname.edu" domain because that is out of zone.

Lastly, you might want to try fully qualifying the DNAMES in your zone file instead of relying on $ORIGIN. It's much clearer...

Something like this:

students.students.schoolname.edu. IN CNAME login.live.com.
students.schoolname.edu. IN MX 10 something.mail.outlook.com.

**vern** · 07-07-2010

This first one shows using a slave zone. The CNAME never works in the slave zone file.

Code:

$TTL 1H
$ORIGIN students.schoolname.edu.
@	IN	SOA	ns1.students.schoolname.edu. root.schoolname.edu. (
			2010070101   ; serial
			1H           ; refresh
			15M          ; retry
			2W           ; expire
			1D           ; minimum
			)

        IN  NS ns1.students.schoolname.edu.
	IN  NS ns2.students.schoolname.edu.

        IN  MX 10  1#########.mail.outlook.com.


ns1   IN   A    ##.###.###.17
ns2   IN   A    ##.###.###.18

Running DIG MX students.schoolname.edu

Code:

; <<>> DiG 9.2.4 <<>> mx students.schoolname.edu
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32244
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;students.schoolname.edu.       IN      MX

;; ANSWER SECTION:
students.schoolname.edu. 3600   IN      MX      10 1#########.mail.outlook.com.

;; AUTHORITY SECTION:
students.schoolname.edu. 3600   IN      NS      ns2.students.schoolname.edu.
students.schoolname.edu. 3600   IN      NS      ns1.students.schoolname.edu.

;; ADDITIONAL SECTION:
ns1.students.schoolname.edu. 3600 IN    A       ##.###.###.##
ns2.students.schoolname.edu. 3600 IN    A       ##.###.###.##

;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jul  7 13:32:48 2010
;; MSG SIZE  rcvd: 152

This one is using the master zone file:

Code:

$TTL 3D
$ORIGIN schoolname.edu.
@	IN	SOA	ns1.schoolname.edu. root.schoolname.edu. (
			2010070601
			1H
			15M
			2W
			1D )

    IN  NS  ns1.schoolname.edu.
    IN  NS  ns2.schoolname.edu.
    
    IN  MX  10  mail.schoolname.edu.

    IN  A   ##.###.###.17
    
ns1             IN  A   ##.###.###.17
annum   	IN  CNAME   ns1
lists		IN  CNAME   ns1
	
ns              IN  CNAME   ns1

ns2             IN  A   ##.###.###.18
angb	        IN  CNAME ns2
studentwebs	IN  CNAME ns2

I left out the records of the other servers, including the primary mail info.

students.schoolname.edu.        IN     CNAME   login.live.com.

Results of DIG students.schoolname.edu

Code:

; <<>> DiG 9.2.4 <<>> students.schoolname.edu
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23351
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 6, ADDITIONAL: 0

;; QUESTION SECTION:
;students.schoolname.edu.       IN      A

;; ANSWER SECTION:
students.schoolname.edu. 2###00 IN      CNAME   login.live.com.
login.live.com.         #####   IN      CNAME   login.live.com.nsatc.net.
login.live.com.nsatc.net. 551   IN      A       ##.#4.###.136
login.live.com.nsatc.net. 551   IN      A       ##.#4.###.179
login.live.com.nsatc.net. 551   IN      A       ##.#4.###.10
login.live.com.nsatc.net. 551   IN      A       ##.#4.###.49
login.live.com.nsatc.net. 551   IN      A       ##.#4.###.77
login.live.com.nsatc.net. 551   IN      A       ##.#4.###.109

;; AUTHORITY SECTION:
nsatc.net.              1####1  IN      NS      j.ns.nsatc.net.
nsatc.net.              1####1  IN      NS      l.ns.nsatc.net.
nsatc.net.              1####1  IN      NS      a.ns.nsatc.net.
nsatc.net.              1####1  IN      NS      b.ns.nsatc.net.
nsatc.net.              1####1  IN      NS      c.ns.nsatc.net.
nsatc.net.              1####1  IN      NS      e.ns.nsatc.net.

;; Query time: 6 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jul  7 13:47:16 2010
;; MSG SIZE  rcvd: 302

If I add the following to the bottom primary zone file:

Code:

$ORIGIN students.schoolname.edu.
   
IN        MX 10  1#########.mail.outlook.com.

The cname works but the MX record points to in.students.schoolname.edu If I indent the IN the zone file errs.

If I change the MS section of the primary to this:

Code:

                            IN  NS  ns1.schoolname.edu.
                            IN  NS  ns2.schoolname.edu.
    
                           IN  MX  10  mail.schoolname.edu.
students             IN  MX   10   1#########.mail.outlook.com.

The MX record works fine ( I get the same results as shown in the slave zone example), however it errs if I readd in the CNAME part.

The CNAME only seems to work in the master zone, the MX will work in both the master and slave zones.

BTW I did try
students.schoolname.edu. IN MX 10 1#########.mail.outlook.com.

&

students.students.schoolname.edu. IN CNAME login.live.com.

they did not work either

**abarclay** · 07-07-2010

Ah, I think this is all making sense now.

First, this comment:
If I indent the IN the zone file errs.

Yeah, that is because if you don't indent, you are actually adding a record with the name "IN". My bet the error you are getting is something like "Can't have CNAME and other data".

This is the problem. You are not allowed to have any DNAME that has both a CNAME and any other record type.

For example, this is illegal:

Code:

foobar.unixpeople.com. IN CNAME woody.unixpeople.com.
foobar.unixpeople.com. IN NS woody.unixpeople.com.

I think you will find that you have NS records for students.schoolname.edu (either explicit or implied) and when you try to use a CNAME, it will fail.

You use the terms master, slave and primary, but I think you mean "parent" and "child" zone.
If you really did mean master and slave in the context of where you used them, then it could be that you have directives in your file to allow "looser enforcement of rules" on the master vs. on the slave. If that is the case, you can google. for these keywords:

check-names ( master | slave | response ) ( fail | warn | ignore );
check-mx ( fail | warn | ignore );
check-integrity boolean;
check-mx-cname ( fail | warn | ignore );

Hope this helps.

**vern** · 07-09-2010

I decided to point the CNAME to somewhere else, out of frustration and it works fine.

Code:

 IN  NS ns1.students.schoolname.edu.
	IN  NS ns2.students.schoolname.edu.

        IN  MX 10  1#########.mail.outlook.com.


ns1   IN   A    ##.###.###.17
ns2   IN   A    ##.###.###.18

;;ADDED LINE

mail        IN    CNAME   login.live.com.

It changes the URL to point to mail.students.schoolname.edu, rather that students.schoolname.edu. Which is fine for me.

Thread Tools

Display

[SOLVED] MX and CNAME notworking together

Posting Permissions