gui <gco...@gmail.com> wrote:
>hello,
>
>i have s strange probleme with my bind server, and i hope someone
>could point out the problem, here is the description,
>
>i have two bind servers (replication, multi-master), bind 9.3.4, same
>version, same configuration (normally).
>I tried to do some PTR delegation, so for example, i have a 104.10.in-
>addr.arpa zone, the master of the zone is my bind server, in this zone
>file i have this :
>
>0.104.10.in-addr.arpa. IN NS otherDNSserver.fqdn
>
>on the first server, when i check with dig :
> i get nothing :
>
>dig 0.104.10.in-addr.arpa :
>
>; <<>> DiG 9.3.4-P1.1 <<>> 0.104.10.in-addr.arpa
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60811
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;0.104.10.in-addr.arpa. IN A
>
>;; Query time: 108 msec
>;; SERVER: 10.x.x.x#53(10.x.x.x)
>;; WHEN: Fri Jul 10 17:17:52 2009
>;; MSG SIZE rcvd: 39
>
>
>on the other one, it works :
>
>
>; <<>> DiG 9.3.4-P1.1 <<>> 0.104.10.in-addr.arpa
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58295
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;0.104.10.in-addr.arpa. IN A
>
>;; AUTHORITY SECTION:
>0.104.10.in-addr.arpa. 3600 IN SOA myotherdnsserver.fqdn.
>hostmaster.myotherserver.fqdn. 310 900 600 86400 3600
>
>;; Query time: 4005 msec
>;; SERVER: 10.2.129.9#53(10.2.129.9)
>;; WHEN: Thu Jul 23 09:03:51 2009
>;; MSG SIZE rcvd: 113
>
>
>and i can't find what to do to make this work correctly on the first
>server....
>
>hope you'll have more ideas than me :-))
>
>thank you !
The first query does not produce "nothing"; it tells you via these lines:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60811
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;0.104.10.in-addr.arpa. IN A
The return code is NXDOMAIN. There is no "aa" in the flags, so the
response is not authoritative. The server knows nothing about this
domain. Note that you are querying for the address of a class-c
subnet, and that subnet has no address.
The second query "works"; it gives you more information than the first
query:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58295
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;0.104.10.in-addr.arpa. IN A
;; AUTHORITY SECTION:
0.104.10.in-addr.arpa. 3600 IN SOA myotherdnsserver.fqdn.
The return code is NOERROR. There are 0 answer sections in the
response. The response is not authoritative. But the server knows
(and gives) the SOA for the zone. I am assuming that this server had
the SOA record in its cache.
As to why these two DNS servers do not know about the zone, I cannot
tell. This is a 10-subnet, so we would not be able to query it.
We would have to see the config files from the two servers to see
how they define the zone.
Here is a query I made for the address of one of our Class-B subnets:
solaris% dig 139.146.in-addr.arpa
; <<>> DiG 8.3 <<>> 139.146.in-addr.arpa
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; 139.146.in-addr.arpa, type = A, class = IN
;; AUTHORITY SECTION:
139.146.in-addr.arpa. 2H IN SOA dns0.anl.gov. hostmaster.anl.gov. (
2009072402 ; serial
2H ; refresh
1H ; retry
2W ; expiry
2H ) ; minimum
...
solaris%
Note that the answer has NOERROR, aa, and 0 answer sections.
The response is authoritative, as the server I queried is a slave for
this zone. The query was for an "A" record that does not exist.
A query for NS records might give you the NS record set for the zone,
depending upon your BIND configuration.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: bsfin...@anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
