Here are the configuration files.
# more named.conf
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "lazarusalliance.com" {
type master;
file "/etc/bind/db.lazarusalliance.com.hosts";
allow-update {
any;
};
allow-transfer {
any;
};
allow-query {
any;
};
};
zone "99.12.71.in-addr.arpa" {
type master;
file "/etc/bind/71.12.99.rev";
};
include "/etc/bind/named.conf.local";
logging {
category lame-servers {
null;
};
};
key rndc-key {
algorithm hmac-md5;
secret "********************************************";
};
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};
++++++++++++++++++++++++++++++
# more named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
++++++++++++++++++++++++++++++
# more named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an
unprivileged
// port by default.
query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
allow-transfer {
any;
};
allow-query {
any;
};
};
++++++++++++++++++++++++++++++
# more db.lazarusalliance.com.hosts
$ttl 3600
@ IN SOA castor.lazarusalliance.com.
postmaster.lazarusalliance.com. (
2010022604
1200
3600
1209600
3600 )
;
@ 3600 IN NS
castor.lazarusalliance.com.
@ 3600 IN NS
pollux.lazarusalliance.com.
;
castor.lazarusalliance.com. IN A 71.12.99.115
pollux.lazarusalliance.com. IN A 71.12.99.116
lazarusalliance.com. IN A 71.12.99.118
;
lazarusalliance.com. IN MX 5 castor.lazarusalliance.com.
++++++++++++++++++++++++++++++
# more 71.12.99.rev
$TTL 38400
@ IN SOA castor.lazarusalliance.com.
postmaster.lazarusalliance.com. (
2010032007
10800
3600
604800
38400 )
@ IN NS castor.lazarusalliance.com.
115 IN PTR castor.lazarusalliance.com.
116 IN PTR pollux.lazarusalliance.com.
118 IN PTR lazarusalliance.com.
On Sun, Mar 21, 2010 at 2:19 PM, michael peters <mdpeter...@gmail.com>wrote:
> Here is more information.
>
> I'm testing my external BIND 9.6.1 systems with
> http://www.checkdns.net/powercheck.aspx. Outbound resolution is fine.
> Internal resolution is fine. External resolution seems to be the problem. My
> firewall allows port 53 UDP and TCP.
>
> The messages I get are:
>
> Found NS record: castor.lazarusalliance.com[71.
> 12.99.115], was resolved to IP address by
> G.GTLD-SERVERS.NET<http://g.gtld-servers.net/>
> Found NS record: pollux.lazarusalliance.com[71.12.99.116], was resolved to
> IP address by G.GTLD-SERVERS.NET <http://g.gtld-servers.net/>
> Domain has 2 DNS server(s)
>
> CheckDNS.NET is verifying if NS are alive
> Error fetching SOA from castor.lazarusalliance.com [71.12.99.115], request
> timed out. Probably DNS server is offline.
> Error fetching SOA from pollux.lazarusalliance.com [71.12.99.116], request
> timed out. Probably DNS server is offline.
> 0 server(s) are alive
> No DNS servers alive, tests stopped
>
> What other information should I provide to be helpful in getting this
> solved?
>
>
> On Sun, Mar 21, 2010 at 2:03 PM, Alan Clegg <acl...@isc.org> wrote:
>
>> michael peters wrote:
>> > Is it a problem to get a message from a DNS checking tool that indicates
>> > "Error fetching SOA from ns1.example.com <http://ns1.example.com>?"
>> Both
>> > of my external BIND 9.6.1 servers respond the same way and I'm assuming
>> > that I need to add something to my configuration.
>>
>> We know nothing about your configuration, nothing about the zone that
>> you are trying to serve, and nothing about the "checking tool" that you
>> are using to test.
>>
>> Not much to go on. Feel free to post configuration information and we
>> might be able to help.
>>
>> AlanC
>>
>>
>> _______________________________________________
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>
>
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
