Topic: DNS problems

[Arnie]

I am having a few problems with DNS. I have searched the forums for a fix but I couldn't find anything that works.

I am running SME 5.6U5. The machine is called jumpgate with a local IP of 192.168.1.1 and I have used a local domain of babylon.local. I also have a virtual domain of jumpgate.homeunix.com which is a dyndns.org domain. I use the ddclient contrib to update the domain whenever my ISP changes my dynamic DNS.

In my Hostnames and Addresses panel I have a list of the default hosts for each domain that SME creates for you. I can ping all the ones in the virtual domain from any machine on my local net, but I can't ping any of the babylon.local machines form any machine, including the SME server.

I can only access the server manager by using http://jumpgate. http://Http://jumpgate.babylon.local will not work. I tried tinkering and found a few things out. If I do a ping -a 192.168.1.1 from a Win2K machine, the name it returns is JUMPGATE and not jumpgate. This leads me to believe that the only reason the wintel boxes on my network can ping the SME server is because the server is also an NT domain controller and is broadcating the NetBios name of JUMPGATE.

The SME box can ping jumpgate and jumpgate.babylon.local, but not {www | mail | proxy | wpad | ftp}.babylon.local. There is the following entry in the hosts file for the server:

192.168.1.1  jumpgate.babylon.local  jumpgate

I can ping {www | mail | proxy | wpad | ftp}.jumpgate.homeunix.com with no problem because they are being served from dyndns.org. nslookup says the following when trying to pinf ftp.babylon.local:

> set q=soa
> ftp.babylon.local
Server:         127.0.0.1
Address:        127.0.0.1#53

** server can't find ftp.babylon.local: NXDOMAIN
>

dig ftp.babylon.local gives the following:

; <<>> DiG 9.2.1 <<>> ftp.babylon.local
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4574
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ftp.babylon.local.             IN      A

;; AUTHORITY SECTION:
.                       7846    IN      SOA     a.root-servers.net. nstld.verisi
gn-grs.com. 2003092500 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 25 20:39:31 2003
;; MSG SIZE  rcvd: 110

HELP! I am totally stumped!! If anybody has any thoughts please post, as this is getting frustrating.

TIA

[Steve Brock]

Looks to me like your sme server isn't authoritative for the domain 'babylon.local'.
when you installed SME, did you tell it to use the domain babylon.local ?

check in your 'hostnames and addresses'    does the ftp,www,etc. have the babylon.local domain after them? (eg: ftp.babylon.local, www.babylon.local)   the visibility should be 'local' and the location should be 'self'
if not, what does it say?

[Arnie]

Steve,

Thanks for the reply

>Looks to me like your sme server isn't authoritative for the domain 'babylon.local'.
>when you installed SME, did you tell it to use the domain babylon.local ?

Yes. During the text based console setup on the SME server, I did give it babylon.local as the domain. I added the jumpgate.homeunix.com domain later throught the server manager virtual domains panel

>check in your 'hostnames and addresses' does the ftp,www,etc. have the >babylon.local domain after them? (eg: ftp.babylon.local, www.babylon.local) the >visibility should be 'local' and the location should be 'self'
>if not, what does it say?

Yes. There are two sets of addresses in the hostnames and addresses panel. The first set is {www | ftp | mail ...etc}.babylon.local and the set under virtualy hosted addresses is {www | ftp | mail ...etc}.jumpgate.homeunix.com. The visibility for all is local and the location for all is self.

As you can see, the way it is set up should work, but it don't! If I had any hair I would tear it out!

[Steve Brock]

hmm..   can you do this and post the output:

less /home/dns/etc/named.conf

[Arnie]

Here ya go Steve.

#------------------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically by the
# SME Server software. Instead, modify the source template in
# an /etc/e-smith/templates-custom directory. For more
# information, see http://www.e-smith.org/custom/
#
# copyright (C) 2002 Mitel Networks Corporation
#------------------------------------------------------------



options {
   directory "/var/named";
   forward first;

   forwarders { 203.0.178.191; };

   listen-on { 127.0.0.1; 192.168.1.1; };
   /*
    * If there is a firewall between you and nameservers you want
    * to talk to, you might need to uncomment the query-source
    * directive below.  Previous versions of BIND always asked
    * questions using port 53, but BIND 8.1 uses an unprivileged
    * port by default.
    */
   // query-source address * port 53;
};
#----------------------------------------
# root name servers
#----------------------------------------

zone "." {
   type hint;
   file "named.ca";
};
#----------------------------------------
# localhost PTR record
#----------------------------------------

zone "0.0.127.in-addr.arpa" {
   type master;
   file "named.local";
};

zone "localhost." {
   type master;
   file "named.localhost";
};
#----------------------------------------
# local network PTR records
#----------------------------------------

zone "1.168.192.in-addr.arpa."
{
   type forward;
   forward first;

   forwarders { 203.0.178.191; };

};

zone "babylon.local"
{
    type forward;
       forward first;

   forwarders { 203.0.178.191; };

   
};

zone "jumpgate.homeunix.com"
{
    type forward;
       forward first;

   forwarders { 203.0.178.191; };

   
};

[Steve Brock]

ok.. that looks proper.  can you do this from the cmd line of your SME:
nslookup www.babylon.local 127.0.0.1

[Arnie]

Steve,

nslookup www.babylon.local 127.0.0.1 gives the following

Note:  nslookup is deprecated and may be removed from future releases.
Consider using the dig' or host' programs instead.  Run nslookup with
the -sil[ent]' option to prevent this message from appearing.
Server:   127.0.0.1
Address:   127.0.0.1#53

** server can't find www.babylon.local: NXDOMAIN


I hope this gives you a clue.

[Steve Brock]

hmm.. just realised that my machine is setup the same way...
login as admin and configure the server. on the screen 'Select master DNS server address'  leave that field blank as it suggests.

the issue is that your sme doesn't think its authoritative for that domain.  why? cuz the named.conf doesn't tell it to be authoritative, it just tells it to forward on to another nameserver. normally, you'll see something like this:
zone "babylon.local" {
        type master;
        notify yes;
        file "named.babylon.local";
};
I'm not 100% sure right now if thats how it looks after you take the forwarding out. I'll have to mess with it tonight if I have the time. If you want to try it out, let us know how it goes. Or, if someone else sees this that doesn't use forwarding, can they cat their named.conf?
-steve

[Arnie]

Steve,

Thank you. That worked a treat. My ISP sent me doco when I connected to them saying that I had to manually specify a DNS server. I have looked at the DHCP info for my internet-facing card and the ISP is sending a DNS server address with the reply, so all is now working as it should.

Thanks again for your time and patience.

[Steve Brock]

Fantastic!
Glad to help ya out
-steve