On Mon, 2003-12-29 at 23:32, Kumar wrote:
> hello list,
>
> please check above links and check wether can
> access those or not. for me its working. from outside
> not working.
>
>
> i have configure as follows.
>
> named.conf
>
> zone "idesa.net.my" {
> type master;
> file "idesa.net.my.db";
> allow-transfer {
> 202.188.0.133;
> 202.188.1.5;
> };
>
> the above 202.188.0.133,202.188.1.5 name server ips
> are from our ISP's
Following the root name server delegation, the only IP address that
should be pulling a copy of your zone (allow-transfer) files is
202.188.0.133. 202.188.1.5 can pull a copy of your zones, but no name
server on this planet will ever query it because its not listed as a NS
for your domain at the root servers.
See further comments below
>
> idesa.net.my.db file
>
> $TTL 86400
> @ IN SOA idesa.net.my. hostmaster.idesa.net.my. (
> 2002052701 ; Serial
> 28800 ; Refresh
> 14400 ; Retry
> 3600000 ; Expire
> 86400 ) ; Minimum
> ; Name Server
> IN NS 219.95.66.106
> IN NS ns3.tm.net.my.
> ; Mail Server for Domain
> IN MX 10 mail.idesa.net.my.
> ; Public Servers
> idesa.net.my IN A 219.95.66.106
> ns3 IN A 202.188.0.133
Following a query back from the root name servers reveals....
;; ANSWER SECTION:
idesa.net.my. 172800 IN NS ns3.tm.net.my.
idesa.net.my. 172800 IN NS www.idesa.net.my.
;; ADDITIONAL SECTION:
ns3.tm.net.my. 172800 IN A 202.188.0.133
www.idesa.net.my. 172800 IN A 219.95.66.106
The above looks good until you query your name server.
# dig +short @www.idesa.net.my idesa.net.my ns
219.95.66.106.idesa.net.my.
ns3.tm.net.my.
# dig +short @www.idesa.net.my 219.95.66.106.idesa.net.my a
#
The following modified SOA snippet should resolve the nightmare you have
created by specifying an IP address for an NS record instead of a
canonical name followed by a glue (A) record. i.e. RFC1034
$TTL 86400
@ IN SOA www.idesa.net.my. hostmaster.idesa.net.my. (
2002052701 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
; Name Server
@ IN NS www.idesa.net.my.
@ IN NS ns3.tm.net.my.
; Mail and Address Records for Domain Space
@ IN MX 10 mail.idesa.net.my.
@ IN A 219.95.66.106
; Glue Record for www.idesa.net.my name server record.
www IN A 219.95.66.106
... other zone records inserted below. Specified relative to the zone
origin idesa.net.my. i.e. not terminated with a period (like you have
shown)
NOTE: Name server ns3.tm.net.my is outside origin of zone idesa.net.my
and would be ignored (and logged) by named at startup, if specified. So
a glue record is not needed for ns3, just the NS reference for
idesa.net.my as shown above. FWIW: You specified ns3 as relative to your
zone origin. i.e. ns3.idesa.net.my
BTW: 202.188.0.133 looks like its NOT pulling copies of your zones files
(see below) Have you contacted you ISP to setup having them pull copies
of your zone files from their name server????
This is what I get logged at this end when I issue a query for
idesa.net.my.
Dec 30 6:23:58.897 client 192.168.9.21#32797: query: idesa.net.my IN SOA
Dec 30 6:23:59.878 lame server resolving 'idesa.net.my' (in
'idesa.net.my'?): 202.188.0.133#53
Steve Cowles
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
