SUMMARY: DNS Setup Question

From: brett (brett@pulse.itd.uts.edu.au)
Date: Sun May 30 1999 - 06:50:55 CDT


Original Question:

I am trying to transfer our DNS primary from one machine
to another. The old machine is using a BIND in the early
8 series, and the new machine is using the latest bind.

Compiled and installed bind. Copied the named.conf and zone
file from the old machine to the new. Startup named, and no
matter what I do i get the following problem:

# nslookup
Default Server: localhost
Address: 127.0.0.1

> ghostgum
Server: localhost
Address: 127.0.0.1

Non-authoritative answer:
Name: ghostgum.itd.uts.edu.au
Address: 138.25.22.10

Ie this machine does not believe it is authoritative for the domain,
even though it has the same name as the old machine and has taken
over the IP. Eeek.

I am assuming i have goofed the configuration files somewhere. Hints?
        
Thanks in advance, and I will sumarise.

Brett Morgan

Replies:
* Rothenanger, Juergen

You should check the NS entries of your domain.
Is the new machine included as nameserver for your domain?

Juergen

* Harvey Wamboldt

Does your resolv.conf point to the correct machine? (ie itself?) Did
you make the old machine a secondary (or just a client) and restart
it's DNS? Did you modify the resolv.conf on all secondaries and
restart their DNS?

* Dan

Look at your /etc/resolv.conf file. Also, Non-Authoratative can indicate that
it was read from cache.

* Mark Neill

Is there an SOA record on the new machine?

* Joe Garbarino

We have frequently tracked down non authoritative answers to a syntax
error in the data file for BIND (i.e. the file listing the SOA record
and all the A records). The error is typically recorded in the
/var/adm/messages file on the machine running the name server. After
the syntax is corrected BIND works properly.

* Mark Noel

        Do a ps and grep for the named process. Then do a strings on the
full path of the named process and pipe to grep. grep for named.

        ie
        ps -ef | grep named
            root 20317 he err1 0 Apr 28 ? 0:04 /usr/sbin/named
        strings /usr/bin/named | grep named

        The above will give the version of bind that is running. If it is
version 8 or better keep going. If it is version 4 check your startups.

        Check your conf file to make sure you are primary or secondary for
the zone. See if their are any slave or forwarder entries.
 
        Send an INT signal to the named process and then more
named_dump.db(this should be in the directory location specified in the conf
file).
 
        The top of the named_dump.db will show what zones you are
authoritive for. The file also show everything you box knows about dns.

        If this does not help you would probably need to send a copy of the
conf file, your zone file and the dump.

Addendum:
        Oh, sorry first check your var/adm/messages file for any error
messages from bind when you started it.

* Michael A. Peterson

Have you changed the NS entry in the SOA for your zone(s)? That setting
may override the 'type master' entry in named.conf.

* Pat Hooper

Seems strange to me that localhost is your authority on nslookups.
Shouldn't it be the actual hostname of the box with an associated IP
address? That might be your problem. When you type "nslookup", the
Server should be an entry other than localhost. I think.

* Sean Chambers

Could you possible sent me any (or all ) of your Info on DNS on solarise as
it would help me as I am Stuck
and was about to start posting on the subject and Noticed you had already
done so

* Mareike Ernst

This is probably a VERY wide shot but try increminating the serial
number of the SOA and restarting named.
You know what they say: When all logical things have failed start trying
the illogical ones...

* Earl Cooke

Brett, if you are truely using the lastest BIND v8.1.2, the config files have
changed in format and name. I read about this in performance-computing, in
their review of Solaris 7 (April '99 issue). Hope this helps.

* Morris Seals

     Try the following:

# vi /etc/resolve.conf
nameserver yourmachine.yourdomain.com
domain yourdomain.com
  
     Also, if you need a tool to automate your
DNS maintenance, check out http://www.dnsboss.com

Answer:

The Golden Crumpet goes to Joe Garbarino and Mark Noel

I had a pair of domains that had multiple CNAME definitions that
caused bind to refuse to believe the files. What helped in the
end was defining a very loud logging declaration and watching
the bootstrap. The week after I fix this a new revision of the
O'Reilly DNS and Bind book gets released. My luck.

Brett Morgan



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:20 CDT