From owner-freebsd-questions@FreeBSD.ORG Thu Jan 20 00:09:35 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0F5F31065673 for ; Thu, 20 Jan 2011 00:09:35 +0000 (UTC) (envelope-from rwboyer@mac.com) Received: from asmtpout025.mac.com (asmtpout025.mac.com [17.148.16.100]) by mx1.freebsd.org (Postfix) with ESMTP id E5A5A8FC16 for ; Thu, 20 Jan 2011 00:09:34 +0000 (UTC) MIME-version: 1.0 Received: from [192.168.10.142] ([38.102.24.43]) by asmtp025.mac.com (Oracle Communications Messaging Exchange Server 7u4-20.01 64bit (built Nov 21 2010)) with ESMTPSA id <0LFA00CBFOF8UJ50@asmtp025.mac.com> for freebsd-questions@freebsd.org; Wed, 19 Jan 2011 16:09:11 -0800 (PST) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.2.15,1.0.148,0.0.0000 definitions=2011-01-19_10:2011-01-20, 2011-01-19, 1970-01-01 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=9 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=6.0.2-1010190000 definitions=main-1101190136 Content-type: multipart/signed; boundary=Apple-Mail-52--652631181; protocol="application/pkcs7-signature"; micalg=sha1 From: Robert Boyer In-reply-to: <20110119235531.GA14245@thought.org> Date: Wed, 19 Jan 2011 19:09:08 -0500 Message-id: References: <20110119230336.GA82615@thought.org> <696B4E8E-B42C-4B9D-9A7F-0A482B45C021@mac.com> <20110119235531.GA14245@thought.org> To: Gary Kline X-Mailer: Apple Mail (2.1081) X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: named/bind problems.... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jan 2011 00:09:35 -0000 --Apple-Mail-52--652631181 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii okay, lets start from the beginning here... 1) Do you have your own IP address and IP address block that you are = hosting DMS for or is it local only? 2) from talking with you last night I want to make sure you are aware of = two things... A) resolv.conf is used for name resolution on EVERY system it = tells ALL of the software to get name services from. We fixed this last = night for one of your systems by pointing it at a name server that works = (the one you had did not work) B) named provides name services (as well as forwarding to other = dns services) and can be pointed to by resolv.conf on you local systems = - if it is not working AND your local resolv.conf files are pointing = there your name resolution will not work. C) you can get internet name services working temporarily by = using some of the servers I have you 8.8.8.8 and 8.8.4.4 in all of your = resolv.conf files - you don't need named to work for this. You can also = use /etc/hosts for your couple of local name/address translations as a = work around until you get named working again. 3) dig is your friend for debugging named - you can use dig = @local-dns-address lookup-name to debug your named while still using = external name servers in your resolv.conf and local naming in /etc/hosts = until you ACTUALLY are sure your local named is working. 4) The only thing you really really need a local named for is if you = have a real IP block that you are responsible for providing name = services on the internet for - rarely the case and even if you do you = can temporarily jamb the names you care about in another=20 DNS server somewhere out there like zoneedit or free dns temporarily. Get your stuff working then debug your named. RB On Jan 19, 2011, at 6:55 PM, Gary Kline wrote: > On Wed, Jan 19, 2011 at 06:11:23PM -0500, Robert Boyer wrote: >> Sorry to see you are still having issues. I thought you were set when = we fixed your resolv last night. >>=20 >> Okay - let's start from scratch here.... >>=20 >> Are you sure you need a named? Are you actually serving dns for your = own IP addresses or are you using it as a caching server. Getting a new = named working/installed is not an issue. Config files are usually and = issue. If you can explain your network topology and what you are trying = to make work I can probably point you in the right direction. >>=20 >=20 >=20 > Last night I was on the right track; then suddenly things broke = and I > have no idea w hy. =46rom the modem/router, the wire goes thru = my=20 > firewallll that runs pfSense. Then output from the firewall = plugs > into my switch. =20 >=20 > My DNS/Mail/web server is a seperate box that plugs into the > hub/switch as well. [i think; it is hard for me to get down=20= > and crawl around under the desk.] The server has been running = named > since April, '01. I read DNS AND BIND to get things going; then = in > late '07 serious network troubles and help from someone in the = Dallas > Ft-Worth area reconfigured my network. This fellow mostly = edited > the /etc/namedb/named.conf and related files. I also host a = friend's > site, gratis. He is a builder; we have been friends for = nearly > twenty years. His site is a vvery small part of the picture; I=20= > mention it only to emphasize that my setup is not entirely = trivial. >=20 > Would it help to shar or tarball up my namedb files? >=20 > FWIW, I am logged into ethic on a console. Usually I work in = X11 > and have xset r off set to prevent key bounces. >=20 >=20 >>=20 >> We did get your local resolution issue solved didn't we? >=20 >=20 > Ithink in KVM'ing from tao to ethic and back, the = configuration we=20 > set up last night broke. At least, in watching portupgrade = draw in > more and more files [on ethic], when I KVM back to my desktop, = the > mutt settings get lost.... >=20 > -gary >=20 >>=20 >> RB >>=20 >> On Jan 19, 2011, at 6:03 PM, Gary Kline wrote: >>=20 >>> Yesterday noon my time I rebooted my server. Things seemed to be = slow. >>> Several streams were hanging or stopping, and because = ethic.thought.org had >>> been up for 61 days I figured it wouldn't hurt to reinitialize = stuff. >>>=20 >>> Well, nutshell, disaster. For hours it wasn't clear whether the = server would >>> survive, but eventually i got a portupgrade -avOPk going and now I = am close to >>> having every port rebuilt. =20 >>>=20 >>> Now host kuow.org gives the the IP address of the U/Washington. = Etc. last >>> night for unknown reasons even this failed. I remembered that late = last fall >>> I was warned the "bind9" was nearing its end/life. I okayed the = portupgrade >>> to remove bind9 and install whatever its follow up would be. =20 >>>=20 >>> Since then, my kill9named script[s] and my restartnamed script[s] = have failed. >>> Can anyone save me from hours of tracking down whatever I have to to = put >>> things right? =20 >>>=20 >>> Everything I get in trouble with this bind stuff it occurs how = significant an >>> achievement it is to have a >>> service that automagically maps quad/dotted-decimals to actual = words. >>>=20 >>> Sorry if this sounds disjoint; it is past time for a lollipop and a = blanket >>> and a *nap* >>>=20 >>> gary >>>=20 >>>=20 >>>=20 >>> --=20 >>> Gary Kline kline@thought.org http://www.thought.org Public = Service Unix >>> The 7.97a release of Jottings: = http://jottings.thought.org/index.php >>> http://journey.thought.org >>> ethic=20 >>> _______________________________________________ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" >>=20 >=20 >=20 >=20 > --=20 > Gary Kline kline@thought.org http://www.thought.org Public Service = Unix > The 7.97a release of Jottings: = http://jottings.thought.org/index.php > http://journey.thought.org > ethic=20 --Apple-Mail-52--652631181--