People,
Has anyone seen any of the following:
We are having some peculiar errors with BIND 8. It appears that it simply
will not delegate with W2K. There has to be something simple missing or
mis-configured.
Servers 153.107.41.18 and 146 are our external DNS servers. With a subset of
externally visible DNS information.
Our internal servers consolidate up to our "primary", we have geographic
secondary servers located throughout the state.
We are in the process of looking at the Windows 2000 product, to do that we
need to isolate a DNS area for them to keep information the business simply
does not require out of our core servers.
To do this we have set up a phantom root:
DET.LAB
And we are trying to delegate this to the W2k AD servers. When we query the
W2k boxes, they appear happy. However we can not get the main DNS server to
talk with it:
Sep 20 15:45:27 erg named[502]: /etc/namedb/named.conf:4963: syntax error
near forward
Sep 20 15:45:27 erg named[502]: no type specified for zone 'det.lab'
Sep 20 15:45:27 erg named[502]: zone 'det.lab' did not validate, skipping
Sep 20 15:45:27 erg named[502]: /etc/namedb/named.conf:4973: syntax error
near '}'
The second line above seems to be the key. The named.conf extract is below.
We have tired it with and without forward only. We have tried removing all
forwarders and setting up phantom entries in named.ca for our external DNS
servers, to no avail.
Your thoughts would be most appreciated. Please email me directly and I will
summarise again.
options {
directory "/etc/namedb/ns_db";
// forward only;
forwarders {
153.107.41.18;
153.107.41.146;
153.107.41.18;
153.107.41.146;
153.107.41.18;
153.107.41.146;
};
multiple-cnames yes;
version "Surely you must be joking!";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// named.boot file for NSW DET DNS services.
//
<SNIP>
zone "det.lab" {
type forward;
forward only;
forwarders {
153.107.59.131;
153.107.59.132;
153.107.59.131;
153.107.59.132;
153.107.59.131;
153.107.59.132;
};
};
"named.conf" 5009 lines, 86932 characters
# nslookup
Default Server: localhost
Address: 127.0.0.1
> set type=any
> lab
Server: localhost
Address: 127.0.0.1
lab
origin = labrootdc1.win.lab
mail addr = bind.watt.itbnetman.det.nsw.EDU.AU
serial = 501
refresh = 10800 (3H)
retry = 3600 (1H)
expire = 604800 (1W)
minimum ttl = 86400 (1D)
lab nameserver = labrootdc1.win.lab
lab nameserver = labrootdc2.win.lab
lab nameserver = labrootdc1.win.lab
lab nameserver = labrootdc2.win.lab
labrootdc1.win.lab internet address = 153.107.59.131
labrootdc2.win.lab internet address = 153.107.59.132
> det.lab
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
det.lab nameserver = labrootdc1.win.lab
det.lab nameserver = labrootdc2.win.lab
Authoritative answers can be found from:
det.lab nameserver = labrootdc1.win.lab
det.lab nameserver = labrootdc2.win.lab
labrootdc1.win.lab internet address = 153.107.59.131
labrootdc2.win.lab internet address = 153.107.59.132
> webmail.det.lab
Server: localhost
Address: 127.0.0.1
*** localhost can't find webmail.det.lab: Non-existent host/domain
>>>> WE SHOULD BE DELEGATING HERE!!!
> server 153.107.59.131
Default Server: labrootdc1.win.lab
Address: 153.107.59.131
> webmail.det.lab
Server: labrootdc1.win.lab
Address: 153.107.59.131
webmail.det.lab canonical name = labexch5.labitb.det.lab
labexch5.labitb.det.lab internet address = 153.107.59.143
>
> det.lab.
Server: labrootdc1.win.lab
Address: 153.107.59.131
det.lab internet address = 169.254.23.183
det.lab internet address = 153.107.59.131
det.lab internet address = 153.107.59.132
det.lab nameserver = labrootdc1.det.lab
det.lab nameserver = labrootdc2.det.lab
det.lab
origin = labrootdc1.det.lab
mail addr = administrator.det.lab
serial = 206
refresh = 900 (15M)
retry = 600 (10M)
expire = 86400 (1D)
minimum ttl = 3600 (1H)
labrootdc1.det.lab internet address = 153.107.59.131
labrootdc2.det.lab internet address = 153.107.59.132
>
Even setting .lab as master, and delegating it does not work see:
# cat det.lab.db
_at_ IN SOA labrootdc1.win.lab.
bind.watt.itbnetman.det.nsw.EDU.AU. (
501 ; Serial
10800 ; Refresh - 3 Hours
3600 ; Retry - 1 Hour
604800 ; Expire - 1 Week
86400 ) ; Minimum TTL - 24 Hours
_at_ IN NS labrootdc1.win.lab.
_at_ IN NS labrootdc2.win.lab.
det IN NS labrootdc1.win.lab.
IN NS labrootdc2.win.lab.
labrootdc1 IN CNAME labrootdc1.win.lab.
labrootdc2 IN CNAME labrootdc2.win.lab.
There has to be something simple missing...
Cheers,
Guy
Guy R. Loucks
Senior Unix Systems Administrator
Networks Branch
NSW Department of Education & Training
Information Technology Bureau
Direct +61 2 9942 9887
Fax +61 2 9942 9600
Mobile +61 (0)429 041 186
Email guy.loucks_at_det.nsw.edu.au
Received on Wed Sep 20 2000 - 23:22:59 NZST