[Techtalk] Bind DNS issues...

Mary Gardiner mary-linuxchix at puzzling.org
Sat Jul 29 22:15:31 UTC 2006 

On Sat, Jul 29, 2006, Walt wrote:
> Okay, so I go home Friday night from work and everything is working
> fine with the DNS on two servers at our office. Come in this morning,
> and find that domains hosted on those servers are no longer resolving.
> 
> The named process appears to be up and running without problems, but
> dig/nslookup won't even give results about the domains on the machines
> and I cannot ping the domains from inside or outside the network! I
> have no clue what has changed! This seems crazy and I have no errors
> anywhere to try to trace to some kind of source!

You don't specifiy whether or not you specifically asked those machines
via dig or not. If not, here's what I'd do first, assuming your domain
is example.com.

1. Find out what the com nameservers are:

$ dig -t NS com


; <<>> DiG 9.3.2 <<>> -t NS com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32140
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;com.                           IN      NS

;; ANSWER SECTION:
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
[snip the other lot]


2. Find out what they think *your* nameservers are:

$ dig -t NS example.com @g.gtld-servers.net.

; <<>> DiG 9.3.2 <<>> -t NS example.com @g.gtld-servers.net.
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8225
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;example.com.                   IN      NS

;; ANSWER SECTION:
example.com.            172800  IN      NS      a.iana-servers.net.
example.com.            172800  IN      NS      b.iana-servers.net.

;; ADDITIONAL SECTION:
a.iana-servers.net.     172800  IN      A       192.0.34.43
b.iana-servers.net.     172800  IN      A       193.0.0.236

Check that both the ANSWER section and the ADDITIONAL SECTION to make
sure that they contain the right info.

3. That will check that people are being sent to the right place. If
that's not true, you need to look at your parent nameserver, possibly
through your registrar.

4. If the parent nameserver is all good (you'd be surprised how many
people do this and find out that their domain names have expired, for
example), I'd first:

5. Log into the machines themseves and check what they're thinking:

$ dig example.com @localhost

6. Restart bind on the machines in question and at the same time see
what /var/log/syslog is saying by way of errors.

I'd need info from 5 and 6 to make any further suggestions.

> Any thoughts/suggestions? Also, what about using djbdns? Anyone
> recommend that over Bind?

I found the config files easier when I was using it, and it *gasp*
updates the serial number automatically. But I tend to dislike
installing stuff that isn't packaged and doesn't have security support
provided by my distro (eventually people seem to get bitten by not
getting updates), and at the time Debian didn't support it for licencing
reasons. I haven't looked recently.

-Mary

More information about the Techtalk mailing list