Hi,
These are the problems i am facing with DNS configuration.
1.RNDC not functioning ( works sometimes)
2. NSupdate feature between primary and secondary not happening
3.Zone transfer does not happen.
The problem i guess is because of clock skew for which I had used rdate cmd. Zone transfer works. Other 2 features does not work
NSUPDATE problem in debug mode:
bash-2.03# nsupdate -d
> update add 3600 A 207.223.223.22
>
;; res_findzonecut: START dname=' class=IN, zsize=1025, naddrs=3
;; res_findzonecut: get the soa, and see if it has enough glue
;; res_nmkquery(QUERY, IN, SOA)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26857
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; type = SOA, class = IN
;; Querying server (# 1) address = 127.0.0.1
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26857
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; type = SOA, class = IN
;; AUTHORITY SECTION:
sltidc.lk. 0S IN SOA ns1.sltidc.lk. admin.sltidc.lk. (
2 ; serial
2d12h13m20s ; refresh
3H ; retry
1W ; expiry
1D ) ; minimum
;; res_findzonecut: get the ns rrset and see if it has enough glue
;; res_nmkquery(QUERY, sltidc.lk, IN, NS)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26858
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; sltidc.lk, type = NS, class = IN
;; Querying server (# 1) address = 127.0.0.1
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26858
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUERY SECTION:
;; sltidc.lk, type = NS, class = IN
;; ANSWER SECTION:
sltidc.lk. 1D IN NS ns1.sltidc.lk.
sltidc.lk. 1D IN NS ns2.sltidc.lk.
;; ADDITIONAL SECTION:
ns1.sltidc.lk. 1D IN A 220.247.224.61
ns2.sltidc.lk. 1D IN A 220.247.224.62
;; res_findzonecut: get the missing glue and see if it's finally enough
;; res_findzonecut: add_addrs: 1
;; res_findzonecut: add_addrs: 1
;; res_findzonecut: satisfy(ns1.sltidc.lk): 2
;; res_findzonecut: FINISH n=2 (OK)
;; res_nupdate: res_mkupdate -> 48
;; res_send()
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 26859
;; flags:; ZONE: 1, PREREQUISITE: 0, UPDATE: 1, ADDITIONAL: 0
;; sltidc.lk, type = SOA, class = IN
1H IN A 207.223.223.22
;; Querying server (# 1) address = 220.247.224.61
server rejected query:
;; ->>HEADER<<- opcode: UPDATE, status: REFUSED, id: 26859
;; flags: qr ra; ZONE: 0, PREREQUISITE: 0, UPDATE: 0, ADDITIONAL: 0
;; Querying server (# 2) address = 220.247.224.62
server rejected query:
;; ->>HEADER<<- opcode: UPDATE, status: REFUSED, id: 26859
;; flags: qr; ZONE: 0, PREREQUISITE: 0, UPDATE: 0, ADDITIONAL: 0
;; res_nupdate: res_nsend: send error, n=-1 (Connection timed out)
>
update 'sltidc.lk/IN' denied is the error msg. on the primary server.
Could you please help.
Thanks,
Sendhil
These are the problems i am facing with DNS configuration.
1.RNDC not functioning ( works sometimes)
2. NSupdate feature between primary and secondary not happening
3.Zone transfer does not happen.
The problem i guess is because of clock skew for which I had used rdate cmd. Zone transfer works. Other 2 features does not work
NSUPDATE problem in debug mode:
bash-2.03# nsupdate -d
> update add 3600 A 207.223.223.22
>
;; res_findzonecut: START dname=' class=IN, zsize=1025, naddrs=3
;; res_findzonecut: get the soa, and see if it has enough glue
;; res_nmkquery(QUERY, IN, SOA)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26857
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; type = SOA, class = IN
;; Querying server (# 1) address = 127.0.0.1
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26857
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; type = SOA, class = IN
;; AUTHORITY SECTION:
sltidc.lk. 0S IN SOA ns1.sltidc.lk. admin.sltidc.lk. (
2 ; serial
2d12h13m20s ; refresh
3H ; retry
1W ; expiry
1D ) ; minimum
;; res_findzonecut: get the ns rrset and see if it has enough glue
;; res_nmkquery(QUERY, sltidc.lk, IN, NS)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26858
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; sltidc.lk, type = NS, class = IN
;; Querying server (# 1) address = 127.0.0.1
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26858
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUERY SECTION:
;; sltidc.lk, type = NS, class = IN
;; ANSWER SECTION:
sltidc.lk. 1D IN NS ns1.sltidc.lk.
sltidc.lk. 1D IN NS ns2.sltidc.lk.
;; ADDITIONAL SECTION:
ns1.sltidc.lk. 1D IN A 220.247.224.61
ns2.sltidc.lk. 1D IN A 220.247.224.62
;; res_findzonecut: get the missing glue and see if it's finally enough
;; res_findzonecut: add_addrs: 1
;; res_findzonecut: add_addrs: 1
;; res_findzonecut: satisfy(ns1.sltidc.lk): 2
;; res_findzonecut: FINISH n=2 (OK)
;; res_nupdate: res_mkupdate -> 48
;; res_send()
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 26859
;; flags:; ZONE: 1, PREREQUISITE: 0, UPDATE: 1, ADDITIONAL: 0
;; sltidc.lk, type = SOA, class = IN
1H IN A 207.223.223.22
;; Querying server (# 1) address = 220.247.224.61
server rejected query:
;; ->>HEADER<<- opcode: UPDATE, status: REFUSED, id: 26859
;; flags: qr ra; ZONE: 0, PREREQUISITE: 0, UPDATE: 0, ADDITIONAL: 0
;; Querying server (# 2) address = 220.247.224.62
server rejected query:
;; ->>HEADER<<- opcode: UPDATE, status: REFUSED, id: 26859
;; flags: qr; ZONE: 0, PREREQUISITE: 0, UPDATE: 0, ADDITIONAL: 0
;; res_nupdate: res_nsend: send error, n=-1 (Connection timed out)
>
update 'sltidc.lk/IN' denied is the error msg. on the primary server.
Could you please help.
Thanks,
Sendhil