Results 1 to 5 of 5

Thread: [SOLVED] Zimbra queries old DNS server

  1. #1
    Join Date
    Sep 2009
    Location
    Tulsa, OK
    Posts
    9
    Rep Power
    6

    Default [SOLVED] Zimbra queries old DNS server

    How does one check to see what DNS servers Zimbra is point to?

    We recently moved our Zimbra server into a DMZ from our LAN, and now we've noticed Zimbra trying to send DNS packets to a DNS server that was decommissioned.

    The DNS server it's trying to reach was used during testing, but since Zimbra is in production now, we've switched to our production DNS servers. This was only noticed after dropped DNS packets addressed to the old server started showing up in the firewall logs. I checked the server, and the resolv.conf is correct.

    I'm sure there is a way to do this, but I just haven't found it yet.


    Server:
    White Box, RHEL 5

    Zimbra:
    Network Edition 6.0.2

  2. #2
    Join Date
    Jan 2008
    Posts
    658
    Rep Power
    8

    Default

    If you recently changed those name servers, you may have to bounce Zimbra. We changed DNS servers some time ago and I had to bounce all kinds of services (not just Zimbra) for all of the application/database servers to honor the new settings.

  3. #3
    Join Date
    Sep 2009
    Location
    Tulsa, OK
    Posts
    9
    Rep Power
    6

    Default

    Hmm... I want to say it was rebooted when we upgraded it to 6.0.2, but I'm not sure. I'll have to try that when we do patching in the next couple of days.

  4. #4
    Join Date
    Jan 2008
    Posts
    658
    Rep Power
    8

    Default

    Hmm well I suppose that would qualify as a restart of services

    Are you sure it's Zimbra that's making the queries? Zimbra won't start if it can't resolve itself and would behave horribly if it was trying to use non-existent name servers..

  5. #5
    Join Date
    Sep 2009
    Location
    Tulsa, OK
    Posts
    9
    Rep Power
    6

    Default

    Nevermind, it was nscd. It apparently has a bad habit of not clearing out old DNS servers.

    11/10/2009 14:41:58.128NoticeNetwork AccessUDP packet droppedx.x.1.2, 43485, X2, zimbra.domain.orgx.x.0.30, 53, X0UDP DNS (Name Service) UDP12 (DMZ->LAN)

    Above is the error, I was getting (anonymized of course). A quick run of netstat -vp --udp revealed it was nscd sending the DNS requests. Running nscd -i hosts to flush out the host cache seems to have done the trick.

    Sorry about wasting your time and cluttering up the board. Thanks for the responses though!

    Netstat:
    Active Internet connections (w/o servers)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    udp 0 0 zimbra.domain.org:52561 x.x.0.30:domain ESTABLISHED 2579/nscd

Similar Threads

  1. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM
  2. zmperditionctl start asking for password
    By k7sle in forum Administrators
    Replies: 32
    Last Post: 02-20-2008, 10:13 AM
  3. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 04:43 AM
  4. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 08:55 AM
  5. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 11:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •