Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Mail not being delivered

  1. #11
    Join Date
    Nov 2006
    Posts
    26
    Rep Power
    9

    Default

    Hello,

    Been trying to follow an online HOW-TO on split DNS for Debian and I'm tearing my hair out

    Anyway. I put in the forwarders as my named.conf file has the following part:

    Code:
            // If your ISP provided one or more IP addresses for stable
            // nameservers, you probably want to use them as forwarders.
            // Uncomment the following block, and insert the addresses replacing
            // the all-0's placeholder.
    If you think it's best to remove it, then I will.

    OK. There are 2 nameservers, one in a different building, one of which is my own, and one of which is my colleague's. My nameserver holds the DNS records for biased.org, and hers is the backup. Again, giggleworthy.co.uk is our own DNS servers, the main host being my colleague's server. I remember a while ago we had problems with DNS root servers needing proper nameservers.

    My nameserver is on destiny, the same server Zimbra is on. It is behind a NAT device, with port 53 forwarded on the router to destiny. My colleague has a similar situation, though she don't have Zimbra. I'm only using her nameserver as a reqired backup.

    I have tried putting in split DNS with no success. This is my named.conf before and after putting in split DNS.

    Before putting in split-DNS stuff...

    Code:
    options {
            directory "/var/cache/bind";
            allow-recursion {192.168.0.0/16; localhost;};
            forward first;
            forwarders { 212.104.130.9; 212.104.130.65; };
            auth-nxdomain no;    # conform to RFC1035
    };
    
    controls {
            inet 127.0.0.1 allow {localhost;} keys {rndc_key;};
    };
    
    zone "." {
            type hint;
            file "/etc/bind/db.root";
    };
    
    zone "localhost" {
            type master;
            file "/etc/bind/db.local";
    };
    
    zone "127.in-addr.arpa" {
            type master;
            file "/etc/bind/db.127";
    };
    
    zone "0.in-addr.arpa" {
            type master;
            file "/etc/bind/db.0";
    };
    
    zone "255.in-addr.arpa" {
            type master;
            file "/etc/bind/db.255";
    };
    
    // add entries for other zones below here
    
    zone "0.0.127.in-addr.arpa" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            file "/etc/bind/pz/127.0.0";
    };
    
    zone "10sca.intranet" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            notify no;
            file "/etc/bind/pz/10sca.intranet";
    };
    
    zone "biased.org" {
            allow-transfer {195.149.5.82; localhost;};
            allow-query {any;};
            type master;
            notify yes;
            file "/etc/bind/pz/external.biased.org";
    };
    
    zone "giggleworthy.co.uk"{
            type slave;
            file "/etc/bind/sdb/sdb.giggleworthy.co.uk";
            masters { 195.149.5.82; };
    };
    
    zone "1.168.192.in-addr.arpa" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            notify no;
            file "/etc/bind/pz/192.168.1";
    };
    
    zone "2.168.192.in-addr.arpa" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            notify no;
            file "/etc/bind/pz/192.168.2";
    };
    After putting in split-DNS stuff...

    Code:
    options {
            directory "/var/cache/bind";
            allow-recursion {192.168.0.0/16; localhost;};
            forward first;
            forwarders { 212.104.130.9; 212.104.130.65; };
            auth-nxdomain no;    # conform to RFC1035
    };
    
    controls {
            inet 127.0.0.1 allow {localhost;} keys {rndc_key;};
    };
    
    acl internals {
            192.168.0.0/16;
            127.0.0.0/8;
    };
    
    view "internal" {
            match-clients { internals; };
            recursion yes;
            zone "biased.org" {
                    type master;
                    file "/etc/bind/pz/internal.biased.org";
            };
    };
    
    view "external" {
            match-clients { any; } ;
            recursion no;
    
    zone "." {
            type hint;
            file "/etc/bind/db.root";
    };
    
    zone "localhost" {
            type master;
            file "/etc/bind/db.local";
    };
    
    zone "127.in-addr.arpa" {
            type master;
            file "/etc/bind/db.127";
    };
    
    zone "0.in-addr.arpa" {
            type master;
            file "/etc/bind/db.0";
    };
    
    zone "255.in-addr.arpa" {
            type master;
            file "/etc/bind/db.255";
    };
    
    // add entries for other zones below here
    
    zone "0.0.127.in-addr.arpa" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            file "/etc/bind/pz/127.0.0";
    };
    
    zone "10sca.intranet" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            notify no;
            file "/etc/bind/pz/10sca.intranet";
    };
    
    zone "biased.org" {
            allow-transfer {195.149.5.82; localhost;};
            allow-query {any;};
            type master;
            notify yes;
            file "/etc/bind/pz/external.biased.org";
    };
    
    zone "giggleworthy.co.uk"{
            type slave;
            file "/etc/bind/sdb/sdb.giggleworthy.co.uk";
            masters { 195.149.5.82; };
    };
    
    zone "1.168.192.in-addr.arpa" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            notify no;
            file "/etc/bind/pz/192.168.1";
    };
    
    zone "2.168.192.in-addr.arpa" {
            allow-transfer {localhost;};
            allow-query {any;};
            type master;
            notify no;
            file "/etc/bind/pz/192.168.2";
    };
    
    };
    This works for everything apart from biased.org which is the most important part! Dig gets:

    Code:
    destiny:/etc/bind# dig www.biased.org
    
    ; <<>> DiG 9.2.4 <<>> www.biased.org
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 8118
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;www.biased.org.                        IN      A
    
    ;; Query time: 5 msec
    ;; SERVER: 192.168.1.2#53(192.168.1.2)
    ;; WHEN: Wed Feb 28 10:00:21 2007
    ;; MSG SIZE  rcvd: 32
    
    destiny:/etc/bind#
    I think the reason to this is a bit obvious:

    Code:
    Feb 28 09:56:02 destiny named[3407]: dns_master_load: /etc/bind/pz/external.biased.org:21: biased.org: multiple RRs of singleton type
    Feb 28 09:56:02 destiny named[3407]: zone biased.org/IN: loading master file /etc/bind/pz/internal.biased.org: multiple RRs of singleton type
    I'm not 100% sure what this means, but I guess this means that I've got same names in the 2 zonefiles which shouldn't be the case?

    Strangely tho, since starting editing the zonefile, the time taken to look up IP addresses is much longer...

    Thanks very much for your time again!

  2. #12
    Join Date
    Nov 2006
    Posts
    26
    Rep Power
    9

    Default

    Finally figured out how to set up split DNS. Problem solved. I hope

    Thanks very much to all who helped.

Similar Threads

  1. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  2. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 09:09 AM
  3. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 04:34 PM
  4. Tomcat broken after upgrade to 4
    By dotslashroot in forum Migration
    Replies: 13
    Last Post: 01-31-2007, 06:05 PM
  5. Mail not getting to mail boxes
    By ehults in forum Installation
    Replies: 5
    Last Post: 10-31-2005, 09:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •