Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: [SOLVED] Can't resolve fake domain even after setup split dns

  1. #11
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    Your /etc/hosts file shows your Zimbra server as being
    Code:
    192.168.7.101 mailserv.rci.ca mailserv
    For that to be translated to BIND you should be using
    Code:
    ;
    ; BIND data file for rci.ca
    ;
    $TTL    604800
    @       IN      SOA     rci.ca. scott.rci.ca. (
                             070727         ; Serial
                             604800         ; Refresh
                              86400         ; Retry
                            2419200         ; Expire
                             604800 )       ; Negative Cache TTL
    ;
    @       IN      NS      192.168.7.101
            IN      A       192.168.7.101
            IN      MX      10 mailserv.rci.ca
    
    mailserv    IN       A        192.168.7.101
    and your named.conf should be referencing the zone file as
    Code:
    zone "rci.ca" {
            type master;
            file "/var/named/db.rci.ca";
    };

  2. #12
    Join Date
    Apr 2008
    Location
    Brighton, ON, Canada
    Posts
    89
    Rep Power
    7

    Default

    I have made those changes and restarted the system, but still no dice.
    Code:
    rci@mailserv:~$ nslookup mailserv.rci.ca
    Server:         192.168.7.101
    Address:        192.168.7.101#53
    
    ** server can't find mailserv.rci.ca: SERVFAIL
    Also can't resolve rci.ca now, which I could do before.

  3. #13
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    Now you have made all those changes please post again your /etc/hosts, resolv.conf, named.conf and the zone file.

  4. #14
    Join Date
    Apr 2008
    Location
    Brighton, ON, Canada
    Posts
    89
    Rep Power
    7

    Default

    Ok, here they are:

    /etc/hosts:
    Code:
    127.0.0.1 localhost.localdomain localhost
    192.168.7.101 mailserv.rci.ca mailserv
    /etc/resolv.conf:
    Code:
    nameserver 192.168.7.101
    /etc/bind/named.conf.options:
    Code:
    options {
            auth-nxdomain no;    # conform to RFC1035
            query-source address * port 53;
            directory "/var/named";
            dump-file "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            forwarders { 24.226.1.93; 24.226.10.193; };
    };
    include "/etc/bind/rndc.key";
    zone "rci.ca" {
            type master;
            file "/var/named/db.rci.ca";
    };
    /var/named/db.rci.ca:
    Code:
    ;
    ; BIND data file for rci.ca
    ;
    $TTL    604800
    @       IN      SOA     rci.ca. scott.rci.ca. (
                             070728         ; Serial
                             604800         ; Refresh
                              86400         ; Retry
                            2419200         ; Expire
                             604800 )       ; Negative Cache TTL
    ;
    @       IN      NS      192.168.7.101
            IN      A       192.168.7.101
            IN      MX      10 mailserv.rci.ca
    mailserv        IN      A       192.168.7.101

  5. #15
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    Please check /var/log/messages for any errors from named. Would you also do the following as-well please
    Code:
    dig +short mailserv.rci.ca
    dig +short rci.ca soa
    dig +short rci.ca mx

  6. #16
    Join Date
    Apr 2008
    Location
    Brighton, ON, Canada
    Posts
    89
    Rep Power
    7

    Default

    I don't see any errors, just stuff like this when you try nslookup on mailserv.rci.ca:

    Code:
    Mar 26 11:28:23 mailserv kernel: [   34.472835] audit(1269617303.563:2): type=1503 operation="capable" name="sys_resource" pid=4609 profile="/usr/sbin/named" namespace="default"
    Mar 26 11:28:23 mailserv kernel: [   34.531008] audit(1269617303.621:3): type=1503 operation="inode_permission" requested_mask="::r" denied_mask="::r" name="/var/named/db.rci.ca" pid=4609 profile="/usr/sbin/named" namespace="default"
    No output at all from dig commands. No change in ability to lookup mailserv.rci.ca

    Code:
    rci@mailserv:~$ sudo dig +short mailserv.rci.ca
    rci@mailserv:~$ sudo dig +short rci.ca soa
    rci@mailserv:~$ sudo dig +short rci.ca mx

  7. #17
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    Apparently this is caused by a bug in the apparmor configuration:

    https://bugs.launchpad.net/ubuntu/+s...9060/+activity

    The suggested fix is to edit /etc/apparmor.d/usr.sbin.named and change the line

    /proc/net/if_inet6 r,

    to

    /proc/**/net/if_inet6 r,

    then restart apparmor and bind9.
    I grabbed this from [ubuntu] Message in ubuntu (donīt know what means) [Archive] - Ubuntu Forums.

  8. #18
    Join Date
    Apr 2008
    Location
    Brighton, ON, Canada
    Posts
    89
    Rep Power
    7

    Default

    Made the change, rebooted. Still same fail for nslookup:

    Code:
    rci@mailserv:~$ nslookup mailserv.rci.ca
    Server:         192.168.7.101
    Address:        192.168.7.101#53
    
    ** server can't find mailserv.rci.ca: SERVFAIL
    Nothing in /var/log/messages now though.

  9. #19
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    Any more error messages appeared in /var/log/messages for named ?

  10. #20
    Join Date
    Apr 2008
    Location
    Brighton, ON, Canada
    Posts
    89
    Rep Power
    7

    Default

    Quote Originally Posted by uxbod View Post
    Any more error messages appeared in /var/log/messages for named ?
    No messages at all when doing an nslookup (either for a domain that resolves, or for my fake/local domain).

Similar Threads

  1. Replies: 13
    Last Post: 10-13-2009, 02:37 PM
  2. Guidance required on DNS setup in sles10
    By simonpope in forum Installation
    Replies: 2
    Last Post: 08-24-2008, 10:55 AM
  3. Invert split domain configuration or stop it
    By fmodola in forum Administrators
    Replies: 0
    Last Post: 08-20-2008, 03:44 AM
  4. Reverse DNS lookups with multiple Domain hosting.
    By carpicker in forum Installation
    Replies: 0
    Last Post: 04-23-2008, 01:14 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •