Hi everyone, Just install Debian 6 with desktop and perfect server, setup a client in ISP (3.0.4.1) and a zone by DNS wizard. But when i check the DNS with nslookup and it shown SERVFAIL: ===================================================== root@ci1:/home/terry# nslookup > server 10.0.1.150 Default server: 10.0.1.150 Address: 10.0.1.150#53 > tadj.com Server: 10.0.1.150 Address: 10.0.1.150#53 ** server can't find tadj.com.tadj.com: SERVFAIL ====================================================== check the following files and it seem OK, can some one tell me what should i try? IN /etc/bind/named.cond ........... include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; ............ IN /etc/bind/named.conf.options .................................... // forwarders { // 0.0.0.0; // }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; ...................................... IN /etc/bind/named.conf.local .................. zone "tadj.com" { type master; allow-transfer {none;}; file "/etc/bind/pri.tadj.com"; }; ................... in /etc/bind/named.conf.default-zones .............................................. // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; .................................................. and there is full records in /etc/bind/pri.tadj.com ................................ $TTL 3600 @ IN SOA ci1.tadj.com. terry.computerinstruments.com.au. ( 2011122501 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; mail 3600 A 123.243.65.181 tadj.com. 3600 A 123.243.65.181 tadj.com. 3600 MX 10 mail.tadj.com. tadj.com. 3600 NS ci1.tadj.com. tadj.com. 3600 NS ns1.telstra.net. www 3600 A 123.243.65.181 ................................... also netstat as; oot@ci1:/home/terry# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:10024 *:* LISTEN 1487/amavisd (maste tcp 0 0 localhost.localdo:10025 *:* LISTEN 2705/master tcp 0 0 *:mysql *:* LISTEN 2248/mysqld tcp 0 0 *op3 *:* LISTEN 2720/dovecot tcp 0 0 *:imap2 *:* LISTEN 2720/dovecot tcp 0 0 *:sunrpc *:* LISTEN 788/portmap tcp 0 0 *:ftp *:* LISTEN 2652/pure-ftpd (SER tcp 0 0 ci1.tadj.com:domain *:* LISTEN 1326/named tcp 0 0 localhost.locald:domain *:* LISTEN 1326/named tcp 0 0 *:ssh *:* LISTEN 2251/sshd tcp 0 0 localhost.localdoma:ipp *:* LISTEN 1871/cupsd tcp 0 0 *:smtp *:* LISTEN 2705/master tcp 0 0 localhost.localdoma:953 *:* LISTEN 1326/named tcp 0 0 *:imaps *:* LISTEN 2720/dovecot tcp 0 0 *:35553 *:* LISTEN 800/rpc.statd tcp 0 0 *op3s *:* LISTEN 2720/dovecot tcp6 0 0 [::]:http-alt [::]:* LISTEN 1500/apache2 tcp6 0 0 [::]:www [::]:* LISTEN 1500/apache2 tcp6 0 0 [::]:tproxy [::]:* LISTEN 1500/apache2 tcp6 0 0 [::]:ftp [::]:* LISTEN 2652/pure-ftpd (SER tcp6 0 0 [::]:domain [::]:* LISTEN 1326/named tcp6 0 0 [::]:ssh [::]:* LISTEN 2251/sshd tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN 1871/cupsd tcp6 0 0 ip6-localhost:953 [::]:* LISTEN 1326/named tcp6 0 0 [::]:https [::]:* LISTEN 1500/apache2 root@ci1:/home/terry# Thanks.
in /etc/bind/named.conf.local: .................................................. zone "tadj.com" { type master; allow-transfer {none;}; file "/etc/bind/pri.tadj.com"; }; ------------------------------------------------------------- root@ci1:/home/terry# dig @localhost tadj.com ; <<>> DiG 9.7.3 <<>> @localhost tadj.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36391 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;tadj.com. IN A ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Dec 27 10:09:26 2011 ;; MSG SIZE rcvd: 26 root@ci1:/home/terry# Thanks
root@ci1:/home/terry# netstat -uap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name udp 0 0 ci1.tadj.com:46127 uneeda.telstra.n:domain ESTABLISHED 19856/firefox-bin udp 0 0 ci1.tadj.com:49199 uneeda.telstra.n:domain ESTABLISHED 19856/firefox-bin udp 0 0 ci1.tadj.com:domain *:* 1313/named udp 0 0 localhost.locald:domain *:* 1313/named udp 0 0 *:965 *:* 789/rpc.statd udp 0 0 *:mdns *:* 1261/avahi-daemon: udp 0 0 *:39149 *:* 1261/avahi-daemon: udp 0 0 *:sunrpc *:* 774/portmap udp 0 0 *:ipp *:* 1920/cupsd udp 0 0 ci1.tadj.com:ntp *:* 2514/ntpd udp 0 0 localhost.localdoma:ntp *:* 2514/ntpd udp 0 0 *:ntp *:* 2514/ntpd udp 0 0 *:48395 *:* 789/rpc.statd udp 0 0 ci1.tadj.com:56482 uneeda.telstra.n:domain ESTABLISHED 19856/firefox-bin udp6 0 0 [::]:domain [::]:* 1313/named udp6 0 0 [::]:48713 [::]:* 1261/avahi-daemon: udp6 0 0 [::]:mdns [::]:* 1261/avahi-daemon: udp6 0 0 fe80::213:72ff:feb4:ntp [::]:* 2514/ntpd udp6 0 0 ip6-localhost:ntp [::]:* 2514/ntpd udp6 0 0 [::]:ntp [::]:* 2514/ntpd root@ci1:/home/terry# iptables -L Chain INPUT (policy DROP) target prot opt source destination fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh DROP tcp -- anywhere loopback/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- base-address.mcast.net/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (15 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (4 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp-data PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:ssh PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:www PAROLE tcp -- anywhere anywhere tcp dptop3 PAROLE tcp -- anywhere anywhere tcp dpt:imap2 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:imaps PAROLE tcp -- anywhere anywhere tcp dptop3s PAROLE tcp -- anywhere anywhere tcp dpt:mysql PAROLE tcp -- anywhere anywhere tcp dpt:http-alt PAROLE tcp -- anywhere anywhere tcp dpt:tproxy PAROLE tcp -- anywhere anywhere tcp dpt:webmin ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:mysql DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (4 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain fail2ban-dovecot-pop3imap (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-pureftpd (1 references) target prot opt source destination RETURN all -- anywhere anywhere Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere root@ci1:/home/terry# Thanks
Looks ok. Can you post your FULL /etc/bind/named.conf here (not sure if what you posted in your first post was the full file)?
Sure, here is my /etc/bind/named.local: // This is the primary configuration file for the BIND DNS server named. // // Please read /usr/share/doc/bind9/README.Debian.gz for information on the // structure of BIND configuration files in Debian, *BEFORE* you customize // this configuration file. // // If you are just adding zones, please do that in /etc/bind/named.conf.local include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ "/etc/bind/named.conf" 11L, 463C 1,1 All
Add A record and reboot server, but same error. IN /etc/bind/pri.tadj.com: $TTL 3600 @ IN SOA ci1.tadj.com. terry.computerinstruments.com.au. ( 2011123101 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; ci1.tadj.com 86400 A 123.243.65.181 mail 3600 A 123.243.65.181 tadj.com. 3600 A 123.243.65.181 tadj.com. 3600 MX 10 mail.tadj.com. tadj.com. 3600 NS ci1.tadj.com. tadj.com. 3600 NS ns1.telstra.net. www 3600 A 123.243.65.181 ~ ~ ~ "/etc/bind/pri.tadj.com" 17L, 705C 1,1 All root@ci1:/home/terry# dig @localhost tadj.com ; <<>> DiG 9.7.3 <<>> @localhost tadj.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44142 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;tadj.com. IN A ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Dec 31 10:05:05 2011 ;; MSG SIZE rcvd: 26 Will it help if we reinstall ISP3 ? Falko; Happy New Year to you and your family. (many thanks for all the help). Terry Dec/2011.
You forgot the dot. It must either be Code: ci1.tadj.com[B][COLOR="Red"].[/COLOR][/B] 86400 A 123.243.65.181 or Code: ci1 86400 A 123.243.65.181 Thanks a lot, I wish the same to you and your family.