New user testing Zimbra...Please help with DNS

[jherington]

Hello,
I am up on Sunday at 4:10am and have run out of options regarding my DNS configuration.

I am running RHEL5, named is loaded /var/named/chroot/etc. I can start named OK.

I can not get 'dig a itsa2' or 'dig mx itsa2.zimdoman.zim' or 'nslookup itsa2' or 'host -a itsa2' or 'host -a itsa2.zimdomain.zim' to return a valid nameserver, basically I get a status: NXDOMAIN.

I can however ping 'itsa2' and 'itsa2.zimdomain.zim' just fine.

During the Zimbra install Ldap fails to load...can't resolve to dns? I know that my dns is not resolving? This install is on a stand-alone server, I don't have any outside dns to deal with. This is the most basic of installation...

My named.conf and my.internal.zone.db:

(also below the code I have the text from messages log file from when RHEL5 loads)

I hope someone can give me some light at the end of this...I am expected to present Zimbra this week to several executives within our company!

PS I did have Zimbra working but I used an external Dns and now need to get it installed/working within a stand-alone workstation for demo purposes only.

See below...Thanks!!

------------named.conf ----------------

options
{
query-source port 53;
query-source-v6 port 53;

// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "/etc/data/cache_dump.db";
statistics-file "/etc/data/named_stats.txt";
memstatistics-file "/etc/data/named_mem_stats.txt";

/* forward first;
* forwarders {
* 202.63.164.17;
* 202.63.164.18;
* };
*/

};
logging
{
channel default_debug {
file "/etc/data/named.run";
severity dynamic;
};
};

view "internal"
{
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;

include "/etc/named.root.hints";

zone "my.internal.zone" {
type master;
file "/etc/my.internal.zone.db";
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/192.168.0.zone.db";
};

};

-----------------my.internal.zone.db-----------------

$TTL 86400
@ IN SOA itsa2.zimdomain.zim. hostmaster.zimdomain.zim. (
200711112 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum

IN NS itsa2
IN MX 10 itsa2

itsa2 IN A 192.168.0.4

-----------------192.168.0.zone.db---------------------

$TTL 3D
@ IN SOA itsa2.zimdomain.zim. hostmaster.zimdomain.zim. (
200711112 ; serial number
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds

NS itsa2 ; Nameserver Address

4 PTR itsa2.zimdomain.zim.

-----------------resolv.conf-----------------------------

search zimdomain.zim
nameserver 192.168.0.4

-----------------hosts (/etc/)---------------------------

127.0.0.1 localhost.localdomain localhost
192.168.0.4 itsa2.zimdomain.zim itsa2

-----------------messages log file-----------------------

Nov 12 03:57:28 itsa2 rhnsd[2271]: Red Hat Network Services Daemon starting up.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Found user 'avahi' (UID 70) and group 'avahi' (GID 70).
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Successfully dropped root privileges.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: avahi-daemon 0.6.16 starting up.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Successfully called chroot().
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Successfully dropped remaining capabilities.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Loading service file /services/sftp-ssh.service.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: New relevant interface eth0.IPv6 for mDNS.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Joining mDNS multicast group on interface eth0.IPv6 with address fe80::20c:29ff:fe7c:62d4.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: New relevant interface eth0.IPv4 for mDNS.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.168.0.4.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Network interface enumeration completed.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Registering new address record for fe80::20c:29ff:fe7c:62d4 on eth0.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Registering new address record for 192.168.0.4 on eth0.
Nov 12 03:57:35 itsa2 avahi-daemon[2292]: Registering HINFO record with values 'I686'/'LINUX'.
Nov 12 03:57:36 itsa2 avahi-daemon[2292]: Server startup complete. Host name is itsa2.local. Local service cookie is 1828645236.
Nov 12 03:57:37 itsa2 avahi-daemon[2292]: Service "SFTP File Transfer on itsa2" (/services/sftp-ssh.service) successfully established.
Nov 12 03:57:39 itsa2 smartd[2399]: smartd version 5.36 [i686-redhat-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Nov 12 03:57:39 itsa2 smartd[2399]: Home page is smartmontools Home Page (last updated $Date: 2007/10/26 21:49:03 $)
Nov 12 03:57:39 itsa2 smartd[2399]: Opened configuration file /etc/smartd.conf
Nov 12 03:57:39 itsa2 smartd[2399]: Configuration file /etc/smartd.conf parsed.
Nov 12 03:57:39 itsa2 smartd[2399]: Device: /dev/sda, opened
Nov 12 03:57:39 itsa2 smartd[2399]: Device: /dev/sda, IE (SMART) not enabled, skip device Try 'smartctl -s on /dev/sda' to turn on SMART features
Nov 12 03:57:39 itsa2 smartd[2399]: Unable to register SCSI device /dev/sda at line 32 of file /etc/smartd.conf
Nov 12 03:57:39 itsa2 smartd[2399]: Device /dev/sda not available
Nov 12 03:57:39 itsa2 smartd[2399]: Monitoring 0 ATA and 0 SCSI devices
Nov 12 03:57:39 itsa2 smartd[2401]: smartd has fork()ed into background mode. New PID=2401.
Nov 12 03:57:43 itsa2 init: open(/dev/pts/0): No such file or directory
Nov 12 03:57:43 itsa2 last message repeated 5 times
Nov 12 03:57:43 itsa2 pcscd: winscard.c:219:SCardConnect() Reader E-Gate 0 0 Not Found
Nov 12 03:57:43 itsa2 last message repeated 3 times
Nov 12 03:57:55 itsa2 gconfd (root-2639): starting (version 2.14.0), pid 2639 user 'root'
Nov 12 03:57:55 itsa2 gconfd (root-2639): Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration source at position 0
Nov 12 03:57:55 itsa2 gconfd (root-2639): Resolved address "xml:readwrite:/root/.gconf" to a writable configuration source at position 1
Nov 12 03:57:55 itsa2 gconfd (root-2639): Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration source at position 2
Nov 12 03:57:58 itsa2 gconfd (root-2639): Resolved address "xml:readwrite:/root/.gconf" to a writable configuration source at position 0
Nov 12 03:58:02 itsa2 hcid[1997]: Default passkey agent (:1.6, /org/bluez/applet) registered
Nov 12 03:58:04 itsa2 pcscd: winscard.c:219:SCardConnect() Reader E-Gate 0 0 Not Found
Nov 12 03:58:04 itsa2 last message repeated 4 times
Nov 12 03:58:09 itsa2 setroubleshoot: 2007-11-12 03:58:09,832 [rpc.ERROR] attempt to open server connection failed: (2, 'No such file or directory')

[soxfan]

I don't see anywhere in your system log where 'named' is being started. Are you sure it is running? You should have some messages in the log when it starts. If there are any problems with the configuration you should see them in the logs as well.
Just took a quick glance at the configuration files and they seem OK.

[jherington]

I did have a problem with the rndc.conf and fixed it and now named seems to be starting but I still can't get any sort of name resolution with either dig or nslookup or host.

I have attached a most of the messages log for the last restart and I believe I see named starting but not referencing my local zones?

-------------- Messages log----------------------------

Nov 12 16:51:27 itsa2 automount[2219]: lookup_read_master: lookup(nisplus): couldn't locat nis+ table auto.master
Nov 12 16:51:28 itsa2 hpiod: 1.6.7 accepting connections at 2208...
Nov 12 16:51:31 itsa2 named[1855]: FORMERR resolving '0.pool.ntp.org/AAAA/IN': 202.63.164.17#53
Nov 12 16:51:31 itsa2 named[1855]: FORMERR resolving '0.pool.ntp.org/A/IN': 202.63.164.17#53
Nov 12 16:51:32 itsa2 named[1855]: FORMERR resolving '1.rhel.pool.ntp.org/AAAA/IN': 202.63.164.17#53
Nov 12 16:51:32 itsa2 named[1855]: FORMERR resolving '1.pool.ntp.org/AAAA/IN': 202.63.164.17#53
Nov 12 16:51:33 itsa2 named[1855]: FORMERR resolving '1.pool.ntp.org/A/IN': 202.63.164.17#53
Nov 12 16:51:33 itsa2 named[1855]: FORMERR resolving '2.rhel.pool.ntp.org/AAAA/IN': 202.63.164.17#53
Nov 12 16:51:34 itsa2 named[1855]: FORMERR resolving '2.pool.ntp.org/AAAA/IN': 202.63.164.17#53
Nov 12 16:51:34 itsa2 named[1855]: FORMERR resolving '2.pool.ntp.org/A/IN': 202.63.164.17#53
Nov 12 16:52:09 itsa2 ntpdate[2295]: step time server 66.36.239.104 offset 31.869511 sec
Nov 12 16:52:09 itsa2 ntpd[2297]: ntpd 4.2.2p1@1.1570-o Mon Jun 4 15:13:02 UTC 2007 (1)
Nov 12 16:52:09 itsa2 ntpd[2298]: precision = 1.000 usec
Nov 12 16:52:09 itsa2 ntpd[2298]: Listening on interface wildcard, 0.0.0.0#123 Disabled
Nov 12 16:52:09 itsa2 ntpd[2298]: Listening on interface wildcard, ::#123 Disabled
Nov 12 16:52:09 itsa2 ntpd[2298]: Listening on interface lo, ::1#123 Enabled
Nov 12 16:52:09 itsa2 ntpd[2298]: Listening on interface eth0, fe80::20c:29ff:fe7c:62d4#123 Enabled
Nov 12 16:52:09 itsa2 ntpd[2298]: Listening on interface lo, 127.0.0.1#123 Enabled
Nov 12 16:52:09 itsa2 ntpd[2298]: Listening on interface eth0, 192.0.0.180#123 Enabled
Nov 12 16:52:09 itsa2 ntpd[2298]: kernel time sync status 0040
Nov 12 16:52:09 itsa2 gpm[2309]: *** info [startup.c(95)]:
Nov 12 16:52:09 itsa2 gpm[2309]: Started gpm successfully. Entered daemon mode.
Nov 12 16:52:09 itsa2 ntpd[2298]: frequency initialized 0.000 PPM from /var/lib/ntp/drift
Nov 12 16:52:10 itsa2 rhnsd[2395]: Red Hat Network Services Daemon starting up.
Nov 12 16:52:17 itsa2 avahi-daemon[2418]: Found user 'avahi' (UID 70) and group 'avahi' (GID 70).
Nov 12 16:52:17 itsa2 avahi-daemon[2418]: Successfully dropped root privileges.
Nov 12 16:52:17 itsa2 avahi-daemon[2418]: avahi-daemon 0.6.16 starting up.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Successfully called chroot().
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Successfully dropped remaining capabilities.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Loading service file /services/sftp-ssh.service.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: New relevant interface eth0.IPv6 for mDNS.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Joining mDNS multicast group on interface eth0.IPv6 with address fe80::20c:29ff:fe7c:62d4.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: New relevant interface eth0.IPv4 for mDNS.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Joining mDNS multicast group on interface eth0.IPv4 with address 192.0.0.180.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Network interface enumeration completed.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Registering new address record for fe80::20c:29ff:fe7c:62d4 on eth0.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Registering new address record for 192.0.0.180 on eth0.
Nov 12 16:52:18 itsa2 avahi-daemon[2418]: Registering HINFO record with values 'I686'/'LINUX'.
Nov 12 16:52:19 itsa2 avahi-daemon[2418]: Server startup complete. Host name is itsa2.local. Local service cookie is 2085351104.
Nov 12 16:52:20 itsa2 avahi-daemon[2418]: Service "SFTP File Transfer on itsa2" (/services/sftp-ssh.service) successfully established.
Nov 12 16:52:20 itsa2 named[1855]: *** POKED TIMER ***
Nov 12 16:52:20 itsa2 named[1855]: FORMERR resolving 'xmlrpc.rhn.redhat.com/A/IN': 202.63.164.17#53
Nov 12 16:52:20 itsa2 named[1855]: FORMERR resolving 'ns1.redhat.com/A/IN': 202.63.164.17#53
Nov 12 16:52:20 itsa2 named[1855]: FORMERR resolving 'ns1.redhat.com/AAAA/IN': 202.63.164.17#53
Nov 12 16:52:20 itsa2 named[1855]: FORMERR resolving 'ns2.redhat.com/A/IN': 202.63.164.17#53
Nov 12 16:52:23 itsa2 smartd[2525]: smartd version 5.36 [i686-redhat-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Nov 12 16:52:23 itsa2 smartd[2525]: Home page is smartmontools Home Page (last updated $Date: 2007/10/26 21:49:03 $)
Nov 12 16:52:23 itsa2 smartd[2525]: Opened configuration file /etc/smartd.conf
Nov 12 16:52:23 itsa2 smartd[2525]: Configuration file /etc/smartd.conf parsed.
Nov 12 16:52:23 itsa2 smartd[2525]: Device: /dev/sda, opened
Nov 12 16:52:23 itsa2 smartd[2525]: Device: /dev/sda, IE (SMART) not enabled, skip device Try 'smartctl -s on /dev/sda' to turn on SMART features
Nov 12 16:52:23 itsa2 smartd[2525]: Unable to register SCSI device /dev/sda at line 32 of file /etc/smartd.conf
Nov 12 16:52:23 itsa2 smartd[2525]: Device /dev/sda not available
Nov 12 16:52:23 itsa2 smartd[2525]: Monitoring 0 ATA and 0 SCSI devices
Nov 12 16:52:23 itsa2 smartd[2527]: smartd has fork()ed into background mode. New PID=2527.
Nov 12 16:52:27 itsa2 init: open(/dev/pts/0): No such file or directory
Nov 12 16:52:27 itsa2 last message repeated 6 times
Nov 12 16:52:28 itsa2 pcscd: winscard.c:219:SCardConnect() Reader E-Gate 0 0 Not Found
Nov 12 16:52:28 itsa2 last message repeated 3 times
Nov 12 16:52:40 itsa2 gconfd (root-2772): starting (version 2.14.0), pid 2772 user 'root'
Nov 12 16:52:40 itsa2 gconfd (root-2772): Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration source at position 0
Nov 12 16:52:40 itsa2 gconfd (root-2772): Resolved address "xml:readwrite:/root/.gconf" to a writable configuration source at position 1
Nov 12 16:52:40 itsa2 gconfd (root-2772): Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration source at position 2
Nov 12 16:52:43 itsa2 gconfd (root-2772): Resolved address "xml:readwrite:/root/.gconf" to a writable configuration source at position 0
Nov 12 16:52:43 itsa2 hcid[2121]: Default passkey agent (:1.6, /org/bluez/applet) registered
Nov 12 16:52:49 itsa2 pcscd: winscard.c:219:SCardConnect() Reader E-Gate 0 0 Not Found
Nov 12 16:52:49 itsa2 last message repeated 2 times
Nov 12 16:52:49 itsa2 setroubleshoot: 2007-11-12 16:52:49,993 [rpc.ERROR] attempt to open server connection failed: (2, 'No such file or directory')
Nov 12 16:52:50 itsa2 pcscd: winscard.c:219:SCardConnect() Reader E-Gate 0 0 Not Found

Thanks!

[jhahn]

Hi,
J had same problem om centos5 (like RH5).
J solved the problem with split-dns. Here is my named.conf:
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
forwarders { 192.168.2.1; };
};
//include "/etc/rndc.key";
// We are the master server for server.example.com
zone "kurfuersten.local" {
type master;
file "kurfuersten.local.zone.db";
};
Your zone files are ok
The dns port maped zimra to port 10008:

netstat -tap |grep domain

tcp 0 0 linux.kurfuersten.lo:domain *:* LISTEN 10008/named
tcp 0 0 localhost.localdomai:domain *:* LISTEN 10008/named

Now you can do nslookup, host, dig

Without split-dns is named service not running on port 53, therfore you get the message NXDOMAIN
J hope, thats help

PS. J'm sorry for my bad english

[jherington]

jhahn Thank you very much for replying!!

I was working on this until 2am last night and still can not do a host, dig or nslookup.

My server and domain are complete private and unregistered and this installation of Zimbra is to demonstrate to a small group only. Zimbra will run on the same computer that will run the DNS. I will be doing the demo on this computer and only need to be able to show zimbra up and running and send myself some email. No internet and no outside domain is involved (although I do have a default gateway and forwarders setup so I can browse the internet). Right now I feel about as smart as a rock...this domain thing is kicking my butt!!!!

Anyway, I don't understand how what you sent me is different then what I already have...although I am probably missing something. Below is my named.conf and related zone files along with the named dump file that shows just the bind data starting up and the netstat results of the statement you (jhahn) provided. Finally I have Dns test results for host, nslookup and dig:

Any advise is appreciated I am a humble C# and Java developer and this is so far a nightmare. Btw the named service is starting and indicates 13 zones which I believe are the zones loaded from named.root...so I don't understand why the one authoratative internal zone (zimdomain.zim) is included. I can ping itsa which returns 192.0.0.180 and itsa.zimdoman.zim. I have the local RHEL5 firewall and SELinux disabled, I have statically assigned IP and the primary and secondary DNS are set to 192.0.0.180.

***** named.conf *****

options
{
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
*/
query-source port 53;
query-source-v6 port 53;

// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
dump-file "/etc/data/cache_dump.db";
statistics-file "/etc/data/named_stats.txt";
memstatistics-file "/etc/data/named_mem_stats.txt";

forward first;
forwarders {
202.63.164.17;
202.63.164.18;
};

};
logging
{
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory (/var/named).
* By default, SELinux policy does not allow named to modify the /var/named directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "/etc/data/named.run";
severity dynamic;
};
};

view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
*/
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.root.hints";

/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
include "/etc/named.rfc1912.zones";

include "/etc/internal.zones.conf";
};
view "internal"
{
/* This view will contain zones you want to serve only to "internal" clients
that connect via your directly attached LAN interfaces - "localnets" .
*/
match-clients { localnets; localhost; };
match-destinations { localnets; localhost; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";

// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.

// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :

include "/etc/internal.zones.conf";

zone "my.slave.internal.zone" {
type slave;
file "/etc/slaves/my.slave.internal.zone.db";
masters { /* put master nameserver IPs here */ 192.0.0.180; } ;
// put slave zones in the slaves/ directory so named can update them
};
zone "my.ddns.internal.zone" {
type master;
allow-update { key ddns_key; };
file "/etc/slaves/my.ddns.internal.zone.db";
// put dynamically updateable zones in the slaves/ directory so named can update them
};
};
key ddns_key
{
algorithm hmac-md5;
secret "mzRz1lhro17ZuEIVM48MDoE4pjT4tXppJe3WLnqpPVzIsJsO4J 8GQj7l6YMG";
//"use /usr/sbin/dns-keygen to generate TSIG keys";
};
view "external"
{
/* This view will contain zones you want to serve only to "external" clients
* that have addresses that are not on your directly attached LAN interface subnets:
*/
match-clients { !localnets; !localhost; };
match-destinations { !localnets; !localhost; };

recursion no;
// you'd probably want to deny recursion to external clients, so you don't
// end up providing free DNS service to all takers

// all views must contain the root hints zone:
include "/etc/named.root.hints";

// These are your "authoritative" external zones, and would probably
// contain entries for just your web and mail servers:

zone "my.external.zone" {
type master;
file "/etc/my.external.zone.db";
};
};

****** internal.zones.conf ******

zone "my.internal.zone" IN {
type master;
allow-query { any; };
file "/etc/my.internal.zone.db";
};

zone "0.0.192.in-addr.arpa" IN {
type master;
allow-query { any; };
file "/etc/192.0.0.zone.db";
};

******* my.internal.zone.db ******

$TTL 3D
@ IN SOA itsa.zimdomain.zim. hostmaster.itsa.zimdomain.zim. (
200711131 ; serial#
3600 ; refresh, seconds
3600 ; retry, seconds
3600 ; expire, seconds
3600 ) ; minimum, seconds

NS itsa ; Inet Address of nameserver
zimdomain.zim. MX 10 itsa ; Primary Mail Exchanger

localhost A 192.0.0.180
itsa A 192.0.0.180
mail CNAME itsa
ns1 CNAME itsa
www CNAME itsa

******** 192.0.0.zone.db *********

$TTL 3D
@ IN SOA itsa.zimdomain.zim. hostmaster.itsa.zimdomain.zim. (
200711131 ; serial number
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds

IN NS itsa ; Nameserver Address

180 PTR itsa.
180 PTR localhost.

********** named.run log file ***********

*** named restart ***

[root@itsa etc]# init.d/named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@itsa etc]#

*** log results ***

zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 200711113
zone 0.0.192.in-addr.arpa/IN/localhost_resolver: loaded serial 200711131
zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver: loaded serial 1997022700
zone localdomain/IN/localhost_resolver: loaded serial 42
zone localhost/IN/localhost_resolver: loaded serial 42
/etc/my.internal.zone.db:10: ignoring out-of-zone data (zimdomain.zim)
zone my.internal.zone/IN/localhost_resolver: loaded serial 200711131
zone 0.0.192.in-addr.arpa/IN/internal: loaded serial 200711131
/etc/slaves/my.ddns.internal.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.ddns.internal.zone/IN/internal: loaded serial 1
/etc/my.internal.zone.db:10: ignoring out-of-zone data (zimdomain.zim)
zone my.internal.zone/IN/internal: loaded serial 200711131
zone my.slave.internal.zone/IN/internal: loaded serial 200711113
zone my.external.zone/IN/external: loaded serial 200711112
running
zone 0.0.192.in-addr.arpa/IN/localhost_resolver: sending notifies (serial 200711131)
zone 0.0.127.in-addr.arpa/IN/localhost_resolver: sending notifies (serial 200711113)
zone my.internal.zone/IN/localhost_resolver: sending notifies (serial 200711131)
zone 0.0.192.in-addr.arpa/IN/internal: sending notifies (serial 200711131)
client 192.0.0.180#32768: view localhost_resolver: received notify for zone '0.0.127.in-addr.arpa'
zone my.internal.zone/IN/internal: sending notifies (serial 200711131)
zone my.slave.internal.zone/IN/internal: sending notifies (serial 200711113)
zone my.external.zone/IN/external: sending notifies (serial 200711112)
client 192.0.0.180#32768: view localhost_resolver: received notify for zone 'my.internal.zone'
client 192.0.0.180#32768: view localhost_resolver: received notify for zone 'my.internal.zone'
client 192.0.0.180#32768: view localhost_resolver: received notify for zone 'my.external.zone': not authoritative
client 192.0.0.180#32768: view localhost_resolver: received notify for zone 'my.slave.internal.zone': not authoritative

******** netstat results (not sure what to do with this info?)**********

[root@itsa ~]# netstat -tap |grep domain
tcp 0 0 itsa.zimdomain.zim:domain *:* LISTEN 1787/named
tcp 0 0 127.0.0.1:domain *:* LISTEN 1787/named
[root@itsa ~]# host itsa.zimdomain.zim
Host itsa.zimdomain.zim not found: 3(NXDOMAIN)
[root@itsa ~]#

******** Dns testing results ************

[root@itsa ~]# host itsa.zimdomain.zim
Host itsa.zimdomain.zim not found: 3(NXDOMAIN)
[root@itsa ~]#

****

[root@itsa ~]# nslookup
> itsa
Server: 192.0.0.180
Address: 192.0.0.180#53

** server can't find itsa: NXDOMAIN
> itsa.zimdomain.zim
Server: 192.0.0.180
Address: 192.0.0.180#53

** server can't find itsa.zimdomain.zim: NXDOMAIN
>

****

[root@itsa ~]# dig itsa

; <<>> DiG 9.3.3rc2 <<>> itsa
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38783
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;itsa. IN A

;; AUTHORITY SECTION:
. 10751 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2007111300 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 192.0.0.180#53(192.0.0.180)
;; WHEN: Tue Nov 13 12:21:18 2007
;; MSG SIZE rcvd: 97

[root@itsa ~]#

Thank You!!

[phoenix]

Post the details of your /etc/hosts file, also post the output of the following commands:

Code:

host `hostname`  <-- type as-is with backticks not single quotes
dig zimdoman.zim mx
dig zimdoman.zim any

Obviously change your domain if that's not it.

BTW, you should wrap 'code' around your posting of text from the DNS files it's difficult to read like that. Highlight a piece of text and hit the code button - it's the # symbol above the box you enter text into your post.

[soxfan]

A couple of things to add:

1) The FORMERR messages that you are seeing in your logs are related to IPV6. If you don't need IPV6 I'd recommend disabling it within your named configuration.

2) Not sure where you got your named.conf file, perhaps copied from a sample file or something like that, but it seems to have a lot of stuff that you probably don't need. Not saying there is anything wrong with what is in there, but makes troubleshooting a bit harder. I'd recommend looking at the DNS page on the Zimbra Wiki and also maybe searching around for a basic HOWTO on setting up DNS on RHEL5. You can probably get away with a real simple named.conf for what you are trying to accomplish.

3) When you want to post your log messages for named simply execute 'grep named /var/log/messages'. We probably don't need to see all the other stuff about ntpd, avahi-daemon, etc. Again, nothing wrong with it, but it is a bit tougher to try to weed through the log to see what's going on with named. As Phoenix suggested post the logs within a 'code' section.

[jherington]

Here is /etc/hosts:

# Required for Zimbra install
127.0.0.1 localhost.localdomain localhost
192.0.0.180 itsa.zimdomain.zim itsa

*** Commands ***

Code:

[root@itsa ~]# host `hostname`
Host itsa not found: 3(NXDOMAIN)
[root@itsa ~]#

***

Code:

[root@itsa ~]# dig zimdomain.zim mx

; <<>> DiG 9.3.3rc2 <<>> zimdomain.zim mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63405
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;zimdomain.zim.                 IN      MX

;; AUTHORITY SECTION:
.                       10763   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2007111300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 192.0.0.180#53(192.0.0.180)
;; WHEN: Tue Nov 13 14:16:01 2007
;; MSG SIZE  rcvd: 106

[root@itsa ~]#

****

Code:

[root@itsa ~]# dig zimdomain.zim any

; <<>> DiG 9.3.3rc2 <<>> zimdomain.zim any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44117
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;zimdomain.zim.                 IN      ANY

;; AUTHORITY SECTION:
.                       10800   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2007111300 1800 900 604800 86400

;; Query time: 462 msec
;; SERVER: 192.0.0.180#53(192.0.0.180)
;; WHEN: Tue Nov 13 14:15:24 2007
;; MSG SIZE  rcvd: 106

[root@itsa ~]#

Thanks!

[phoenix]

First of all your hosts file is incorrect (possibly), earlier you mention that your LAN is 192.168.x.x and your hosts file has 192.0.0.180. Also in those results you seem to have no A or MX records for your zimdomain.zim domain. Correct those and your problem should go away.

Take a look at the Split DNS article in the wiki, it describes how to set-up your local DNS server. See how you get on with that and post any questions or further problems.

[jherington]

First of all, you guys got it working....Thanks Very Much!!!!!

As for the hosts file, the address you refer to was because I was working on this at home and I have a different address there...so 192.0.0.180 is correct.

As for named.conf and the associated internal zone file...I simplified as per your suggestion and followed the split-domain example.

1) Renamed original named and zone files and added new files with the contents discribed in the split-domain article.

2) I made sure the owner of all files in /var/named/chroot/etc was 'named' (this I was always doing but named will not start if I leave this step off)

3) Tried 'dig itsa.zimdomain.zim mx' and 'nslookup itsa.zimdomain.zim' and got back:

Code:

[root@itsa etc]# dig itsa.zimdomain.zim mx

; <<>> DiG 9.3.3rc2 <<>> itsa.zimdomain.zim mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27733
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;itsa.zimdomain.zim.            IN      MX

;; ANSWER SECTION:
itsa.zimdomain.zim.     2592000 IN      MX      10 itsa.zimdomain.zim.

;; AUTHORITY SECTION:
itsa.zimdomain.zim.     2592000 IN      NS      192.0.0.180.itsa.zimdomain.zim.

;; ADDITIONAL SECTION:
itsa.zimdomain.zim.     2592000 IN      A       192.0.0.180

;; Query time: 6 msec
;; SERVER: 192.0.0.180#53(192.0.0.180)
;; WHEN: Tue Nov 13 15:42:34 2007
;; MSG SIZE  rcvd: 94

[root@itsa etc]#

Code:

[root@itsa etc]# nslookup
> itsa.zimdomain.zim
Server:         192.0.0.180
Address:        192.0.0.180#53

Name:   itsa.zimdomain.zim
Address: 192.0.0.180
>

4) I believe the big difference was that within named.conf I used the actual name of the host.domain as the zone name:

Code:

options {
       directory "/var/named";
       dump-file "/etc/data/cache_dump.db";
       statistics-file "/etc/data/named_stats.txt";
forwarders { 202.63.164.17; 202.63.164.18; };
};

include "/etc/rndc.key";

// We are the master server for itsa.zimdomain.zim
zone "itsa.zimdomain.zim" {
    type master;
    file "/etc/my.internal.zone.db";
};

5) And/or possible the difference came in the zone file, where in stead of using the host and/or domain name for the NS and A records I used the associated IP address:

Code:

@       IN      SOA     itsa.zimdomain.zim. hostmaster.itsa.zimdomain.zim. (
                               10118      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum
;       Define the nameservers and the mail servers
               IN      NS      192.0.0.180
               IN      A       192.0.0.180
               IN      MX      10 itsa.zimdomain.zim.

Thanks Again!