Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: [SOLVED] dig does not return anything

  1. #1
    martinezjr is offline Intermediate Member
    Join Date
    Apr 2009
    Location
    Texas
    Posts
    22
    Rep Power
    6

    Default [SOLVED] dig does not return anything

    I am having a problem with my DNS. I followed the instructions with the splitDNS, but I get nothing with dig. What can I do?

    Code:
    [martinezjr@bcldap ~]$ cat /etc/hosts
    127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
    ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
    10.100.177.205	bcldap.hcjbc.org	bcldap
    Code:
    [martinezjr@bcldap ~]$ cat /etc/resolv.conf
    # Generated by NetworkManager
    nameserver 10.100.177.205
    nameserver 10.100.177.5
    I just saw the REFUSED:
    Code:
    [martinezjr@bcldap ~]$ dig hcjbc.org mx
    
    ; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> hcjbc.org mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 38352
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    ;; WARNING: recursion requested but not available
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	MX
    
    ;; Query time: 3 msec
    ;; SERVER: 10.100.177.205#53(10.100.177.205)
    ;; WHEN: Sat Jan 30 13:58:12 2010
    ;; MSG SIZE  rcvd: 27
    Code:
    [martinezjr@bcldap ~]$ dig hcjbc.org any
    
    ; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> hcjbc.org any
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 47401
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    ;; WARNING: recursion requested but not available
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	ANY
    
    ;; Query time: 2 msec
    ;; SERVER: 10.100.177.205#53(10.100.177.205)
    ;; WHEN: Sat Jan 30 13:58:15 2010
    ;; MSG SIZE  rcvd: 27
    Code:
    [martinezjr@bcldap ~]$ host `hostname`
    bcldap.hcjbc.org has address 10.100.177.205
    Code:
    [martinezjr@bcldap ~]$ host -v bcldap.hcjbc.org
    Trying "bcldap.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9746
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcldap.hcjbc.org.		IN	A
    
    ;; ANSWER SECTION:
    bcldap.hcjbc.org.	0	IN	A	10.100.177.205
    
    Received 50 bytes from 10.100.177.5#53 in 2 ms
    Trying "bcldap.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42149
    ;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcldap.hcjbc.org.		IN	AAAA
    
    Received 34 bytes from 10.100.177.5#53 in 91 ms
    Trying "bcldap.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30169
    ;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcldap.hcjbc.org.		IN	MX
    
    Received 34 bytes from 10.100.177.5#53 in 570 ms
    [martinezjr@bcldap ~]$

  2. #2
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    You have two DNS servers listed in your resolv.conf, I'm guessing that 10.100.177.5 is your company DNS server while 10.100.177.205 is the Zimbra server address. You need to remove the 10.100.177.5 line. On to the next problem that you are seeing...

    10.100.177.205 is refusing the recursive request for hcjbc.org, this means that it didn't have a record for hcjbc.org setup so it tried to do a recursive query but it was denied by configuration.

    You need to verify that the server has it's domain configured correctly on it's internal DNS server, and that if it can't find a record it is able to do a recursive query to your company DNS server.

  3. #3
    martinezjr is offline Intermediate Member
    Join Date
    Apr 2009
    Location
    Texas
    Posts
    22
    Rep Power
    6

    Default

    Quote Originally Posted by ArcaneMagus View Post
    You have two DNS servers listed in your resolv.conf, I'm guessing that 10.100.177.5 is your company DNS server
    actually the internal address of the firewall
    Quote Originally Posted by ArcaneMagus View Post
    while 10.100.177.205 is the Zimbra server address
    actual internal DNS server that I am trying to set up for the whole network.

    Quote Originally Posted by ArcaneMagus View Post
    10.100.177.205 is refusing the recursive request for hcjbc.org, this means that it didn't have a record for hcjbc.org setup so it tried to do a recursive query but it was denied by configuration.

    You need to verify that the server has it's domain configured correctly on it's internal DNS server, and that if it can't find a record it is able to do a recursive query to your company DNS server.
    A record for the domain? How to I do that on Fedora 11 with BIND9?

  4. #4
    martinezjr is offline Intermediate Member
    Join Date
    Apr 2009
    Location
    Texas
    Posts
    22
    Rep Power
    6

    Default

    OK, I got it. I changed "Allow queries from:10.100.177.200;" to "10.100.177.200;any;", but I am not getting my mx record to show up.

    Any hints?

  5. #5
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    Could you post the output from a dig command again?

    And by record I was talking about a zone configuration file, something like this:
    Code:
    $TTL 2D
    @               IN SOA          ns1.domain.com.       admin.domain.com. (
                                    2010020200      ; serial
                                    3H              ; refresh
                                    1H              ; retry
                                    1W              ; expiry
                                    1D )            ; minimum
    
    domain.com.          IN NS   ns1.domain.com.
    domain.com.          IN NS   ns2.domain.com.
    domain.com.          IN MX   0 mail.domain.com.
    domain.com.          IN TXT  "v=spf1 mx ~all"
    _xmpp-server._tcp    IN SRV  10 100 5269 mail.domain.com.
    _xmpp-client._tcp    IN SRV  10 100 5222 mail.domain.com.
    domain.com.          IN A    192.168.1.4
    ns1                  IN A    192.168.1.2
    ns2                  IN A    192.168.1.3
    www                  IN A    192.168.1.4
    mail                 IN A    192.168.1.6

  6. #6
    martinezjr is offline Intermediate Member
    Join Date
    Apr 2009
    Location
    Texas
    Posts
    22
    Rep Power
    6

    Default

    Ok, As soon I get to work I will post the results.

  7. #7
    martinezjr is offline Intermediate Member
    Join Date
    Apr 2009
    Location
    Texas
    Posts
    22
    Rep Power
    6

    Default

    Sorry about the delay. I had another computer lose its mind.
    Oh, and this is internal only. No external access. It's hard to explain. Long story short, I need to give an alternative to M$ Exchange. And its behind two nat'd firewalls, both with dynamic ip's.

    Here is the most recent results

    Code:
    [martinezjr@bcmailbox ~]$ dig mx hcjbc.org
    
    ; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> mx hcjbc.org
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12062
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	MX
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
    
    ;; Query time: 2 msec
    ;; SERVER: 10.100.177.205#53(10.100.177.205)
    ;; WHEN: Wed Feb  3 18:24:08 2010
    ;; MSG SIZE  rcvd: 95
    Code:
    [martinezjr@bcmailbox ~]$ dig any hcjbc.org
    ;; Truncated, retrying in TCP mode.
    
    ; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> any hcjbc.org
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59307
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	ANY
    
    ;; ANSWER SECTION:
    hcjbc.org.		38400	IN	RRSIG	SOA 3 2 38400 20100304045837 20100202045837 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=
    hcjbc.org.		38400	IN	RRSIG	NS 3 2 38400 20100304014145 20100202014145 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=
    hcjbc.org.		38400	IN	NSEC	10.100.177.200.hcjbc.org. NS SOA RRSIG NSEC DNSKEY
    hcjbc.org.		38400	IN	RRSIG	NSEC 3 2 38400 20100301180544 20100130180544 59949 hcjbc.org. C!@(*&$^!*&@^(*&!@#=
    hcjbc.org.		38400	IN	RRSIG	DNSKEY 3 2 38400 20100301165617 20100130165617 58505 hcjbc.org. CDP/m!@(*&$^!*&@^(*&!@#=
    hcjbc.org.		38400	IN	RRSIG	DNSKEY 3 2 38400 20100301165617 20100130165617 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
    hcjbc.org.		38400	IN	NS	10.100.177.200.
    hcjbc.org.		38400	IN	NS	10.100.177.205.
    hcjbc.org.		38400	IN	NS	10.100.177.5.hcjbc.org.
    hcjbc.org.		38400	IN	DNSKEY	256 3 3 !@(*&$^!*&@^(*&!@#
    hcjbc.org.		38400	IN	DNSKEY	257 3 3 !@(*&$^!*&@^(*&!@#
    
    ;; Query time: 9 msec
    ;; SERVER: 10.100.177.205#53(10.100.177.205)
    ;; WHEN: Wed Feb  3 18:24:14 2010
    ;; MSG SIZE  rcvd: 1477
    Code:
    [martinezjr@bcmailbox ~]$ ping bcldap
    PING bcldap.hcjbc.org (10.100.177.205) 56(84) bytes of data.
    64 bytes from 10.100.177.205: icmp_seq=1 ttl=64 time=0.221 ms
    64 bytes from 10.100.177.205: icmp_seq=2 ttl=64 time=0.445 ms
    64 bytes from 10.100.177.205: icmp_seq=3 ttl=64 time=0.288 ms
    ^Z
    [1]+  Stopped                 ping bcldap
    [martinezjr@bcmailbox ~]$ ping bcldap.hcjbc.org
    PING bcldap.hcjbc.org (10.100.177.205) 56(84) bytes of data.
    64 bytes from 10.100.177.205: icmp_seq=1 ttl=64 time=0.264 ms
    64 bytes from 10.100.177.205: icmp_seq=2 ttl=64 time=0.244 ms
    64 bytes from 10.100.177.205: icmp_seq=3 ttl=64 time=0.235 ms
    64 bytes from 10.100.177.205: icmp_seq=4 ttl=64 time=0.254 ms
    ^Z
    [2]+  Stopped                 ping bcldap.hcjbc.org
    Code:
    [martinezjr@bcmailbox ~]$ cat '/etc/hosts'
    127.0.0.1	localhost.localdomain	localhost
    10.100.177.200	bcmailbox.hcjbc.org bcmailbox
    Code:
    [martinezjr@bcmailbox ~]$ host `hostname`
    bcmailbox.hcjbc.org has address 10.100.177.200
    bcmailbox.hcjbc.org mail is handled by 1 10.100.177.200.hcjbc.org.
    Code:
    [martinezjr@bcmailbox ~]$ cat /etc/resolv.conf
    # Generated by NetworkManager
    nameserver 10.100.177.205
    nameserver 10.100.177.200
    Code:
    [martinezjr@bcmailbox ~]$ host -v bcldap.hcjbc.org
    Trying "bcldap.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46000
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcldap.hcjbc.org.		IN	A
    
    ;; ANSWER SECTION:
    bcldap.hcjbc.org.	38400	IN	A	10.100.177.205
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	NS	10.100.177.200.
    hcjbc.org.		38400	IN	NS	10.100.177.5.hcjbc.org.
    hcjbc.org.		38400	IN	NS	10.100.177.205.
    
    Received 133 bytes from 10.100.177.205#53 in 3 ms
    Trying "bcldap.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19020
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcldap.hcjbc.org.		IN	AAAA
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
    
    Received 102 bytes from 10.100.177.205#53 in 1 ms
    Trying "bcldap.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40963
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcldap.hcjbc.org.		IN	MX
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
    
    Received 102 bytes from 10.100.177.205#53 in 1 ms
    Code:
    [martinezjr@bcmailbox ~]$ host -v bcmailbox.hcjbc.org
    Trying "bcmailbox.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43073
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcmailbox.hcjbc.org.		IN	A
    
    ;; ANSWER SECTION:
    bcmailbox.hcjbc.org.	38400	IN	A	10.100.177.200
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	NS	10.100.177.5.hcjbc.org.
    hcjbc.org.		38400	IN	NS	10.100.177.205.
    hcjbc.org.		38400	IN	NS	10.100.177.200.
    
    Received 136 bytes from 10.100.177.205#53 in 2 ms
    Trying "bcmailbox.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35648
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcmailbox.hcjbc.org.		IN	AAAA
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
    
    Received 105 bytes from 10.100.177.205#53 in 3 ms
    Trying "bcmailbox.hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5035
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;bcmailbox.hcjbc.org.		IN	MX
    
    ;; ANSWER SECTION:
    bcmailbox.hcjbc.org.	380000	IN	MX	1 10.100.177.200.hcjbc.org.
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	NS	10.100.177.5.hcjbc.org.
    hcjbc.org.		38400	IN	NS	10.100.177.205.
    hcjbc.org.		38400	IN	NS	10.100.177.200.
    
    Received 151 bytes from 10.100.177.205#53 in 2 ms
    and the zone file (the keys have been changed to protect the innocent)
    Code:
    $ttl 38400
    hcjbc.org.	IN	SOA	bcldap.hcjbc.org hcjbc.yahoo.com. (
    			1264874188
    			10800
    			3600
    			604800
    			38400 )
    hcjbc.org.	IN	NS	10.100.177.205.
    hcjbc.org.	IN	NS	10.100.177.200.
    hcjbc.org.	IN	DNSKEY	257 3 3 !@!@#$&^()*!&@)(*^)(*&!@#^$
    hcjbc.org.	IN	DNSKEY	256 3 3 !@!@#$&^()*!&@)(*^)(*&!@#^$
    bcmailbox.hcjbc.org.	380000	IN	MX	10 10.100.177.200
    bcmta.hcjbc.org.	380000	IN	MX	1 10.100.177.210
    bcldap.hcjbc.org.	IN	A	10.100.177.205
    10.100.177.205.hcjbc.org.	IN	PTR	bcldap.hcjbc.org
    bcmailbox.hcjbc.org.	IN	A	10.100.177.200
    bcmta.hcjbc.org.	IN	A	10.100.177.210
    10.100.177.200.hcjbc.org.	IN	PTR	bcmailbox.hcjbc.org
    10.100.177.210.hcjbc.org.	IN	PTR	bcmta.hcjbc.org
    hcjbc.org.	IN	NS	10.100.177.5
    hcjbc.org.	38400	IN	RRSIG	SOA 3 2 38400 20100304045837 20100202045837 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    hcjbc.org.	38400	IN	RRSIG	NS 3 2 38400 20100304014145 20100202014145 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    hcjbc.org.	38400	IN	NSEC	10.100.177.200.hcjbc.org. NS SOA RRSIG NSEC DNSKEY
    hcjbc.org.	38400	IN	RRSIG	NSEC 3 2 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    hcjbc.org.	38400	IN	RRSIG	DNSKEY 3 2 38400 20100301165617 20100130165617 58505 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    hcjbc.org.	38400	IN	RRSIG	DNSKEY 3 2 38400 20100301165617 20100130165617 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    10.100.177.200.hcjbc.org.	38400	IN	RRSIG	PTR 3 6 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    10.100.177.200.hcjbc.org.	38400	IN	NSEC	10.100.177.205.hcjbc.org. PTR RRSIG NSEC
    10.100.177.200.hcjbc.org.	38400	IN	RRSIG	NSEC 3 6 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    10.100.177.210.hcjbc.org.	38400	IN	RRSIG	PTR 3 6 38400 20100301180647 20100130180647 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    10.100.177.210.hcjbc.org.	38400	IN	NSEC	bcldap.hcjbc.org. PTR RRSIG NSEC
    10.100.177.210.hcjbc.org.	38400	IN	RRSIG	NSEC 3 6 38400 20100304014145 20100202014145 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    10.100.177.205.hcjbc.org.	38400	IN	RRSIG	PTR 3 6 38400 20100301170513 20100130170513 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    10.100.177.205.hcjbc.org.	38400	IN	NSEC	10.100.177.210.hcjbc.org. PTR RRSIG NSEC
    10.100.177.205.hcjbc.org.	38400	IN	RRSIG	NSEC 3 6 38400 20100301180647 20100130180647 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    bcldap.hcjbc.org.	38400	IN	RRSIG	A 3 3 38400 20100301170039 20100130170039 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$U=
    bcldap.hcjbc.org.	38400	IN	NSEC	bcmailbox.hcjbc.org. A RRSIG NSEC
    bcldap.hcjbc.org.	38400	IN	RRSIG	NSEC 3 3 38400 20100301170039 20100130170039 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$k=
    bcmailbox.hcjbc.org.	38400	IN	RRSIG	A 3 3 38400 20100301180130 20100130180130 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    bcmailbox.hcjbc.org.	380000	IN	RRSIG	MX 3 3 380000 20100304021217 20100202021217 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    bcmailbox.hcjbc.org.	38400	IN	NSEC	bcmta.hcjbc.org. A MX RRSIG NSEC
    bcmailbox.hcjbc.org.	38400	IN	RRSIG	NSEC 3 3 38400 20100301180130 20100130180130 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    bcmta.hcjbc.org.	38400	IN	RRSIG	A 3 3 38400 20100301180238 20100130180238 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    bcmta.hcjbc.org.	380000	IN	RRSIG	MX 3 3 380000 20100304021301 20100202021301 59949 hcjbc.org. C!@!@#$&^()*!&@)(*^)(*&!@#^$=
    bcmta.hcjbc.org.	38400	IN	NSEC	hcjbc.org. A MX RRSIG NSEC
    bcmta.hcjbc.org.	38400	IN	RRSIG	NSEC 3 3 38400 20100301180238 20100130180238 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
    Last edited by martinezjr; 02-03-2010 at 06:08 PM.

  8. #8
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,480
    Rep Power
    56

    Default

    The problem would appear to be the fact you have two DNS server and one of them does not have DNS records for your domain You can see the server it's using in the following response:

    Code:
    ;; Query time: 9 msec
    ;; SERVER: 10.100.177.205#53(10.100.177.205)
    ;; WHEN: Wed Feb  3 18:24:14 2010
    ;; MSG SIZE  rcvd: 1477
    You should only have one DNS server (at 10.100.177.200) in your hosts file and that should be the one on your Zimbra server, you can check the records with the following:

    Code:
    dig @10.100.177.200  hcjbc.org mx
    dig @10.100.177.200  hcjbc.org any
    If that returns valid records then you should remove the second DNS server (10.100.177.205) from your resolv.conf file.

    Can you also update your forum profile with the output of the following command (do not post it in this thread):
    Code:
    zmcontrol -v
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    Are you trying to setup the Zimbra server to be it's own DNS server, with recursive queries going out to the 10.100.177.205 one? Or are you trying to setup the Zimbra server to use the 10.100.177.205 server as it's only DNS server and have that server work for all internal queries?

    Also just as a note:
    In your record file you are missing the "." at the end of the primary DNS server part of the SOA, that is why it is returning "bcldap.hcjbc.org.hcjbc.org." rather then "bcldap.hcjbc.org.". Also you currently have your MX records setup for the servers FQDN. This is fine if your email addresses will be in the form of user@bcmailbox.hcjbc.org, however it is a problem if you are trying to do addresses like user@hcjbc.org. If you want addresses like that you need to set the MX record on just hcjbc.org, not bcmailbox.hcjbc.org. So the lines would look like this (if you are going with the internal dns server not split dns):
    Code:
    hcjbc.org.	380000	IN	MX	10 10.100.177.200
    hcjbc.org.	380000	IN	MX	1 10.100.177.210
    With how it is currently setup you have 1 MX record for addresses like user@bcmta.hcjbc.org. that has a priority of 1 (out of the 1 record), and then you have another record for addresses like user@bcmailbox.hcjbc.org. that has a priority of 10 (out of the 1 record). Addresses like user@hcjbc.org have no MX record associated with them right now.

    Also your PTR records that you have in there are useless and will never be used unless you manually query for them. The proper way to do PTR records would be to create another zone file for the 177.100.10.in-addr.arpa zone. It should look something like the following:
    Code:
    $TTL 2D
    @               IN SOA          bcldap.hcjbc.org. hcjbc.yahoo.com. (
                                    2009091300      ; serial
                                    3H              ; refresh
                                    1H              ; retry
                                    1W              ; expiry
                                    1D )            ; minimum
    
              IN NS   bcldap.hcjbc.org.
    200       IN PTR  bcmailbox.hcjbc.org.
    205       IN PTR  bcldap.hcjbc.org.
    210       IN PTR  bcmta.hcjbc.org.
    You also have your firewall (10.100.177.5) in there as an authoritative NS for your domain... is that meant to be there?

  10. #10
    martinezjr is offline Intermediate Member
    Join Date
    Apr 2009
    Location
    Texas
    Posts
    22
    Rep Power
    6

    Default

    Quote Originally Posted by ArcaneMagus View Post
    Are you trying to setup the Zimbra server to be it's own DNS server, with recursive queries going out to the 10.100.177.205 one? Or are you trying to setup the Zimbra server to use the 10.100.177.205 server as it's only DNS server and have that server work for all internal queries?
    I have split Zimbra into different servers as I only have low end desktops:
    3 Dell GX240's
    -each
    --1.6G CPU
    --1.2G RAM
    --Fedora11
    -1 with ldap and BIND9 as DNS master (bcldap)
    -1 with store, logger, snmp, apache and BIND9 DNS slave (bcmailbox)
    -1 with mta (bcmta)


    Also just as a note:
    In your record file you are missing the "." at the end of the primary DNS server part of the SOA, that is why it is returning "bcldap.hcjbc.org.hcjbc.org." rather then "bcldap.hcjbc.org.".
    ok done

    Also you currently have your MX records setup for the servers FQDN. This is fine if your email addresses will be in the form of user@bcmailbox.hcjbc.org, however it is a problem if you are trying to do addresses like user@hcjbc.org. If you want addresses like that you need to set the MX record on just hcjbc.org, not bcmailbox.hcjbc.org. So the lines would look like this (if you are going with the internal dns server not split dns):
    Code:
    hcjbc.org.	380000	IN	MX	10 10.100.177.200
    hcjbc.org.	380000	IN	MX	1 10.100.177.210
    With how it is currently setup you have 1 MX record for addresses like user@bcmta.hcjbc.org. that has a priority of 1 (out of the 1 record), and then you have another record for addresses like user@bcmailbox.hcjbc.org. that has a priority of 10 (out of the 1 record). Addresses like user@hcjbc.org have no MX record associated with them right now.
    Done
    Also your PTR records that you have in there are useless and will never be used unless you manually query for them. The proper way to do PTR records would be to create another zone file for the 177.100.10.in-addr.arpa zone. It should look something like the following:
    Code:
    $TTL 2D
    @               IN SOA          bcldap.hcjbc.org. hcjbc.yahoo.com. (
                                    2009091300      ; serial
                                    3H              ; refresh
                                    1H              ; retry
                                    1W              ; expiry
                                    1D )            ; minimum
    
              IN NS   bcldap.hcjbc.org.
    200       IN PTR  bcmailbox.hcjbc.org.
    205       IN PTR  bcldap.hcjbc.org.
    210       IN PTR  bcmta.hcjbc.org.
    You lost me on this section. I do not remember setting up PTR records.

    You also have your firewall (10.100.177.5) in there as an authoritative NS for your domain... is that meant to be there?
    For some reason, if I do not have this as one of the ns, I will not have external access from the machines. I use IPCop as my router/firewall/proxy/urlfilter/dhcp/ntp server. I disabled the DHCP, and now I can access the internet. I will be changing bcldap to bcdc as it will have to be the DHCP and DNS and NTP server now. And making a new bcldap.

    I can now get dig to respond for my mx records.

    Code:
    [martinezjr@bcldap ~]$ host -v hcjbc.org
    Trying "hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52246
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	A
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org. hcjbc.yahoo.com. 1264874199 10800 3600 604800 38400
    
    Received 85 bytes from 10.100.177.205#53 in 8 ms
    Trying "hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24493
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	AAAA
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	SOA	bcldap.hcjbc.org. hcjbc.yahoo.com. 1264874199 10800 3600 604800 38400
    
    Received 85 bytes from 10.100.177.205#53 in 1 ms
    Trying "hcjbc.org"
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44689
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	MX
    
    ;; ANSWER SECTION:
    hcjbc.org.		380000	IN	MX	10 10.100.177.200.hcjbc.org.
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	NS	10.100.177.205.
    hcjbc.org.		38400	IN	NS	10.100.177.200.
    
    Received 114 bytes from 10.100.177.205#53 in 1 ms
    
    [martinezjr@bcldap ~]$ dig mx hcjbc.org
    
    ; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> mx hcjbc.org
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18602
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;hcjbc.org.			IN	MX
    
    ;; ANSWER SECTION:
    hcjbc.org.		380000	IN	MX	10 10.100.177.200.hcjbc.org.
    
    ;; AUTHORITY SECTION:
    hcjbc.org.		38400	IN	NS	10.100.177.200.
    hcjbc.org.		38400	IN	NS	10.100.177.205.
    
    ;; Query time: 2 msec
    ;; SERVER: 10.100.177.205#53(10.100.177.205)
    ;; WHEN: Fri Feb  5 18:23:08 2010
    ;; MSG SIZE  rcvd: 114
    
    [martinezjr@bcldap ~]$

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Errors installing Outlook Connector
    By Tim G in forum Zimbra Connector for Outlook
    Replies: 57
    Last Post: 05-05-2011, 02:27 PM
  2. Replies: 17
    Last Post: 11-04-2008, 12:25 PM
  3. dig at console returns A record, but zimbra says no
    By authsum in forum Installation
    Replies: 2
    Last Post: 04-05-2008, 05:45 PM
  4. How to handle different RBL return codes
    By bking in forum Administrators
    Replies: 3
    Last Post: 10-10-2007, 04:52 AM
  5. Error Installing Outlook Connector
    By DanO in forum Zimbra Connector for Outlook
    Replies: 17
    Last Post: 08-28-2007, 09:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •