| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
01-30-2010, 12:01 PM
| | Intermediate Member | |
Posts: 22
| |  [SOLVED] dig does not return anything
I am having a problem with my DNS. I followed the instructions with the splitDNS, but I get nothing with dig. What can I do? Code: [martinezjr@bcldap ~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.100.177.205 bcldap.hcjbc.org bcldap Code:
[martinezjr@bcldap ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.100.177.205
nameserver 10.100.177.5 I just saw the REFUSED: Code: [martinezjr@bcldap ~]$ dig hcjbc.org mx
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> hcjbc.org mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 38352
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;hcjbc.org. IN MX
;; Query time: 3 msec
;; SERVER: 10.100.177.205#53(10.100.177.205)
;; WHEN: Sat Jan 30 13:58:12 2010
;; MSG SIZE rcvd: 27 Code: [martinezjr@bcldap ~]$ dig hcjbc.org any
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> hcjbc.org any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 47401
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;hcjbc.org. IN ANY
;; Query time: 2 msec
;; SERVER: 10.100.177.205#53(10.100.177.205)
;; WHEN: Sat Jan 30 13:58:15 2010
;; MSG SIZE rcvd: 27 Code: [martinezjr@bcldap ~]$ host `hostname`
bcldap.hcjbc.org has address 10.100.177.205 Code: [martinezjr@bcldap ~]$ host -v bcldap.hcjbc.org
Trying "bcldap.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9746
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;bcldap.hcjbc.org. IN A
;; ANSWER SECTION:
bcldap.hcjbc.org. 0 IN A 10.100.177.205
Received 50 bytes from 10.100.177.5#53 in 2 ms
Trying "bcldap.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42149
;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;bcldap.hcjbc.org. IN AAAA
Received 34 bytes from 10.100.177.5#53 in 91 ms
Trying "bcldap.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30169
;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;bcldap.hcjbc.org. IN MX
Received 34 bytes from 10.100.177.5#53 in 570 ms
[martinezjr@bcldap ~]$  |
02-01-2010, 10:43 AM
| | |
You have two DNS servers listed in your resolv.conf, I'm guessing that 10.100.177.5 is your company DNS server while 10.100.177.205 is the Zimbra server address. You need to remove the 10.100.177.5 line. On to the next problem that you are seeing...
10.100.177.205 is refusing the recursive request for hcjbc.org, this means that it didn't have a record for hcjbc.org setup so it tried to do a recursive query but it was denied by configuration.
You need to verify that the server has it's domain configured correctly on it's internal DNS server, and that if it can't find a record it is able to do a recursive query to your company DNS server. |
02-01-2010, 03:00 PM
| | Intermediate Member | |
Posts: 22
| |
Quote:
Originally Posted by ArcaneMagus  You have two DNS servers listed in your resolv.conf, I'm guessing that 10.100.177.5 is your company DNS server | actually the internal address of the firewall Quote:
Originally Posted by ArcaneMagus while 10.100.177.205 is the Zimbra server address | actual internal DNS server that I am trying to set up for the whole network. Quote:
Originally Posted by ArcaneMagus 10.100.177.205 is refusing the recursive request for hcjbc.org, this means that it didn't have a record for hcjbc.org setup so it tried to do a recursive query but it was denied by configuration.
You need to verify that the server has it's domain configured correctly on it's internal DNS server, and that if it can't find a record it is able to do a recursive query to your company DNS server. | A record for the domain? How to I do that on Fedora 11 with BIND9? |
02-01-2010, 07:09 PM
| | Intermediate Member | |
Posts: 22
| |
OK, I got it. I changed "Allow queries from:10.100.177.200;" to "10.100.177.200;any;", but I am not getting my mx record to show up.
Any hints? |
02-02-2010, 01:19 PM
| | |
Could you post the output from a dig command again?
And by record I was talking about a zone configuration file, something like this: Code: $TTL 2D
@ IN SOA ns1.domain.com. admin.domain.com. (
2010020200 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
domain.com. IN NS ns1.domain.com.
domain.com. IN NS ns2.domain.com.
domain.com. IN MX 0 mail.domain.com.
domain.com. IN TXT "v=spf1 mx ~all"
_xmpp-server._tcp IN SRV 10 100 5269 mail.domain.com.
_xmpp-client._tcp IN SRV 10 100 5222 mail.domain.com.
domain.com. IN A 192.168.1.4
ns1 IN A 192.168.1.2
ns2 IN A 192.168.1.3
www IN A 192.168.1.4
mail IN A 192.168.1.6 |
02-02-2010, 01:38 PM
| | Intermediate Member | |
Posts: 22
| |
Ok, As soon I get to work I will post the results. |
02-03-2010, 04:38 PM
| | Intermediate Member | |
Posts: 22
| |
Sorry about the delay. I had another computer lose its mind.
Oh, and this is internal only. No external access. It's hard to explain. Long story short, I need to give an alternative to M$ Exchange. And its behind two nat'd firewalls, both with dynamic ip's.
Here is the most recent results Code: [martinezjr@bcmailbox ~]$ dig mx hcjbc.org
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> mx hcjbc.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12062
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;hcjbc.org. IN MX
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
;; Query time: 2 msec
;; SERVER: 10.100.177.205#53(10.100.177.205)
;; WHEN: Wed Feb 3 18:24:08 2010
;; MSG SIZE rcvd: 95 Code: [martinezjr@bcmailbox ~]$ dig any hcjbc.org
;; Truncated, retrying in TCP mode.
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> any hcjbc.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59307
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;hcjbc.org. IN ANY
;; ANSWER SECTION:
hcjbc.org. 38400 IN RRSIG SOA 3 2 38400 20100304045837 20100202045837 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=
hcjbc.org. 38400 IN RRSIG NS 3 2 38400 20100304014145 20100202014145 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=
hcjbc.org. 38400 IN NSEC 10.100.177.200.hcjbc.org. NS SOA RRSIG NSEC DNSKEY
hcjbc.org. 38400 IN RRSIG NSEC 3 2 38400 20100301180544 20100130180544 59949 hcjbc.org. C!@(*&$^!*&@^(*&!@#=
hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 58505 hcjbc.org. CDP/m!@(*&$^!*&@^(*&!@#=
hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
hcjbc.org. 38400 IN NS 10.100.177.200.
hcjbc.org. 38400 IN NS 10.100.177.205.
hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.
hcjbc.org. 38400 IN DNSKEY 256 3 3 !@(*&$^!*&@^(*&!@#
hcjbc.org. 38400 IN DNSKEY 257 3 3 !@(*&$^!*&@^(*&!@#
;; Query time: 9 msec
;; SERVER: 10.100.177.205#53(10.100.177.205)
;; WHEN: Wed Feb 3 18:24:14 2010
;; MSG SIZE rcvd: 1477 Code: [martinezjr@bcmailbox ~]$ ping bcldap
PING bcldap.hcjbc.org (10.100.177.205) 56(84) bytes of data.
64 bytes from 10.100.177.205: icmp_seq=1 ttl=64 time=0.221 ms
64 bytes from 10.100.177.205: icmp_seq=2 ttl=64 time=0.445 ms
64 bytes from 10.100.177.205: icmp_seq=3 ttl=64 time=0.288 ms
^Z
[1]+ Stopped ping bcldap
[martinezjr@bcmailbox ~]$ ping bcldap.hcjbc.org
PING bcldap.hcjbc.org (10.100.177.205) 56(84) bytes of data.
64 bytes from 10.100.177.205: icmp_seq=1 ttl=64 time=0.264 ms
64 bytes from 10.100.177.205: icmp_seq=2 ttl=64 time=0.244 ms
64 bytes from 10.100.177.205: icmp_seq=3 ttl=64 time=0.235 ms
64 bytes from 10.100.177.205: icmp_seq=4 ttl=64 time=0.254 ms
^Z
[2]+ Stopped ping bcldap.hcjbc.org Code: [martinezjr@bcmailbox ~]$ cat '/etc/hosts'
127.0.0.1 localhost.localdomain localhost
10.100.177.200 bcmailbox.hcjbc.org bcmailbox Code: [martinezjr@bcmailbox ~]$ host `hostname`
bcmailbox.hcjbc.org has address 10.100.177.200
bcmailbox.hcjbc.org mail is handled by 1 10.100.177.200.hcjbc.org. Code: [martinezjr@bcmailbox ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.100.177.205
nameserver 10.100.177.200 Code: [martinezjr@bcmailbox ~]$ host -v bcldap.hcjbc.org
Trying "bcldap.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46000
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION SECTION:
;bcldap.hcjbc.org. IN A
;; ANSWER SECTION:
bcldap.hcjbc.org. 38400 IN A 10.100.177.205
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN NS 10.100.177.200.
hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.
hcjbc.org. 38400 IN NS 10.100.177.205.
Received 133 bytes from 10.100.177.205#53 in 3 ms
Trying "bcldap.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19020
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;bcldap.hcjbc.org. IN AAAA
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
Received 102 bytes from 10.100.177.205#53 in 1 ms
Trying "bcldap.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40963
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;bcldap.hcjbc.org. IN MX
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
Received 102 bytes from 10.100.177.205#53 in 1 ms Code: [martinezjr@bcmailbox ~]$ host -v bcmailbox.hcjbc.org
Trying "bcmailbox.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43073
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION SECTION:
;bcmailbox.hcjbc.org. IN A
;; ANSWER SECTION:
bcmailbox.hcjbc.org. 38400 IN A 10.100.177.200
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.
hcjbc.org. 38400 IN NS 10.100.177.205.
hcjbc.org. 38400 IN NS 10.100.177.200.
Received 136 bytes from 10.100.177.205#53 in 2 ms
Trying "bcmailbox.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35648
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;bcmailbox.hcjbc.org. IN AAAA
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
Received 105 bytes from 10.100.177.205#53 in 3 ms
Trying "bcmailbox.hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5035
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION SECTION:
;bcmailbox.hcjbc.org. IN MX
;; ANSWER SECTION:
bcmailbox.hcjbc.org. 380000 IN MX 1 10.100.177.200.hcjbc.org.
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.
hcjbc.org. 38400 IN NS 10.100.177.205.
hcjbc.org. 38400 IN NS 10.100.177.200.
Received 151 bytes from 10.100.177.205#53 in 2 ms and the zone file (the keys have been changed to protect the innocent) Code: $ttl 38400
hcjbc.org. IN SOA bcldap.hcjbc.org hcjbc.yahoo.com. (
1264874188
10800
3600
604800
38400 )
hcjbc.org. IN NS 10.100.177.205.
hcjbc.org. IN NS 10.100.177.200.
hcjbc.org. IN DNSKEY 257 3 3 !@!@#$&^()*!&@)(*^)(*&!@#^$
hcjbc.org. IN DNSKEY 256 3 3 !@!@#$&^()*!&@)(*^)(*&!@#^$
bcmailbox.hcjbc.org. 380000 IN MX 10 10.100.177.200
bcmta.hcjbc.org. 380000 IN MX 1 10.100.177.210
bcldap.hcjbc.org. IN A 10.100.177.205
10.100.177.205.hcjbc.org. IN PTR bcldap.hcjbc.org
bcmailbox.hcjbc.org. IN A 10.100.177.200
bcmta.hcjbc.org. IN A 10.100.177.210
10.100.177.200.hcjbc.org. IN PTR bcmailbox.hcjbc.org
10.100.177.210.hcjbc.org. IN PTR bcmta.hcjbc.org
hcjbc.org. IN NS 10.100.177.5
hcjbc.org. 38400 IN RRSIG SOA 3 2 38400 20100304045837 20100202045837 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
hcjbc.org. 38400 IN RRSIG NS 3 2 38400 20100304014145 20100202014145 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
hcjbc.org. 38400 IN NSEC 10.100.177.200.hcjbc.org. NS SOA RRSIG NSEC DNSKEY
hcjbc.org. 38400 IN RRSIG NSEC 3 2 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 58505 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
10.100.177.200.hcjbc.org. 38400 IN RRSIG PTR 3 6 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
10.100.177.200.hcjbc.org. 38400 IN NSEC 10.100.177.205.hcjbc.org. PTR RRSIG NSEC
10.100.177.200.hcjbc.org. 38400 IN RRSIG NSEC 3 6 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
10.100.177.210.hcjbc.org. 38400 IN RRSIG PTR 3 6 38400 20100301180647 20100130180647 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
10.100.177.210.hcjbc.org. 38400 IN NSEC bcldap.hcjbc.org. PTR RRSIG NSEC
10.100.177.210.hcjbc.org. 38400 IN RRSIG NSEC 3 6 38400 20100304014145 20100202014145 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
10.100.177.205.hcjbc.org. 38400 IN RRSIG PTR 3 6 38400 20100301170513 20100130170513 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
10.100.177.205.hcjbc.org. 38400 IN NSEC 10.100.177.210.hcjbc.org. PTR RRSIG NSEC
10.100.177.205.hcjbc.org. 38400 IN RRSIG NSEC 3 6 38400 20100301180647 20100130180647 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
bcldap.hcjbc.org. 38400 IN RRSIG A 3 3 38400 20100301170039 20100130170039 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$U=
bcldap.hcjbc.org. 38400 IN NSEC bcmailbox.hcjbc.org. A RRSIG NSEC
bcldap.hcjbc.org. 38400 IN RRSIG NSEC 3 3 38400 20100301170039 20100130170039 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$k=
bcmailbox.hcjbc.org. 38400 IN RRSIG A 3 3 38400 20100301180130 20100130180130 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
bcmailbox.hcjbc.org. 380000 IN RRSIG MX 3 3 380000 20100304021217 20100202021217 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
bcmailbox.hcjbc.org. 38400 IN NSEC bcmta.hcjbc.org. A MX RRSIG NSEC
bcmailbox.hcjbc.org. 38400 IN RRSIG NSEC 3 3 38400 20100301180130 20100130180130 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
bcmta.hcjbc.org. 38400 IN RRSIG A 3 3 38400 20100301180238 20100130180238 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
bcmta.hcjbc.org. 380000 IN RRSIG MX 3 3 380000 20100304021301 20100202021301 59949 hcjbc.org. C!@!@#$&^()*!&@)(*^)(*&!@#^$=
bcmta.hcjbc.org. 38400 IN NSEC hcjbc.org. A MX RRSIG NSEC
bcmta.hcjbc.org. 38400 IN RRSIG NSEC 3 3 38400 20100301180238 20100130180238 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
Last edited by martinezjr; 02-03-2010 at 05:08 PM..
|
02-03-2010, 11:55 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
The problem would appear to be the fact you have two DNS server and one of them does not have DNS records for your domain You can see the server it's using in the following response: Code: ;; Query time: 9 msec
;; SERVER: 10.100.177.205#53(10.100.177.205)
;; WHEN: Wed Feb 3 18:24:14 2010
;; MSG SIZE rcvd: 1477 You should only have one DNS server (at 10.100.177.200) in your hosts file and that should be the one on your Zimbra server, you can check the records with the following: Code: dig @10.100.177.200 hcjbc.org mx
dig @10.100.177.200 hcjbc.org any If that returns valid records then you should remove the second DNS server (10.100.177.205) from your resolv.conf file.
Can you also update your forum profile with the output of the following command (do not post it in this thread):
__________________
Regards
Bill
|
02-04-2010, 10:47 AM
| | |
Are you trying to setup the Zimbra server to be it's own DNS server, with recursive queries going out to the 10.100.177.205 one? Or are you trying to setup the Zimbra server to use the 10.100.177.205 server as it's only DNS server and have that server work for all internal queries?
Also just as a note:
In your record file you are missing the "." at the end of the primary DNS server part of the SOA, that is why it is returning "bcldap.hcjbc.org.hcjbc.org." rather then "bcldap.hcjbc.org.". Also you currently have your MX records setup for the servers FQDN. This is fine if your email addresses will be in the form of user@bcmailbox.hcjbc.org, however it is a problem if you are trying to do addresses like user@hcjbc.org. If you want addresses like that you need to set the MX record on just hcjbc.org, not bcmailbox.hcjbc.org. So the lines would look like this (if you are going with the internal dns server not split dns): Code: hcjbc.org. 380000 IN MX 10 10.100.177.200
hcjbc.org. 380000 IN MX 1 10.100.177.210 With how it is currently setup you have 1 MX record for addresses like user@bcmta.hcjbc.org. that has a priority of 1 (out of the 1 record), and then you have another record for addresses like user@bcmailbox.hcjbc.org. that has a priority of 10 (out of the 1 record). Addresses like user@hcjbc.org have no MX record associated with them right now.
Also your PTR records that you have in there are useless and will never be used unless you manually query for them. The proper way to do PTR records would be to create another zone file for the 177.100.10.in-addr.arpa zone. It should look something like the following: Code: $TTL 2D
@ IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. (
2009091300 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
IN NS bcldap.hcjbc.org.
200 IN PTR bcmailbox.hcjbc.org.
205 IN PTR bcldap.hcjbc.org.
210 IN PTR bcmta.hcjbc.org. You also have your firewall (10.100.177.5) in there as an authoritative NS for your domain... is that meant to be there? |
02-05-2010, 04:22 PM
| | Intermediate Member | |
Posts: 22
| |
Quote:
Originally Posted by ArcaneMagus Are you trying to setup the Zimbra server to be it's own DNS server, with recursive queries going out to the 10.100.177.205 one? Or are you trying to setup the Zimbra server to use the 10.100.177.205 server as it's only DNS server and have that server work for all internal queries? | I have split Zimbra into different servers as I only have low end desktops:
3 Dell GX240's
-each
--1.6G CPU
--1.2G RAM
--Fedora11
-1 with ldap and BIND9 as DNS master (bcldap)
-1 with store, logger, snmp, apache and BIND9 DNS slave (bcmailbox)
-1 with mta (bcmta) Quote:
Also just as a note:
In your record file you are missing the "." at the end of the primary DNS server part of the SOA, that is why it is returning "bcldap.hcjbc.org.hcjbc.org." rather then "bcldap.hcjbc.org.".
| ok done Quote:
Also you currently have your MX records setup for the servers FQDN. This is fine if your email addresses will be in the form of user@bcmailbox.hcjbc.org, however it is a problem if you are trying to do addresses like user@hcjbc.org. If you want addresses like that you need to set the MX record on just hcjbc.org, not bcmailbox.hcjbc.org. So the lines would look like this (if you are going with the internal dns server not split dns):
Code: hcjbc.org. 380000 IN MX 10 10.100.177.200
hcjbc.org. 380000 IN MX 1 10.100.177.210 With how it is currently setup you have 1 MX record for addresses like user@bcmta.hcjbc.org. that has a priority of 1 (out of the 1 record), and then you have another record for addresses like user@bcmailbox.hcjbc.org. that has a priority of 10 (out of the 1 record). Addresses like user@hcjbc.org have no MX record associated with them right now.
| Done Quote:
Also your PTR records that you have in there are useless and will never be used unless you manually query for them. The proper way to do PTR records would be to create another zone file for the 177.100.10.in-addr.arpa zone. It should look something like the following:
Code: $TTL 2D
@ IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. (
2009091300 ; serial
3H ; refresh
1H ; retry
1W ; expiry
1D ) ; minimum
IN NS bcldap.hcjbc.org.
200 IN PTR bcmailbox.hcjbc.org.
205 IN PTR bcldap.hcjbc.org.
210 IN PTR bcmta.hcjbc.org. | You lost me on this section. I do not remember setting up PTR records. Quote: |
You also have your firewall (10.100.177.5) in there as an authoritative NS for your domain... is that meant to be there?
| For some reason, if I do not have this as one of the ns, I will not have external access from the machines. I use IPCop as my router/firewall/proxy/urlfilter/dhcp/ntp server. I disabled the DHCP, and now I can access the internet. I will be changing bcldap to bcdc as it will have to be the DHCP and DNS and NTP server now. And making a new bcldap.
I can now get dig to respond for my mx records. Code: [martinezjr@bcldap ~]$ host -v hcjbc.org
Trying "hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52246
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;hcjbc.org. IN A
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. 1264874199 10800 3600 604800 38400
Received 85 bytes from 10.100.177.205#53 in 8 ms
Trying "hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24493
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;hcjbc.org. IN AAAA
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. 1264874199 10800 3600 604800 38400
Received 85 bytes from 10.100.177.205#53 in 1 ms
Trying "hcjbc.org"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44689
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;hcjbc.org. IN MX
;; ANSWER SECTION:
hcjbc.org. 380000 IN MX 10 10.100.177.200.hcjbc.org.
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN NS 10.100.177.205.
hcjbc.org. 38400 IN NS 10.100.177.200.
Received 114 bytes from 10.100.177.205#53 in 1 ms
[martinezjr@bcldap ~]$ dig mx hcjbc.org
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> mx hcjbc.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18602
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;hcjbc.org. IN MX
;; ANSWER SECTION:
hcjbc.org. 380000 IN MX 10 10.100.177.200.hcjbc.org.
;; AUTHORITY SECTION:
hcjbc.org. 38400 IN NS 10.100.177.200.
hcjbc.org. 38400 IN NS 10.100.177.205.
;; Query time: 2 msec
;; SERVER: 10.100.177.205#53(10.100.177.205)
;; WHEN: Fri Feb 5 18:23:08 2010
;; MSG SIZE rcvd: 114
[martinezjr@bcldap ~]$ | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
