Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: DNS problems - weird

  1. #1
    getridoff is offline Active Member
    Join Date
    Oct 2009
    Location
    Malaysia
    Posts
    39
    Rep Power
    5

    Default DNS problems - weird

    Hi there,

    It's me again..something happened, but i dunno what is it. Ok, i have installed centos, disabled selinux, then the firewall, and done the Split DNS, as my machine is behind a firewall. But each time i configure the Split DNS, there is an error from the nslookup..perhaps i should post my output here, so that any guys of you can highlight me :

    cat /etc/hosts
    cat /etc/resolv.conf
    dig domain.com mx
    dig domain.com any
    host `hostname` <- note backticks and not single quotes


    cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    127.0.0.1 localhost.localdomain localhost
    192.168.1.102 mail.nha2u.com mail

    cat /etc/resolv.conf
    search nha2u.com
    nameserver 192.168.1.102


    dig domain.com mx
    [root@mail ~]# dig nha2u.com mx

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com mx
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8169
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;nha2u.com. IN MX

    ;; ANSWER SECTION:
    nha2u.com. 156 IN MX 10 mail.nha2u.com.

    ;; AUTHORITY SECTION:
    nha2u.com. 156 IN NS ns1.agigaworld.com.

    ;; ADDITIONAL SECTION:
    mail.nha2u.com. 156 IN A 211.24.155.2




    dig domain.com any
    [root@mail ~]# dig nha2u.com any

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52185
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;nha2u.com. IN ANY

    ;; ANSWER SECTION:
    nha2u.com. 93 IN MX 10 mail.nha2u.com.
    nha2u.com. 93 IN NS ns1.agigaworld.com.

    ;; AUTHORITY SECTION:
    nha2u.com. 93 IN NS ns1.agigaworld.com.

    ;; ADDITIONAL SECTION:
    mail.nha2u.com. 93 IN A 211.24.155.2

    ;; Query time: 0 msec
    ;; SERVER: 192.168.1.102#53(192.168.1.102)
    ;; WHEN: Sun Jul 18 16:44:59 2010
    ;; MSG SIZE rcvd: 107




    host `hostname`
    [root@mail ~]# host `hostname`
    mail.nha2u.com.nha2u.com is an alias for Napoleon Hill Associates.
    Napoleon Hill Associates has address 124.217.227.140
    ;; connection timed out; no servers could be reached


    I can suspect there is problem with the config above, but i just cant find it out, after 5 hours of trying this. Please do highlight me of my stupid mistakes here...

    Thank you

    Regards,
    getridoff

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    The simple answer is your DNS configuration files seem to have the A record of the Public IP (I'm assuming that's what 211.24.155.2 is?) rather than the Private LAN IP of the Zimbra server.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    getridoff is offline Active Member
    Join Date
    Oct 2009
    Location
    Malaysia
    Posts
    39
    Rep Power
    5

    Default

    Quote Originally Posted by phoenix View Post
    The simple answer is your DNS configuration files seem to have the A record of the Public IP (I'm assuming that's what 211.24.155.2 is?) rather than the Private LAN IP of the Zimbra server.


    Hi phoenix,

    yeah, but it supposed to have private LAN IP, as this machine is supposed to be behind firewall. i have edited the db.domain.com files, but it still showing the public ip for the A record..is there any place that i can check in the machine itself to change the A record to Private LAN ip? please advice me, so confused..

    Thank you

    Regards,
    getridoff

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    You need to configure the BIND(?) configuration files on this server 192.168.1.102 to reflect the fact it should be pointing to the LAN IP.

    Quote Originally Posted by getridoff View Post
    host `hostname`
    [root@mail ~]# host `hostname`
    mail.nha2u.com.nha2u.com is an alias for Napoleon Hill Associates.
    Napoleon Hill Associates has address 124.217.227.140
    ;; connection timed out; no servers could be reached
    I'd also suspect you have a problem with the format of your DNS statements in your BIND config files given the response from the above command.

    Check the details in the split DNS sarticle again and pay particular attention to the format of the statements and specifically the '.' (the period) at the end of the domain name in the config files.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    getridoff is offline Active Member
    Join Date
    Oct 2009
    Location
    Malaysia
    Posts
    39
    Rep Power
    5

    Default

    Quote Originally Posted by phoenix View Post
    You need to configure the BIND(?) configuration files on this server 192.168.1.102 to reflect the fact it should be pointing to the LAN IP.

    I'd also suspect you have a problem with the format of your DNS statements in your BIND config files given the response from the above command.

    Check the details in the split DNS sarticle again and pay particular attention to the format of the statements and specifically the '.' (the period) at the end of the domain name in the config files.
    Hi phoenix,

    I have re-configure the SPLIT DNS for zimbra to work, but un-usual, i face a different kind of issue here. below is my post :

    [root@mail ~]# cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    127.0.0.1 localhost.localdomain localhost
    192.168.1.102 mail.nha2u.com mail


    [root@mail ~]# cat /etc/resolv.conf
    search nha2u.com
    nameserver 192.168.1.102

    [root@mail ~]# dig nha2u.com mx

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com mx
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37915
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;nha2u.com. IN MX

    ;; ANSWER SECTION:
    nha2u.com. 2592000 IN MX 10 mail.nha2u.com.

    ;; AUTHORITY SECTION:
    nha2u.com. 2592000 IN NS 192.168.1.102.nha2u.com.

    ;; Query time: 0 msec
    ;; SERVER: 192.168.1.102#53(192.168.1.102)
    ;; WHEN: Tue Jul 20 11:28:59 2010
    ;; MSG SIZE rcvd: 76

    [root@mail ~]# dig nha2u.com any

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25315
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;nha2u.com. IN ANY

    ;; ANSWER SECTION:
    nha2u.com. 2592000 IN SOA nha2u.com. hostmaster.mail.nha2u.com. 10118 43200 3600 3600000 2592000
    nha2u.com. 2592000 IN NS 192.168.1.102.nha2u.com.
    nha2u.com. 2592000 IN A 192.169.1.102
    nha2u.com. 2592000 IN MX 10 mail.nha2u.com.

    ;; Query time: 0 msec
    ;; SERVER: 192.168.1.102#53(192.168.1.102)
    ;; WHEN: Tue Jul 20 11:29:05 2010
    ;; MSG SIZE rcvd: 139

    [root@mail ~]# host `hostname`
    Host mail.nha2u.com not found: 3(NXDOMAIN)


    why my hostname seems not found, even though i have set it in the host file itself ??

    Please guide me

    Thank you

    regards,
    getridoff

  6. #6
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Quote Originally Posted by getridoff View Post
    why my hostname seems not found, even though i have set it in the host file itself ??
    For the simple reason that your DNS configuration files are incorrect as shown by the output you've posted above. The "host `hostname`" command will use DNS to resolve the hostname of the machine on which it is run, if it can't be resolved you'll get the response you've posted.

    There are several threads in the forums that have details of what's needed in the BIND configuration files and tutorials on the internet, take your pick:

    Linux DNS Server - How To Set Up Static or Dynamic DNS for Your Internet Servers
    +"how to" +dns +NAMED - Yahoo! Search Results
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,367
    Rep Power
    10

    Default

    I know this is very frustrating for you, but the good news is as others have replied that the only thing wrong here is your BIND configuration.

    The instance of BIND running on your Zimbra server needs to be the Master for your domain, with private IP addresses, and must never replicate your real public zone file.

    At a minimum in local BIND you'll need an A record for your Zimbra server, an MX record for your domain, and forwarders for off-domain lookups by Zimbra.

    Hope that helps,
    Mark

  8. #8
    getridoff is offline Active Member
    Join Date
    Oct 2009
    Location
    Malaysia
    Posts
    39
    Rep Power
    5

    Default

    Quote Originally Posted by LMStone View Post
    I know this is very frustrating for you, but the good news is as others have replied that the only thing wrong here is your BIND configuration.

    The instance of BIND running on your Zimbra server needs to be the Master for your domain, with private IP addresses, and must never replicate your real public zone file.

    At a minimum in local BIND you'll need an A record for your Zimbra server, an MX record for your domain, and forwarders for off-domain lookups by Zimbra.

    Hope that helps,
    Mark
    Hi to everyone here,

    it is very pleasant to know that everyone here is willing to share their knowledge and experience with me, so i do not give up on this, and at last have found the way to get the host name work!! So i need the guru's here to confirmed that my settings here is correct .

    cat /etc/hosts
    [root@mail ~]# cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    127.0.0.1 localhost.localdomain localhost
    192.168.1.102 mail.nha2u.com mail

    cat /etc/resolv.conf
    [root@mail ~]# cat /etc/resolv.conf
    search nha2u.com
    nameserver 192.168.1.102


    dig nha2u.com mx
    [root@mail ~]# dig nha2u.com mx

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com mx
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16921
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;nha2u.com. IN MX

    ;; ANSWER SECTION:
    nha2u.com. 2592000 IN MX 10 mail.nha2u.com.

    ;; AUTHORITY SECTION:
    nha2u.com. 2592000 IN NS 192.168.1.102.nha2u.com.

    ;; ADDITIONAL SECTION:
    mail.nha2u.com. 2592000 IN A 192.168.1.102

    ;; Query time: 0 msec
    ;; SERVER: 192.168.1.102#53(192.168.1.102)
    ;; WHEN: Fri Jul 23 16:21:18 2010
    ;; MSG SIZE rcvd: 92



    dig nha2u.com any
    [root@mail ~]# dig nha2u.com any

    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com any
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28019
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;nha2u.com. IN ANY

    ;; ANSWER SECTION:
    nha2u.com. 2592000 IN SOA mail.nha2u.com. hostmaster.mail.nha2u.com. 10118 43200 3600 3600000 2592000
    nha2u.com. 2592000 IN NS 192.168.1.102.nha2u.com.
    nha2u.com. 2592000 IN A 192.169.1.102
    nha2u.com. 2592000 IN MX 10 mail.nha2u.com.

    ;; ADDITIONAL SECTION:
    mail.nha2u.com. 2592000 IN A 192.168.1.102

    ;; Query time: 0 msec
    ;; SERVER: 192.168.1.102#53(192.168.1.102)
    ;; WHEN: Fri Jul 23 16:21:27 2010
    ;; MSG SIZE rcvd: 155


    host `hostname`
    [root@mail ~]# host `hostname`
    mail.nha2u.com has address 192.168.1.102

    nslookup mail.nha2u.com
    [root@mail ~]# nslookup mail.nha2u.com
    Server: 192.168.1.102
    Address: 192.168.1.102#53

    Name: mail.nha2u.com
    Address: 192.168.1.102



    Yes, and the above is my settings. Please do highlight if there is any errors or mistakes so that i can improve my settings here.

    Thank you very much

    Regards
    getridoff

  9. #9
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,367
    Rep Power
    10

    Default

    All that looks good so far!

    If it were our system we would set the web server mode to "redirect" using the zmtlsctl command; you may need to open TCP 443 on the firewall too.

    I'd also be sure all admin accounts have very strong passwords if you are going to leave the Admin Console open to the public Internet.

    Hope that helps,
    Mark

  10. #10
    getridoff is offline Active Member
    Join Date
    Oct 2009
    Location
    Malaysia
    Posts
    39
    Rep Power
    5

    Default

    Quote Originally Posted by LMStone View Post
    All that looks good so far!

    If it were our system we would set the web server mode to "redirect" using the zmtlsctl command; you may need to open TCP 443 on the firewall too.

    I'd also be sure all admin accounts have very strong passwords if you are going to leave the Admin Console open to the public Internet.

    Hope that helps,
    Mark

    Hi LMStone,

    Thank you,

    If it were our system we would set the web server mode to "redirect" using the zmtlsctl command; you may need to open TCP 443 on the firewall too.

    may i know the reason for your sentences above please ? a bit confused here...


    thank you

    regards
    getridoff

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Split DNS and Disaster Recovery and other weird issues
    By skrid216 in forum Administrators
    Replies: 5
    Last Post: 06-15-2010, 04:16 AM
  2. DNS Problems Due to Incompetence
    By seanhogge in forum Installation
    Replies: 8
    Last Post: 08-15-2008, 02:56 PM
  3. Replies: 2
    Last Post: 12-25-2007, 09:00 AM
  4. Replies: 3
    Last Post: 01-09-2007, 01:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •