[SOLVED] DNS Wiki

[stevenjo57]

I continue to mire in DNS and MX/A record hell. I've followed several procedures here, but still can't seem to get things configured right.

I was reading the DNS Zimbra Wiki and it gives a snippet of code to drop into a file. Here is what it says exactly:

"So, drop that in the domain.com file in /var/named/data (or /var/named/chroot/var/named/data, depending)."

Are we talking about a BIND server? BIND8 or BIND9? Why might it be two different files?

My thinking is I'll get a DNS server with the correct MX record before I even try to install Zimbra. I've had it continually gripe about the MX record.

Here are my particulars at this time:

1) Intended Zimbra server is host name "mail", behind a firewall, with static IP adress 192.168.0.5.
2) It will be running Ubuntu server 6.10 with a DNS server.
3) DNS server will forward to OpenDNS servers 208.67.222.222.
4) Domain is to be ovationbooks.net

Thanks very much for any help. Let me know if I need to post anything else.

[phoenix]

DNS in a nutshell second post down, is the example I used when I set-up my DNS server on CentOS a long while ago. I use BIND9 on my o/s, the file locations may be slightly different on yours - I don't know Ubuntu too well. You'll also need a correct /etc/hosts file.

Have you actually installed BIND yet? If you have what is the current state, does a Zimbra install fail because of MX records?

What do these commands return?

Code:

host `hostname`
dig  ovationbooks.net any

[stevenjo57]

Hi Bill, thanks very much for your help.

I just installed bind. I would bet $500 if I proceed to install Zimbra, I will get the MX record error. I've installed Zimbra at least 5 times over the last year in tests, but always get it.

Here are the results of what you told me to enter:
---
tech@mail:~$ host mail
mail has address 208.67.219.130
Host mail not found: 3(NXDOMAIN)
---
tech@mail:~$ dig ovationbooks.net any

; <<>> DiG 9.3.2 <<>> ovationbooks.net any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34509
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ovationbooks.net. IN ANY

;; ANSWER SECTION:
ovationbooks.net. 6769 IN NS ns2.lunarpages.com.
ovationbooks.net. 6769 IN NS ns1.lunarpages.com.

;; Query time: 73 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Thu May 31 15:55:37 2007
;; MSG SIZE rcvd: 84

---

I can try pasting the snippet code if I can find the file, like it says in the DNS wiki, but there is no directory called /etc/named. Makes you feel reallly stupid when you try to follow these things.

Thanks again.

UPDATE: I found a directory with the named.conf file. It is /etc/bind/ but there is no file called "data" as the Zimbra DNS wiki seems to indicate.

Thanks.

[phoenix]

Don't forget the DNS wiki is for Red Hat and in the true Linux tradition each version puts it's files in slightly different places.

The first command host `hostname` should have been typed as-is and they are backticks not single quotes.

Post the details of the modified BIND config files.

[stevenjo57]

Thanks for your help. Here's my latest.

I decided to try the procedure at Ubuntu install which seems to work for a lot of people. Here is how it went.

Here is the latest information:

Have DNS Bind9 on a computer named "mail". I wonder, should it be named "mail.domain.com"?

Our domain is planned to be bookpros.com, so I'm trying to get the MX and A records correct.

I installed Bind9 with no apparent errors, and it appears to be functioning as a DNS server.

Created a file called /etc/bind/named.conf.local and put this in it:

Code:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "mail.bookpros.com" {
        type master;
        file "/etc/bind/zones/mail.bookpros.com.db";
        };

Next I created edited the file /etc/bind/named.conf.options as follows:

Code:

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you might need to uncomment the query-source
        // directive below.  Previous versions of BIND always asked
        // questions using port 53, but BIND 8.1 and later use an unprivileged
        // port by default.

        // query-source address * port 53;

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

forwarders {
        208.67.222.222;
        208.67.220.220;
        };

        auth-nxdomain no;    # conform to RFC1035

        // By default, name servers should only perform recursive domain
        // lookups for their direct clients.  If recursion is left open
        // to the entire Internet, your name server could be used to
        // perform distributed denial of service attacks against other
        // innocent computers.  For more information on DDoS recursion:
        // http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987

        allow-recursion { localnets; };

        // If you have DNS clients on other subnets outside of your
        // server's "localnets", you can explicitly add their networks
        // without opening up your server to the Internet at large:
        // allow-recursion { localnets; 192.168.0.0/24; };

        // If your name server is only listening on 127.0.0.1, consider:
        // allow-recursion { 127.0.0.1; };

};

Then I created a zone file called /etc/bind/zones/mail.bookpros.com.db and it looks like this:

Code:

; mail.bookpros.com
TTL 604800
        @       IN      SOA     ns.mail.bookpros.com. root.mail.bookpros.com. (
                2007022601
                28800
                3600
                604800
                38400
        );
        @       IN      NS      ns
                IN      MX      10 mail
                IN      A       192.168.0.5
        ns      IN      A       192.168.0.5
        mail    IN      A       192.168.0.5

My /etc/resolv.conf looks like this:

Code:

search mail.bookpros.com
nameserver 192.168.0.5
nameserver 208.67.222.222
nameserver 208.67.220.220

I restarted bind9 at this point and it restarted with no errors.

Now when I enter the commands you suggested?

tech@mail:/etc/bind$ host 'mail'
mail has address 208.67.219.130
Host mail not found: 3(NXDOMAIN)
tech@mail:/etc/bind$

and

Code:

tech@mail:/etc/bind$ dig bookpros.com any

; <<>> DiG 9.3.2 <<>> bookpros.com any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32970
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0

;; QUESTION SECTION:
;bookpros.com.                  IN      ANY

;; ANSWER SECTION:
bookpros.com.           10494   IN      A       209.200.229.125

;; AUTHORITY SECTION:
.                       513605  IN      NS      e.root-servers.net.
.                       513605  IN      NS      f.root-servers.net.
.                       513605  IN      NS      g.root-servers.net.
.                       513605  IN      NS      h.root-servers.net.
.                       513605  IN      NS      i.root-servers.net.
.                       513605  IN      NS      j.root-servers.net.
.                       513605  IN      NS      k.root-servers.net.
.                       513605  IN      NS      l.root-servers.net.
.                       513605  IN      NS      m.root-servers.net.
.                       513605  IN      NS      a.root-servers.net.
.                       513605  IN      NS      b.root-servers.net.
.                       513605  IN      NS      c.root-servers.net.
.                       513605  IN      NS      d.root-servers.net.

;; Query time: 2 msec
;; SERVER: 192.168.0.5#53(192.168.0.5)
;; WHEN: Tue Jun  5 15:37:31 2007
;; MSG SIZE  rcvd: 257

tech@mail:/etc/bind$

So, that's where I am. The answers don't look right to me.

Thanks much.

[stevenjo57]

Hello? Anyone have any ideas? I still sit here unable to get the MX record forwarded.

Thanks for any help.

[phoenix]

First, I asked you to do this:

Code:

host `hostname`  <-- backticks not single quotes and use this command as is

see what that returns.

You should also show what's in your /etc/hists file. You also need the FQDN in your MX record not the hostname. In your resolve.conf just leave your nameserver and remove the external ones. You can then try:

Code:

dig bookpros.com any
dig bookpros.com mx

and see what you get.

[stevenjo57]

Success!!

I went through it again and was able to get it installed cleanly. I have other questions, but I think I'll start other threads for them.

THANKS!