Bind hängt bei not-existing hosts den Domainnamen an

[nobody0]

Auf meinem Router habe ich unter SuSE 10 Bind als Caching-Only DNS-Server, aber der funktioniert nicht richtig bei nicht existierenden Hosts:

> ping foo.bar
PING foo.bar.random.linux-site.net (83.171.148.79) 56(84) bytes of data.
64 bytes from DSL01.83.171.148.79.TELkom.net (83.171.148.79): icmp_seq=1 ttl=64 time=0.118 ms

Irgendwelche Vorschläge?

[meinereinerseiner]

hast du in der resolf.conf als domain suffix vielleicht sowas wie linux-site.net stehen, dann
hat dein bind einfach nur recht, der host foo.bar.random.linux-site.net
hat nunmal die 83.171.184.79. foo.bar kann er nicht auflösen, also hängt er den suffix drann,
dummerweise findet er dann bei dns2go eine antwort.

host foo.bar.random.linux-site.net
foo.bar.random.linux-site.net. has address 83.171.184.79

host 83.171.184.79
79.184.171.83.in-addr.arpa. domain name pointer DSL01.83.171.184.79.NEFkom.net.


der tom

[nobody0]

Also ist der Fehler wohl bei dns2go.

Aber wieso schlägt dann nslookup fehl:

> nslookup foo.bar.random.linux-site.net
Server: 192.168.59.9
Address: 192.168.59.9#53

** server can't find foo.bar.random.linux-site.net: SERVFAIL

[meinereinerseiner]

wohin forwardest du denn?

mein djb-dnscache sagt:

# nslookup foo.bar.random.linux-site.net
Server: 192.168.100.4
Address: 192.168.100.4#53

Non-authoritative answer:
Name: foo.bar.random.linux-site.net
Address: 83.171.189.50

[nobody0]

Ich mache nur Port-Forwarding einiger Ports nach 192.168.59.7; sonst nix.
Der Bind hier wird ja nur im LAN hier benutzt; ich glaube nicht, dass DNS2GO ihn abfragt; ansonsten würde der foo.bar ja als not existing gemeldet werden.

[meinereinerseiner]

nein, frage bezog sich auf das forwarding der dns requests, sprich wo
fragst du an, wenn dein bind nich weiter weis, sprich provider dns oder
über nen cache direkt an die root-server?

der tom

[nobody0]

Angefragt wird bei einem von zwei DNS-Servern vom Provider oder einem von einer Uni. Ich habe die als IPs getragen:

forwarders { 212.114.152.1; 134.60.1.111; 212.114.153.1; };

[meinereinerseiner]

hmm, also wenn ich deine 3 ns direkt frage kommt immer die richtige antwort.
wie sieht denn deine /etc/resolv.conf und /etc/named.conf aus?

der tom

[nobody0]

resolv.conf:

Code:

### BEGIN INFO
#
# Modified_by:  pppd
# Backup:       /etc/resolv.conf.saved.by.pppd.dsl0
# Process:      pppd
# Process_id:   22557
# Script:       /etc/ppp/ip-up
# Saveto:       
# Info:         This is a temporary resolv.conf created by service pppd.
#               The previous file has been saved and will be restored later.
#               
#               If you don't like your resolv.conf to be changed, you
#               can set MODIFY_{RESOLV,NAMED}_CONF_DYNAMICALLY=no. This
#               variables are placed in /etc/sysconfig/network/config.
#               
#               You can also configure service pppd not to modify it.
#               
#               If you do not want the pppd to change your nameserver
#               settings set MODIFYDNS=no in the config file for
#               this provider in /etc/sysconfig/network/providers/
#               and ensure that the option usepeerdns is not set
#               in /etc/ppp/options.
#
### END INFO
search local
nameserver 212.114.152.1
nameserver 212.114.153.1

/etc/named.conf:

Code:

options {

	# The directory statement defines the name server's working directory

	directory "/var/lib/named";

	# Write dump and statistics file to the log subdirectory.  The
	# pathenames are relative to the chroot jail.

	dump-file "/var/log/named_dump.db";
	statistics-file "/var/log/named.stats";

	# The forwarders record contains a list of servers to which queries
	# should be forwarded.  Enable this line and modify the IP address to
	# your provider's name server.  Up to three servers may be listed.

	#forwarders { 192.0.2.1; 192.0.2.2; };

	# Enable the next entry to prefer usage of the name server declared in
	# the forwarders section.

	#forward first;

	# The listen-on record contains a list of local network interfaces to
	# listen on.  Optionally the port can be specified.  Default is to
	# listen on all interfaces found on your system.  The default port is
	# 53.

	#listen-on port 53 { 127.0.0.1; };

	# The listen-on-v6 record enables or disables listening on IPv6
	# interfaces.  Allowed values are 'any' and 'none' or a list of
	# addresses.

	listen-on-v6 { any; };

	# The next three statements may be needed if a firewall stands between
	# the local server and the internet.

	#query-source address * port 53;
	#transfer-source * port 53;
	#notify-source * port 53;

	# The allow-query record contains a list of networks or IP addresses
	# to accept and deny queries from. The default is to allow queries
	# from all hosts.

	#allow-query { 127.0.0.1; };

	# If notify is set to yes (default), notify messages are sent to other
	# name servers when the the zone data is changed.  Instead of setting
	# a global 'notify' statement in the 'options' section, a separate
	# 'notify' can be added to each zone definition.

	notify no;
	include "/etc/named.d/forwarders.conf";
};

# To configure named's logging remove the leading '#' characters of the
# following examples.
#logging {
#	# Log queries to a file limited to a size of 100 MB.
#	channel query_logging {
#		file "/var/log/named_querylog"
#			versions 3 size 100M;
#		print-time yes;			// timestamp log entries
#	};
#	category queries {
#		query_logging;
#	};
#
#	# Or log this kind alternatively to syslog.
#	channel syslog_queries {
#		syslog user;
#		severity info;
#	};
#	category queries { syslog_queries; };
#
#	# Log general name server errors to syslog.
#	channel syslog_errors {
#		syslog user;
#		severity error;
#	};
#	category default { syslog_errors;  };
#
#	# Don't log lame server messages.
#	category lame-servers { null; };
#};

# The following zone definitions don't need any modification.  The first one
# is the definition of the root name servers.  The second one defines
# localhost while the third defines the reverse lookup for localhost.

zone "." in {
	type hint;
	file "root.hint";
};

zone "localhost" in {
	type master;
	file "localhost.zone";
};

zone "0.0.127.in-addr.arpa" in {
	type master;
	file "127.0.0.zone";
};

# Include the meta include file generated by createNamedConfInclude.  This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named

include "/etc/named.conf.include";
zone "random.linux-site.net" in {
	file "master/random.linux-site.netX";
	type master;
};
logging {
	category default { log_syslog; };
	channel log_syslog { syslog; };
};

[meinereinerseiner]

hmmm, dein dns ist sozusagen verwalter von "random.linux-site.net"
denke mal das im zonenfile nix von foo.bar steht, also kann nslookup
den nicht auflösen.

beim ping fragt der deinen lokalen dns aber garnicht, sondern
geht direkt an die provider dns - siehe config in resolv.conf.
trag dort doch mal die 192.168.59.9 ein, dann sollte das auch passen.

der tom