| View previous topic :: View next topic |
| Author |
Message |
dmolavi
Apprentice
Joined: 24 Feb 2003
Posts: 153
Location: Washington Township, NJ
|
 Posted: Wed Apr 30, 2003 2:00 pm Post subject: idiot's guide to BIND? |
 |
|
| is there a quick and dirty how-to on getting BIND 9 setup and configured? also, in a slightly unrelated issue, my main.cf file for postfix has the smtp server of my dsl provider as the relayhost. will running a public DNS server on my box allow me to just use my own box as the relayhost? |
|
| Back to top |
|
 |
neilhwatson
l33t
Joined: 06 Feb 2003
Posts: 719
Location: Canada
|
| Posted: Wed Apr 30, 2003 2:34 pm Post subject: |
|
|
Bind runs DNS which is the most important of all networking services. There is no way to quickly learn it and learn it safely.
Having said that, we may be able to help you if you tell us what you would like Bind to do?
_________________
The true guru is a teacher.
Neil Watson |
|
| Back to top |
|
|
verbaltoxin
n00b
Joined: 12 Mar 2003
Posts: 11
Location: Mendon, UT USA
|
| Posted: Wed Apr 30, 2003 2:50 pm Post subject: Most Important? |
|
|
Now, I wouldn't say DNS is the most important service. I find I can type IP addresses just fine. DNS is more of a convenience. Not to be picky or anything.
Heres a link to try
http://www.crazysquirrel.com/linux/dns.php
Not an in depth answer, but it will help you set up a nameserver |
|
| Back to top |
|
|
dmolavi
Apprentice
Joined: 24 Feb 2003
Posts: 153
Location: Washington Township, NJ
|
| Posted: Wed Apr 30, 2003 2:50 pm Post subject: |
|
|
ah, it's a long story that begins thusly:
My DSL provider gives me a static IP and a DSL router (not a bridge). Behind this DSL router is my wireless router (a Dell TrueMobile 1184). Behind this wireless router sits some wireless enabled laptops and my gentoo box, via Cat-5:
| Code: |
\ /
|
Laptops
\ /
|
Internet ---- DSL Router ---- Wireless Router
|___________Gentoo Box |
The big problem I'm having is with Reverse DNS. From my posts at the Dell Support Forums:
| Quote: | here is the output of nslookup on the linux box:
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.14#53
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.15#53
;; reply from unexpected source: 192.168.2.1#53, expected 66.23.193.202#53
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.14#53
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.15#53
;; reply from unexpected source: 192.168.2.1#53, expected 66.23.193.202#53
;; connection timed out; no servers could be reached
the /etc/resolv.conf files have the ISP DNS addresses in there, and nowhere do i state to use the IP of the 1184. the configuration of the 1184 has the ISP DNS addresses set properly. Do i need to configure the 1184 to forward those requests on port 53 on to the ISP?
|
From another post:
| Quote: | right now, 192.168.2.1 (the internal IP addy of thw 1184) is the only entry in the resolv.conf file, and this is the output of the nslookup -d2:
| Code: |
root@yankeesinthesouth:~ # nslookup -d2 130.207.202.91
main parsing 130.207.202.91
addlookup()
make_empty_lookup()
get_reverse(130.207.202.91)
looking up 91.202.207.130.in-addr.arpa.
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
setup_system()
got a nameserver line
make_server(192.168.2.1)
lock_lookup dighost.c:2540
success
start_lookup()
setup_lookup(0x81335a0)
resetting lookup counter.
cloning server list
clone_server_list()
make_server(192.168.2.1)
using root origin
recursive query
add_question()
starting to render the message
done rendering
create query 0x8155378 linked to lookup 0x81335a0
do_lookup()
send_udp(0x8155378)
bringup_timer()
have local timeout of 5
working on lookup 0x81335a0, query 0x8155378
get_address()
sockcount=1
recving with lookup=0x81335a0, query=0x8155378, sock=0x81564d0
recvcount=1
sending a request
unlock_lookup dighost.c:2542
lock_lookup dighost.c:1435
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup dighost.c:1444
recv_done()
lock_lookup dighost.c:2110
success
recvcount=0
lookup=0x81335a0, query=0x8155378
before parse starts
after parse
printmessage()
Server: 192.168.2.1
Address: 192.168.2.1#53
*** Can't find 91.202.207.130.in-addr.arpa.: No answer
still pending.
cancel_lookup()
check_if_done()
list empty
clear_query(0x8155378)
sockcount=0
check_next_lookup(0x81335a0)
try_clear_lookup(0x81335a0)
cleared
freeing server 0x8134f50 belonging to 0x81335a0
start_lookup()
check_if_done()
list empty
shutting down
dighost_shutdown()
unlock_lookup dighost.c:2449
done, and starting to shut down
cancel_all()
lock_lookup dighost.c:2556
success
unlock_lookup dighost.c:2586
destroy_libs()
freeing task
freeing taskmgr
lock_lookup dighost.c:2611
success
freeing global server 0x8134880
freeing commctx
freeing socketmgr
freeing timermgr
destroy DST lib
detach from entropy
unlock_lookup dighost.c:2659
|
Here is the output of the nslookup with the two nameservers from SF as well as the 192.168.2.1 entry:
| Code: |
root@yankeesinthesouth:~ # nslookup -d2 130.207.202.91
main parsing 130.207.202.91
addlookup()
make_empty_lookup()
get_reverse(130.207.202.91)
looking up 91.202.207.130.in-addr.arpa.
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
setup_system()
got a nameserver line
make_server(66.20.234.14)
got a nameserver line
make_server(66.20.234.15)
got a nameserver line
make_server(192.168.2.1)
lock_lookup dighost.c:2540
success
start_lookup()
setup_lookup(0x81335a0)
resetting lookup counter.
cloning server list
clone_server_list()
make_server(66.20.234.14)
make_server(66.20.234.15)
make_server(192.168.2.1)
using root origin
recursive query
add_question()
starting to render the message
done rendering
create query 0x81563d8 linked to lookup 0x81335a0
create query 0x81564e0 linked to lookup 0x81335a0
create query 0x81765f8 linked to lookup 0x81335a0
do_lookup()
send_udp(0x81563d8)
bringup_timer()
have local timeout of 1
working on lookup 0x81335a0, query 0x81563d8
get_address()
sockcount=1
recving with lookup=0x81335a0, query=0x81563d8, sock=0x8177750
recvcount=1
sending a request
unlock_lookup dighost.c:2542
lock_lookup dighost.c:1435
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup dighost.c:1444
recv_done()
lock_lookup dighost.c:2110
success
recvcount=0
lookup=0x81335a0, query=0x81563d8
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.14#53
unlock_lookup dighost.c:2221
connect_timeout()
lock_lookup dighost.c:1675
success
trying next server...
send_udp(0x81564e0)
bringup_timer()
have local timeout of 1
working on lookup 0x81335a0, query 0x81564e0
get_address()
sockcount=2
recving with lookup=0x81335a0, query=0x81564e0, sock=0x8177948
recvcount=2
sending a request
unlock_lookup dighost.c:1690
lock_lookup dighost.c:1435
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup dighost.c:1444
connect_timeout()
lock_lookup dighost.c:1675
success
trying next server...
send_udp(0x81765f8)
bringup_timer()
have local timeout of 5
working on lookup 0x81335a0, query 0x81765f8
get_address()
sockcount=3
recving with lookup=0x81335a0, query=0x81765f8, sock=0x8177aa8
recvcount=3
sending a request
unlock_lookup dighost.c:1690
lock_lookup dighost.c:1435
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup dighost.c:1444
recv_done()
lock_lookup dighost.c:2110
success
recvcount=2
lookup=0x81335a0, query=0x81564e0
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.15#53
unlock_lookup dighost.c:2221
recv_done()
lock_lookup dighost.c:2110
success
recvcount=2
lookup=0x81335a0, query=0x81765f8
before parse starts
after parse
printmessage()
Server: 192.168.2.1
Address: 192.168.2.1#53
*** Can't find 91.202.207.130.in-addr.arpa.: No answer
still pending.
cancel_lookup()
check_if_done()
list empty
check_if_done()
list empty
check_if_done()
list empty
clear_query(0x81765f8)
sockcount=2
check_next_lookup(0x81335a0)
still have a worker
unlock_lookup dighost.c:2449
recv_done()
lock_lookup dighost.c:2110
success
recvcount=1
lookup=0x81335a0, query=0x81563d8
no longer pending. Got operation canceled
clear_query(0x81563d8)
sockcount=1
check_next_lookup(0x81335a0)
still have a worker
unlock_lookup dighost.c:2133
recv_done()
lock_lookup dighost.c:2110
success
recvcount=0
lookup=0x81335a0, query=0x81564e0
no longer pending. Got operation canceled
clear_query(0x81564e0)
sockcount=0
check_next_lookup(0x81335a0)
try_clear_lookup(0x81335a0)
cleared
freeing server 0x8135780 belonging to 0x81335a0
freeing server 0x8135b98 belonging to 0x81335a0
freeing server 0x8135fb0 belonging to 0x81335a0
start_lookup()
check_if_done()
list empty
shutting down
dighost_shutdown()
unlock_lookup dighost.c:2133
done, and starting to shut down
cancel_all()
lock_lookup dighost.c:2556
success
unlock_lookup dighost.c:2586
destroy_libs()
freeing task
freeing taskmgr
lock_lookup dighost.c:2611
success
freeing global server 0x8134880
freeing global server 0x8134c98
freeing global server 0x81350b0
freeing commctx
freeing socketmgr
freeing timermgr
destroy DST lib
detach from entropy
unlock_lookup dighost.c:2659
|
|
And finally, confirmation that it's a "too many routers" issue:
| Quote: | As "mhelms23" said, this looks like another case of "too many routers".  The DNS proxy in the 1184's answering the queries, much to the annoyance of nslookup on the Linux box.
|
(all of these posts can be found here: http://forums.us.dell.com/supportforums/board/message?board.id=dim_network&message.id=21265&view=by_date_ascending&page=4, my username is gt4163a; first post is the fourth on the page.)
So, the purpose of all of this was to give you background on my DNS issue. I basically want to have reverse DNS properly functioning, and I'm wondering if just running BIND on my machine will take care of that. Also, as a secondary point, if running BIND will allow me to use my own machine as a relayhost for postfix (since it should, i'm guessing, have MX records stored and such). |
|
| Back to top |
|
|
neilhwatson
l33t
Joined: 06 Feb 2003
Posts: 719
Location: Canada
|
| Posted: Wed Apr 30, 2003 2:56 pm Post subject: |
|
|
What did you lookup with nslookup? You have private IPs (192.168.0.0) on your home network. Are you using SNAT properly?
_________________
The true guru is a teacher.
Neil Watson
Last edited by neilhwatson on Wed Apr 30, 2003 3:30 pm; edited 1 time in total |
|
| Back to top |
|
|
dmolavi
Apprentice
Joined: 24 Feb 2003
Posts: 153
Location: Washington Township, NJ
|
| Posted: Wed Apr 30, 2003 2:58 pm Post subject: |
|
|
i looked up my machine at work, that should come back as dmcndpc.gtri.gatech.edu.
SNAT? what's that? |
|
| Back to top |
|
|
neilhwatson
l33t
Joined: 06 Feb 2003
Posts: 719
Location: Canada
|
| Posted: Wed Apr 30, 2003 3:31 pm Post subject: |
|
|
You box is at home? You performed an nslookup form work? What was the exact command you used?
_________________
The true guru is a teacher.
Neil Watson |
|
| Back to top |
|
|
dmolavi
Apprentice
Joined: 24 Feb 2003
Posts: 153
Location: Washington Township, NJ
|
| Posted: Wed Apr 30, 2003 3:35 pm Post subject: |
|
|
the gentoo box is at home, i ssh'd in from work and did the nslookup, using nslookup -d2 130.207.202.91.
here's another, to the www.gatech.edu IP address (130.207.244.244):
| Code: | root@yankeesinthesouth:~ # nslookup -d2 130.207.244.244
main parsing 130.207.244.244
addlookup()
make_empty_lookup()
get_reverse(130.207.244.244)
looking up 244.244.207.130.in-addr.arpa.
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
setup_system()
got a nameserver line
make_server(192.168.2.1)
lock_lookup dighost.c:2540
success
start_lookup()
setup_lookup(0x81335a0)
resetting lookup counter.
cloning server list
clone_server_list()
make_server(192.168.2.1)
using root origin
recursive query
add_question()
starting to render the message
done rendering
create query 0x8155378 linked to lookup 0x81335a0
do_lookup()
send_udp(0x8155378)
bringup_timer()
have local timeout of 5
working on lookup 0x81335a0, query 0x8155378
get_address()
sockcount=1
recving with lookup=0x81335a0, query=0x8155378, sock=0x81564d0
recvcount=1
sending a request
unlock_lookup dighost.c:2542
lock_lookup dighost.c:1435
success
send_done()
sendcount=0
check_if_done()
list empty
unlock_lookup dighost.c:1444
recv_done()
lock_lookup dighost.c:2110
success
recvcount=0
lookup=0x81335a0, query=0x8155378
before parse starts
after parse
printmessage()
Server: 192.168.2.1
Address: 192.168.2.1#53
*** Can't find 244.244.207.130.in-addr.arpa.: No answer
still pending.
cancel_lookup()
check_if_done()
list empty
clear_query(0x8155378)
sockcount=0
check_next_lookup(0x81335a0)
try_clear_lookup(0x81335a0)
cleared
freeing server 0x8134f50 belonging to 0x81335a0
start_lookup()
check_if_done()
list empty
shutting down
dighost_shutdown()
unlock_lookup dighost.c:2449
done, and starting to shut down
cancel_all()
lock_lookup dighost.c:2556
success
unlock_lookup dighost.c:2586
destroy_libs()
freeing task
freeing taskmgr
lock_lookup dighost.c:2611
success
freeing global server 0x8134880
freeing commctx
freeing socketmgr
freeing timermgr
destroy DST lib
detach from entropy
unlock_lookup dighost.c:2659 |
|
|
| Back to top |
|
|
neilhwatson
l33t
Joined: 06 Feb 2003
Posts: 719
Location: Canada
|
| Posted: Wed Apr 30, 2003 3:48 pm Post subject: |
|
|
Try a different command:
| Code: | [nwatson@valetta ~]$nslookup 130.207.244.244
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 205.150.90.123
Address: 205.150.90.123#53
Non-authoritative answer:
244.244.207.130.in-addr.arpa name = gatech.edu.
Authoritative answers can be found from:
207.130.in-addr.arpa nameserver = gatech.edu.
207.130.in-addr.arpa nameserver = troll-gw.gatech.edu.
gatech.edu internet address = 130.207.244.244
troll-gw.gatech.edu internet address = 130.207.244.251
|
_________________
The true guru is a teacher.
Neil Watson |
|
| Back to top |
|
|
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Wed Apr 30, 2003 4:39 pm Post subject: Re: idiot's guide to BIND? |
|
|
| dmolavi wrote: | | is there a quick and dirty how-to on getting BIND 9 setup and configured? also, in a slightly unrelated issue, my main.cf file for postfix has the smtp server of my dsl provider as the relayhost. Will running a public DNS server on my box allow me to just use my own box as the relayhost? |
No it won't. Your mail server can run as a relay host without a local name server. Just use your ISP's name servers in you /etc/resolve.conf
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
dmolavi
Apprentice
Joined: 24 Feb 2003
Posts: 153
Location: Washington Township, NJ
|
| Posted: Wed Apr 30, 2003 5:29 pm Post subject: |
|
|
| Code: | root@yankeesinthesouth:~ # nslookup 130.207.244.244
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
Server: 192.168.2.1
Address: 192.168.2.1#53
*** Can't find 244.244.207.130.in-addr.arpa.: No answer |
right now, my /etc/resolv.conf just has:
| Code: | | nameserver 192.168.2.1 |
listed (the addition of the ISP DNS servers don't make a difference, see my earlier post above with all the quotes from the Dell Forums).
EDIT: Here's the result with /etc/resolv.conf as follows:
| Code: | nameserver 66.20.234.14
nameserver 66.20.234.15
nameserver 192.168.2.1 |
| Code: | root@yankeesinthesouth:/etc # nslookup 130.207.244.244
Note: nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead. Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.14#53
;; reply from unexpected source: 192.168.2.1#53, expected 66.20.234.15#53
Server: 192.168.2.1
Address: 192.168.2.1#53
*** Can't find 244.244.207.130.in-addr.arpa.: No answer |
|
|
| Back to top |
|
|
dmolavi
Apprentice
Joined: 24 Feb 2003
Posts: 153
Location: Washington Township, NJ
|
| Posted: Wed Apr 30, 2003 5:35 pm Post subject: Re: idiot's guide to BIND? |
|
|
| kashani wrote: |
No it won't. Your mail server can run as a relay host without a local name server. Just use your ISP's name servers in you /etc/resolve.conf
|
hmmm...and then in my postfix main.cf file, just specify "localhost" as the relayhost? will this rid me of my dependance on my ISP's smtp servers? |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
