HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   MyDNS rude awaking (http://www.howtoforge.com/forums/showthread.php?t=4151)

kaptk2 8th May 2006 19:11

MyDNS rude awaking
 
Ok I have been running myDNS for a couple of months now with no problems. However yesterday we had a server crash that was running MyDNS. It was not MyDNS fault a NIC went bad. That stopped DNS though since we have a slave DNS server running BIND I thought all was well. I had entered in Zone Transfers the approiate IP and since things were working great before switching to MyDNS I just assumed things were working. They were not.

Here are some of the error messages I am getting in the logs of the slave box.
Code:

transfer of 'example1.com/IN' from 192.168.1.122#53: failed while receiving responses: bad zone
transfer of 'example1.com/IN' from 192.168.1.122#53: end of transfer
zone example2.net/IN: refresh: unexpected rcode (REFUSED) from master 192.168.1.122#53
zone example3.com/IN: has no NS records
transfer of 'example3.com/IN' from 192.168.1.122#53: failed while receiving responses: bad zone
dumping master file: tmp-XXXXC4edYW: open: permission denied
transfer of 'example4.net/IN' from 192.168.1.122#53: failed while receiving responses: permission denied
transfer of 'example4.net/IN' from 192.168.1.122#53: end of transfer

Any ideas on how to fix this or what the heck is going on?

falko 8th May 2006 23:54

The secondary DNS is trying to get the zones from the primary, but this doesn't work because it's down.
Repair your primary DNS server and boot it, and these errors should go away.
For now, you can ignore them.

kaptk2 9th May 2006 00:11

The server is fixed and it is running DNS. The secondary server was never getting transfers. Do the transfers go over another port other than 53 with MyDNS? This is a weird one to me.

falko 9th May 2006 00:38

You must open port 53 TCP and UDP on your primary DNS. In /etc/mydns.conf, you must have
Code:

allow-axfr = yes

kaptk2 9th May 2006 01:06

Went back and double checked those things and everything looks great. Any other things that I should check?

falko 9th May 2006 17:39

It should work then... :confused: Did you restart MyDNS?

kaptk2 10th May 2006 01:11

Tried another restart of MyDNS nothing. Still getting a bad zone error.

falko 10th May 2006 15:38

What's in your /etc/mydns.conf?
What's the output of
Code:

iptables -L
on the primary?
Do you see any errors in the primary's logs related to your problem?

kaptk2 10th May 2006 20:24

Here is the output of mydns.conf.

Code:

[root@index ~]# cat /etc/mydns.conf
##
##  /etc/mydns.conf
##  Mon Mar  6 11:15:54 2006
##  For more information, see mydns.conf(5).
##


                                # DATABASE INFORMATION

db-host = localhost            # SQL server hostname
db-user = mydns                # SQL server username
db-password = password      # SQL server password
database = database            # MyDNS database name


                                # GENERAL OPTIONS

user = nobody                  # Run with the permissions of this user
group = nobody                  # Run with the permissions of this group
listen = 192.168.1.122        # Listen on these addresses ('*' for all)


                                # CACHE OPTIONS

zone-cache-size = 1024          # Maximum number of elements stored in the zone cache
zone-cache-expire = 60          # Number of seconds after which cached zones expires
reply-cache-size = 1024        # Maximum number of elements stored in the reply cache
reply-cache-expire = 30        # Number of seconds after which cached replies expire


                                # ESOTERICA

log = LOG_DAEMON                # Facility to use for program output (LOG_*/stdout/stderr)
pidfile = /var/run/mydns.pid    # Path to PID file
timeout = 120                  # Number of seconds after which queries time out
multicpu = 1                    # Number of CPUs installed on your system
allow-axfr = yes                # Should AXFR be enabled?
allow-tcp = yes                # Should TCP be enabled?
ignore-minimum = no            # Ignore minimum TTL for zone?
soa-table = soa                # Name of table containing SOA records
rr-table = rr                  # Name of table containing RR data

Here is the revlent part of iptables -L
Code:

ACCEPT    udp  --  anywhere            anywhere            udp dpt:domain
ACCEPT    tcp  --  anywhere            anywhere            tcp dpt:domain

The only thing I see is success on the primary machine. So I am not sure where the hangup is.

falko 10th May 2006 23:50

Can you try
Code:

listen = *
in /etc/mydns.conf and restart MyDNS?


All times are GMT +2. The time now is 14:45.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.