RedHat DNS setup problems

Hi.

I'm trying to setup a DNS server in an intranet and I'm having some problems.
Here's what I have :

# cat /etc/resolv.conf
search wsn50.com
nameserver 127.0.0.1
nameserver 172.30.2.85

# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
172.30.2.85             ns1.wsn50.com ns1


# cat /etc/named.conf
// generated by named-bootconf.pl
 
options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};
 
//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "wsn50.com" IN {
        type master;
        file "wsn50.com.zone";
        allow-update { none; };
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
 
include "/etc/rndc.key";

*** The domain I want to use is wsn50.com, like I said, its behind a corporate firewall, on a vlan.  

# ls /var/named
localhost.zone  named.ca  named.local    root.hints  wsn50.com.zone

# more wsn50.com.zone
$TTL    86400
$ORIGIN wsn50.com
@       IN      SOA    ns1.wsn50.com. admin.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
 
                IN      NS              ns1.wsn50.com.
                IN      MX      10      mail.wsn50.com.
                IN      A               172.30.2.85
 
ns1            IN      A               172.30.2.85
mail            IN      A               172.30.2.85
test            IN      A               172.30.2.71

# cat /etc/network
NETWORKING=yes
HOSTNAME=ns1
NISDOMAIN=wsn50.com

*** ns1 is supposed to be my DNS machine.  When I run the "dig" command this is what I have... its like its not reading my wsn50.com.zone file... and is just looking at the localhost file.


# dig -x 127.0.0.1
 
; <<>> DiG 9.2.2 <<>> -x 127.0.0.1
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12459
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
 
;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa.                IN      PTR
 
;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 86400   IN      PTR     localhost.
 
;; AUTHORITY SECTION:
0.0.127.in-addr.arpa.   86400   IN      NS      localhost.
 
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 28 15:42:45 2005
;; MSG SIZE  rcvd: 77
 
# dig -x 172.30.2.85
 
; <<>> DiG 9.2.2 <<>> -x 172.30.2.85
;; global options:  printcmd
;; connection timed out; no servers could be reached

Also, when I do a dig from outside my vlan, on the corporate network I get this :

dig -x 172.30.2.85
 
; <<>> DiG 9.2.4 <<>> -x 172.30.2.85
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4226
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
 
;; QUESTION SECTION:
;85.2.30.172.in-addr.arpa.      IN      PTR
 
;; AUTHORITY SECTION:
2.30.172.in-addr.arpa.  9157    IN      SOA     swdns2.sw.xxx.com. dns-admin.gis.xxx.com. 17983 10800 3600 604800 86400
 
;; Query time: 22 msec
;; SERVER: 1n2.133.1.2#53(1n2.133.1.2)    <--- this here is our primary DNS!!  
;; WHEN: Tue Jun 28 13:25:35 2005
;; MSG SIZE  rcvd: 113

My other question is, is this DNS on swdns2.sw.xxx.com interfering with the DNS on my vlan ... swdns2.sw.xxx.com is in another country, but it is connected to the corporate intranet.  Any way this may be causing problems with me setting up wsn50.com ??

I've been using these 2 guides as reference and I'm pretty confused.
http://www.xenocafe.com/tutorials/dns_linux/redhat/dns_linux_redhat-part2.php
http://www.tldp.org/HOWTO/DNS-HOWTO-5.html

LVL 1
ROCK1972Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ROCK1972Author Commented:
Additional :

Jun 28 16:28:51 ns1 named[2815]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun 28 16:28:51 ns1 named[2815]: dns_master_load: wsn50.com.zone:12: wsn50.com.wsn50.com: not at top of zone
Jun 28 16:28:51 ns1 named[2815]: zone wsn50.com/IN: loading master file wsn50.com.zone: not at top of zone
Jun 28 16:28:51 ns1 named[2815]: zone localhost/IN: loaded serial 42

What does "not at top of zone" mean?  

Can it be possible the the 1n2.133.1.2 is interferring with my ns1.wsn50.com zone ?
How can I put it at top of zone :\
ROCK1972Author Commented:
Additional.  I have created a file : 172.30.2.0 for the reverse lookup with the following details :

# ls
172.30.2.0  localhost.zone  named.ca  named.local  named.local.bak  root.hints  wsn50.com.zone
[root@ns1 named]# more 172.30.2.0
$TTL    86400
@       IN      SOA     ns1.wsn50.com. root.ns1.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS      ns1.wsn50.com.
 
#1       IN      PTR     localhost.

Also I have added it to /etc/named.conf

# more /etc/named.conf
// generated by named-bootconf.pl
 
options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};
 
//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};
 
zone "wsn50.com" IN {
        type master;
        file "wsn50.com.zone";
};
 
zone "2.30.172.in-addr-arpa" {
        type master;
        file "172.30.2.0";
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
 
include "/etc/rndc.key";

Now when I restart named, I get the following messages :::

Jun 28 16:46:06 ns1 named[2853]: starting BIND 9.2.2 -u named
Jun 28 16:46:06 ns1 named[2853]: using 1 CPU
Jun 28 16:46:06 ns1 named[2853]: loading configuration from '/etc/named.conf'
Jun 28 16:46:06 ns1 named[2853]: no IPv6 interfaces found
Jun 28 16:46:06 ns1 named[2853]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 28 16:46:06 ns1 named[2853]: listening on IPv4 interface eth0, 172.30.2.85#53
Jun 28 16:46:06 ns1 named[2853]: command channel listening on 127.0.0.1#953
Jun 28 16:46:06 ns1 named[2853]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun 28 16:46:06 ns1 named[2853]: dns_master_load: wsn50.com.zone:12: wsn50.com.wsn50.com: not at top of zone
Jun 28 16:46:06 ns1 named[2853]: zone wsn50.com/IN: loading master file wsn50.com.zone: not at top of zone
Jun 28 16:46:06 ns1 named[2853]: zone 2.30.172.in-addr-arpa/IN: loaded serial 1997022700
Jun 28 16:46:06 ns1 named[2853]: zone localhost/IN: loaded serial 42
Jun 28 16:46:06 ns1 named[2853]: running
Jun 28 16:46:06 ns1 named: named startup succeeded

I "think" I got everything correctly configured, but it looks like the dns_master_load notices that there's an existing DNS already at the top of intranet >> 1n2.133.1.2 (?)

ROCK1972Author Commented:
Looks like its listening ...

tcp        0      0 ns1.wsn50.com:domain    *:*                     LISTEN
tcp        0      0 localhost.locald:domain *:*                     LISTEN

OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Gabriel OrozcoSolution ArchitectCommented:
what happened is you never setup reverse dns.

you need to setup a zone for the ip range in order to be able to do reverse dns of a zone.
let me post an example.

zone "2.30.172.in-addr.arpa" {
        type master;
        file "172.30.2";
};

and in /var/named you need to have a file with name "172.30.2"

with contents:

$TTL 3D
@       IN      SOA    ns1.wsn50.com. admin.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
               IN      NS              ns1.wsn50.com.
71                     PTR     test.wsn50.com.
85                     PTR     mail.wsn50.com.
85                     PTR     ns1.wsn50.com.

-----------------
add them and now you will be able to do reverse dns

hope that helps
ravenplCommented:
> ;; connection timed out; no servers could be reached
Are You sure there's no firewall issue, or vlan routing ?
Maybe Your bind is simply denied to make queries to the internet?
Maybe uncommenting
query-source address * port 53;
will help.
Gabriel OrozcoSolution ArchitectCommented:
yes, I forgot to mention this:

# cat /etc/resolv.conf
search wsn50.com
nameserver 127.0.0.1
nameserver 172.30.2.85


if you have two nameservers, your linux will use them asking to the first, then asking to the second, then to the first, and so on. it will rotate the query.

left it as this:
# cat /etc/resolv.conf
search wsn50.com
nameserver 127.0.0.1
ravenplCommented:
The above is untrue.
unless You don't specify in Your resolv.conf

options rotate

then resolver asks always first nameserver specified, if it times out, then second etc.
Gabriel OrozcoSolution ArchitectCommented:
ups
sorry.
need to read the man
ROCK1972Author Commented:
Redimido/ravenpl.  First, thanks for your help and suggestions. My DNS is still not working.

I already had a reverse lookup file there, but I noticed my mistakes with your example.  I did the changes you suggested in the file "172.30.2".  

No firewall is running :
# ./iptables status
Firewall is stopped.

What do you mean by vlan routing!?  This is what I have ::
# netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.30.2.64     0.0.0.0         255.255.255.224 U         0 0          0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0 lo
0.0.0.0         172.30.2.65     0.0.0.0         UG        0 0          0 eth0

Jun 29 16:11:52 ns1 named[3560]: listening on IPv4 interface eth0, 172.30.2.85#53
Jun 29 16:11:52 ns1 named[3560]: command channel listening on 127.0.0.1#953
Jun 29 16:11:52 ns1 named[3560]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jun 29 16:11:52 ns1 named[3560]: dns_master_load: wsn50.com.zone:12: wsn50.com.wsn50.com: not at top of zone
Jun 29 16:11:52 ns1 named[3560]: zone wsn50.com/IN: loading master file wsn50.com.zone: not at top of zone
Jun 29 16:11:52 ns1 named[3560]: zone 2.30.172.in-addr-arpa/IN: loaded serial 1997022700
Jun 29 16:11:52 ns1 named[3560]: zone localhost/IN: loaded serial 42
Jun 29 16:11:52 ns1 named[3560]: running
Jun 29 16:11:52 ns1 named: named startup succeeded

Same error messages.  

Bind looks like its listening :::
tcp        0      0 ns1.wsn50.com:domain    *:*                     LISTEN
tcp        0      0 localhost.locald:domain *:*                     LISTEN

Am I supposed to see something else besides this message?  

The process is running :
# ps -ef | grep named
named     3560     1  0 16:11 ?        00:00:00 /usr/sbin/named -u named


When I do a dig, on both localhost and the IP, I get the same error:

# dig -x 172.0.0.1
; <<>> DiG 9.2.2 <<>> -x 172.0.0.1
;; global options:  printcmd
;; connection timed out; no servers could be reached

[root@ns1 init.d]# dig -x 172.30.2.85
; <<>> DiG 9.2.2 <<>> -x 172.30.2.85
;; global options:  printcmd
;; connection timed out; no servers could be reached

Any suggestions what I do here!?   What commands can I use to check if the DNS is working properly, or see what are the errors ...

Again...  Here are my 3 files ::::  Please take a look see if its correct :::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# cat /etc/named.conf
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
// generated by named-bootconf.pl
 
options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};
 
//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};
 
zone "wsn50.com" IN {
        type master;
        file "wsn50.com.zone";
};
 
zone "2.30.172.in-addr-arpa" {
        type master;
        file "172.30.2";
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
 
include "/etc/rndc.key";


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# cat /var/named/172.30.2
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

; Reverse mapping of domain names 2.30.172.in-addr-arpa
$TTL    86400
@       IN      SOA     ns1.wsn50.com. hostmaster.ns1.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS      ns1.wsn50.com.
 
85              PTR             ns1.wsn50.com.
85              PTR             mail.wsn50.com.
71              PTR             test.wsn50.com.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# cat /var/named/wsn50.com.zone
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

$TTL    86400
$ORIGIN wsn50.com
@       IN      SOA    ns1.wsn50.com. hostmaster.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
 
                IN      NS              ns1.wsn50.com.
                IN      MX      10      mail.wsn50.com.
                IN      A               172.30.2.85
 
ns1             IN      A               172.30.2.85
mail            IN      A               172.30.2.85
test             IN      A               172.30.2.71

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
END OF LOGS
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Do you need anything else besides these 3 files!?!

ravenplCommented:
And could You try:
dig @127.0.0.1 -x 172.30.2.85
dig @ns1.wsn50.com -x 172.30.2.85
any help ?
ROCK1972Author Commented:
[root@ns1 root]# dig @127.0.0.1 -x 172.30.2.85
 
; <<>> DiG 9.2.2 <<>> @127.0.0.1 -x 172.30.2.85
;; global options:  printcmd
;; connection timed out; no servers could be reached
[root@ns1 root]# dig @ns1.wsn50.com -x 172.30.2.85
 
; <<>> DiG 9.2.2 <<>> @ns1.wsn50.com -x 172.30.2.85
;; global options:  printcmd
;; connection timed out; no servers could be reached


No cigar.  I'll try a few more things on my end.  I noticed that initially when I was setting up the DNS using the local host file, it was working when I was running 'dig'.  Its only when I created wsn50 that its not answering to dig :\  
ROCK1972Author Commented:
Ok. When I disable wsn50.com from /etc/named.conf, and restard named it looks like its replying...  
Weird.  

# dig -x 127.0.0.1
 
; <<>> DiG 9.2.2 <<>> -x 127.0.0.1
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52478
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
 
;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa.                IN      PTR
 
;; ANSWER SECTION:
1.0.0.127.in-addr.arpa. 86400   IN      PTR     localhost.
 
;; AUTHORITY SECTION:
0.0.127.in-addr.arpa.   86400   IN      NS      localhost.
 
;; ADDITIONAL SECTION:
localhost.              86400   IN      A       127.0.0.1
 
;; Query time: 1 msec
;; SERVER: 172.30.2.85#53(172.30.2.85)
;; WHEN: Thu Jun 30 14:01:03 2005
;; MSG SIZE  rcvd: 93
ROCK1972Author Commented:
Ok. It looks better.  This is what I did.   I copied the contents of /var/named/172.30.2 and /var/named/wsn50.com.zone to /var/named/localhost.zone and /var/named/named.local  .  on ns1, when I run :

# dig -x 127.0.0.1
 
; <<>> DiG 9.2.2 <<>> -x 127.0.0.1
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19692
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
 
;; QUESTION SECTION:
;1.0.0.127.in-addr.arpa.                IN      PTR
 
;; AUTHORITY SECTION:
0.0.127.in-addr.arpa.   86400   IN      SOA     ns1.wsn50.com. hostmaster.ns1.wsn50.com. 1997022700 28800 14400 3600000 86400
 
;; Query time: 0 msec
;; SERVER: 172.30.2.85#53(172.30.2.85)
;; WHEN: Thu Jun 30 14:51:41 2005
;; MSG SIZE  rcvd: 100

I get a response.  

Now, when I connect to test.wsn50.com (172.30.2.71) and run :

[root@test /root]# dig -x 127.0.0.1
 
; <<>> DiG 8.2 <<>> -x
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;      1.0.0.127.in-addr.arpa, type = ANY, class = IN
 
;; AUTHORITY SECTION:
0.0.127.in-addr.arpa.   1D IN SOA       ns1.wsn50.com. hostmaster.ns1.wsn50.com. (
                                        1997022700      ; serial
                                        8H              ; refresh
                                        4H              ; retry
                                        5w6d16h         ; expiry
                                        1D )            ; minimum
 
 
;; Total query time: 2 msec
;; FROM: test to SERVER: default -- 172.30.2.85
;; WHEN: Thu Jun 30 09:07:42 2005
;; MSG SIZE  sent: 40  rcvd: 100

I also get a response.  But when ping ns1, I get no answer. Its only when I put the full address of ns1 in /etc/hosts, then it pings .  

# cat /etc/hosts
127.0.0.1       localhost.localdomain   localhost test
172.30.2.85     ns1.wsn50.com ns1

What am I missing here?  

# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME="test"
GATEWAY="172.30.2.65"
GATEWAYDEV="eth0"
FORWARD_IPV4="no"

I'm using RedHat 6.2 on the test machine.  
Gabriel OrozcoSolution ArchitectCommented:
no. that's not your error.
let me explain. you need to read the error message. normally the answer is there in front of your eyes somehow.

I see this message when you start named:
Jun 29 16:11:52 ns1 named[3560]: dns_master_load: wsn50.com.zone:12: wsn50.com.wsn50.com: not at top of zone
Jun 29 16:11:52 ns1 named[3560]: zone wsn50.com/IN: loading master file wsn50.com.zone: not at top of zone

"not at top of zone"
so the problem is in your zone file =)

Also in your previous post, you really weren't receiving an answer. In fact,  dig was telling you it cannot find one. see:
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

see the record ANSWER? yes, 1 query, but answers 0. it can tell you which ip is the authority for your query altough, but you didn't receive an answer.


now, let's see what can be the error.
(but first, restore back the two zone files you edited, var/named/localhost.zone and /var/named/named.local because they are needed.

now, if you want to know where is the real error with a zone file, you need to use the tools provided with the bind name server.

I used the tool named-checkzone (which I told you aready to use) and this is what I get copying your zone file:

root@obelix:/var/named# named-checkzone wsn50.com wsn50.com.zone
wsn50.com.zone:3: SOA record not at top of zone (wsn50.com.wsn50.com)
zone wsn50.com/IN: loading master file wsn50.com.zone: not at top of zone

see? the error is the zone file. now, where in the zone file? let's see the error message... gotcha! is in the SOA record. it says something like wsn50.com.wsn50.com, so it has to do with a point somewhere because named is adding the domain afther the string.. let's see in my copy of your file...

ok. I saw this:
$ORIGIN wsn50.com
I added a final point:
$ORIGIN wsn50.com.

Save, run again the zone check tool, and I get this:
root@obelix:/var/named# named-checkzone wsn50.com wsn50.com.zone
zone wsn50.com/IN: loaded serial 1997022700
OK

okay!

so, I think we have this part of the problem solved. I think that's all, but you need to get last changes back and then correct your zone file, and try again.

please let us know.

Saludos

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ROCK1972Author Commented:
Redimido.

Did the changes, and it looks like itd loading now :

Jul  4 11:02:01 ns1 named[10102]: starting BIND 9.2.2 -u named
Jul  4 11:02:01 ns1 named[10102]: using 1 CPU
Jul  4 11:02:01 ns1 named[10102]: loading configuration from '/etc/named.conf'
Jul  4 11:02:01 ns1 named[10102]: no IPv6 interfaces found
Jul  4 11:02:01 ns1 named[10102]: listening on IPv4 interface lo, 127.0.0.1#53
Jul  4 11:02:01 ns1 named[10102]: listening on IPv4 interface eth0, 172.30.2.85#53
Jul  4 11:02:01 ns1 named[10102]: command channel listening on 127.0.0.1#953
Jul  4 11:02:01 ns1 named[10102]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:3: ignoring out-of-zone data (wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:14: ignoring out-of-zone data (ns1.wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:15: ignoring out-of-zone data (mail.wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:16: ignoring out-of-zone data (test.wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: zone localhost/IN: could not find NS and/or SOA records
Jul  4 11:02:01 ns1 named[10102]: zone localhost/IN: has 0 SOA records
Jul  4 11:02:01 ns1 named: named startup succeeded

When I run the named-checkzone command :

# named-checkzone wsn50.com localhost.zone
zone wsn50.com/IN: loaded serial 1997022700
OK

What's this "ignoring out-of-zone data" message?!   Is that relevant in any way!?  I want to give you the points, this has been dragging on for a long time now and it looks like my DNS is working better than before.  If you can answer my question though, that would be awesome.  Thanks for all your help with this.
Gabriel OrozcoSolution ArchitectCommented:
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:3: ignoring out-of-zone data (wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:14: ignoring out-of-zone data (ns1.wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:15: ignoring out-of-zone data (mail.wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: dns_master_load: localhost.zone:16: ignoring out-of-zone data (test.wsn50.com)
Jul  4 11:02:01 ns1 named[10102]: zone localhost/IN: could not find NS and/or SOA records
Jul  4 11:02:01 ns1 named[10102]: zone localhost/IN: has 0 SOA records

all this is because you edited your two files and now they are damaged.
I hope you to backed them up before doing anything. if yes, then just restore from your backup.

if not, well, then post them here and we'll try to help you to get them back to normal

ROCK1972Author Commented:
I just added that '.' at the end of wsn50.com.
I didn't change anything in the localhost.zone and
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# cat /var/named/localhost.zone
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

$TTL    86400
$ORIGIN wsn50.com.
@       IN      SOA    ns1.wsn50.com. hostmaster.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
                                                                                                                                                       
                IN      NS              ns1.wsn50.com.
                IN      MX      10      mail.wsn50.com.
                IN      A               172.30.2.85
                                                                                                                                                       
ns1             IN      A               172.30.2.85
mail            IN      A               172.30.2.85
test             IN      A               172.30.2.71


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# cat /var/named/named.local
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
; Reverse mapping of domain names 2.30.172.in-addr-arpa
$TTL    86400
@       IN      SOA     ns1.wsn50.com. hostmaster.ns1.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS      ns1.wsn50.com.
 
85              PTR             ns1.wsn50.com.
85              PTR             mail.wsn50.com.
71              PTR             lmclx108212.wsn50.com.

ROCK1972Author Commented:
Oops , that last line should read:

71              PTR             test.wsn50.com.
Gabriel OrozcoSolution ArchitectCommented:
well, thats your error. localhost zone is different than wsn50.com zone, but you edited it. you should left it as it come as it should not be modified if there is no clear purpose to do that.

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};


your zone file should read like this:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
# cat /var/named/localhost.zone
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
@       IN      SOA    ns1.wsn50.com. hostmaster.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
                                                                                                                                                       
                IN      NS          ns1.
                IN      A            127.0.0.1
ns1             IN      A          127.0.0.1
ROCK1972Author Commented:
There is no wsn50.com.zone file.  I commented it out from /etc/named.conf  .  Im using the localhost.zone and named.local *only*.
I'm having a haard time understanding this DNS concept, and if you need BOTH the localhost file and the one for your private zone like wsn50.com.zone .  Remember, my wsn50.com.zone wasn't being read for some reason :\ so I used the localhost and put my wsn50 data in there.  
ROCK1972Author Commented:
Redimido.

Would you be able to give me an example of all files that are needed to have this working?    I'm talking about all of the files needed, with the correct parameter and what not you have

From what I read on all the guides and HOW-TO's, you need to have the following :

1. /etc/resolve with the correct parameter
In my case this is what I have :
[root@ns1 named]# more /etc/resolv.conf
; generated by /sbin/dhclient-script
search wsn50.com
#nameserver 127.0.0.1
nameserver 172.30.2.85

2. /etc/named.conf
[root@ns1 named]# more /etc/named.conf
// generated by named-bootconf.pl
 
options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};
 
//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};
 
#zone "wsn50.com" IN {
#       type master;
#       file "wsn50.com.zone";
#};
 
#zone "2.30.172.in-addr-arpa" {
#       type master;
#       file "172.30.2";
#};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};
 
include "/etc/rndc.key";


3. And our 2 files in /var/named :
localhost.zone and named.local

And that's what I got :
[root@ns1 named]# more localhost.zone
$TTL    86400
$ORIGIN wsn50.com.
@       IN      SOA    ns1.wsn50.com. hostmaster.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
 
                IN      NS              ns1.
                IN      A               127.0.0.1
ns1             IN      A               127.0.0.1

# more named.local
; Reverse mapping of domain names 2.30.172.in-addr-arpa
$TTL    86400
@       IN      SOA     ns1.wsn50.com. hostmaster.ns1.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
              IN      NS      ns1.wsn50.com.
 
85              PTR             ns1.wsn50.com.
85              PTR             mail.wsn50.com.
71              PTR             test.wsn50.com.

ROCK1972Author Commented:
BTW, if you want me to open another case  in case you want more points let me know.
Gabriel OrozcoSolution ArchitectCommented:
sorry for the delay

let's see

1. /etc/resolv.conf:  you cannot get your ip via dhcp. your ip should be static, so disable dhclient.
------------------------
search wsn50.com
nameserver 127.0.0.1
------------------------

2. /etc/named.conf
------------------------
options {
        directory "/var/named";
        query-source address * port 53;
};
 
//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

include "/etc/rndc.key";

zone "." IN {
        type hint;
        file "named.ca";
};
 
zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};
 
zone "wsn50.com" IN {
       type master;
       file "wsn50.com.zone";
};
 
zone "2.30.172.in-addr-arpa" {
       type master;
       file "172.30.2";
};
 
zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "127.0.0.zone";
        allow-update { none; };
};
------------------------

File: localhost.zone
------------------------
$TTL 604800     ; 3 days
@                       IN SOA  ns1.wsn50.com. hostmaster.wsn50.com.  (
                                1          ; serial
                                3W         ; refresh
                                7W         ; retry
                                9W         ; expire
                                1D         ; minimum (1 day)
                                )
;
                        NS      ns.
                        A       127.0.0.1
ns                      A       127.0.0.1
------------------------

File named.ca
------------------------
.                        3600000  IN  NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
.                        3600000      NS    B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
.                        3600000      NS    C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
.                        3600000      NS    D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90
.                        3600000      NS    E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
.                        3600000      NS    F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
.                        3600000      NS    G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
.                        3600000      NS    H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
.                        3600000      NS    I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
.                        3600000      NS    J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
.                        3600000      NS    K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
.                        3600000      NS    L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET.      3600000      A     198.32.64.12
.                        3600000      NS    M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
------------------------

File wsn50.com.zone
------------------------
$ORIGIN .
$TTL 259200     ; 3 days
@       IN      SOA    ns1.wsn50.com. hostmaster.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
;
                NS              ns1.wsn50.com.
                A               172.30.2.85
                MX              10 mail.wsn50.com.
 $ORIGIN wsn50.com.
ns1             IN      A               172.30.2.85
mail            IN      A               172.30.2.85
test             IN      A               172.30.2.71
------------------------

File 172.30.2
------------------------
$TTL 3D
 2.30.172.in-addr-arpa   IN   SOA   2.30.172.in-addr-arpa. hostmaster.wsn50.com.  (
                                      1997022700 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      3600000    ; Expire
                                      86400 )    ; Minimum
                       NS              ns1.wsn50.com.
71                     PTR     test.wsn50.com.
85                     PTR     mail.wsn50.com.
------------------------

File 127.0.0.zone
------------------------
$TTL 3D
@               IN      SOA     ns1.wsn50.com. hostmaster.wsn50.com.  (
                                1       ; Serial
                                8H      ; Refresh
                                2H      ; Retry
                                4W      ; Expire
                                1D)     ; Minimum TTL
                        NS      ns1.wsn50.com.
1                       PTR     localhost.
------------------------

Hope this helps.
I would continue on a new question as this question is already answered and the latest is a new question.
maybe it can be "points for..." hehehe

Regards
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Networking

From novice to tech pro — start learning today.