DNS and named.conf problem

Dear experts:
we have a web site, what can be browsed by its IP address. But user can't browse its web address. Perhaps, problem in DNS server. If users do NSLOOKUP, they get DNS time-out. I've enclosed script of named.conf as follows:

//
// named.conf for Red Hat caching-nameserver
//

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         // query-source address * port 53;
};

//
// a caching only nameserver config
//
controls {
        inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "example.com" IN {
        type master;
        file "/var/named/example.com.zone";
};

zone "196.112.203.in-addr.arpa" IN {
        type master;
        file "/var/named/196.112.203.in-addr.arp.rev";
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

include "/etc/rndc.key";
raju1Asked:
Who is Participating?
 
shauncroucherCommented:
It seems to me that there is no zone file for the domain if you are running this on your RHEL server.

What do you have at the parent server, what NS record is being advertised there?

I would suggest you try http://www.intodns.com to see if this highlights the issue for you.

You need to have a delegation for your domain name in one of the TLD (top level domain) servers, which will point to your namservers, you then need to make sure your nameservers are configured as authoritative for your domain.

If you are running the nslookup command from the DNS that is supposed to be authoritative for the domain, and it is coming up as SERVFAIL, that indicates to me a problem with the zonefile, or config as it isn't responding with any results.

Shaun
0
 
shauncroucherCommented:
This seems to suggest it is a caching only nameserver configuration. It is not responsible for a zone file.

Do you have nameserver records configured for your domian?

If you drop to shell, and type:

nslookup -q=ns yourdomain.com

This will tell you where (if any) are your nameservers.

If your server DOES provide nameserver role, then you need to have this in named.conf and have an associated zone file.

See herre:

zone "example.com" IN {
        type master;
        file "/var/named/example.com.zone";
};

This needs to be filled in with your domain, and the zone file created.

Shaun
0
 
raju1Author Commented:
nslookup -q=ns yourdomain.com

Where do I have to type the above command either in DNS server or in client?

I have run the command on DNS server and I've got the following result:

Server:         .112.196.203 ( a real IP)
Address:        .112.196.203#53
** server can't find yourdomain.com: SERVFAIL


I have run the command on Client and I've got the following result:

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
Jan SpringerCommented:
First, check the authoritative NS servers listed at the registrar.

Do a dig against those servers:
 
   dig domain.com @server_ip ns
   dig www.domain.com @server_IP

Do digs against your server:

   dig www.domain.com @your_server_ip
   dig www.domain.com @your_server_ip +trace

Don't use nslookup.  It doesn't provide sufficient information.

Post the results of the digs.  It's helpful to use real domain names if you need outside troubleshooting assistance.

If your server is not authoritative for the zone in question (and any other zones), a caching only name server is fine.
0
 
raju1Author Commented:
Thanks to all. Yes Shaun. I've got problem in zone file.

Basically the zone file has no content. Somehow, it was happened. Furthermore, named.local also doesn't have any content.
0
 
shauncroucherCommented:
So do you need any more help or have you resolved this now?

Shaun
0
 
raju1Author Commented:
There is problem in HDD. The zone file has no content. I want to write into it, but it could not be saved. There are lot of strange because of HDD. Anyhow, when it is saved, but after restarting, the server can't start up.
0
 
shauncroucherCommented:
Your server is not booting?
What do you see on the screen? Do you have a backup?

Shaun
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.