Solved

BIND : Ping Failed when i ping my CentOS Server

Posted on 2011-02-19
16
869 Views
Last Modified: 2012-05-11
when i reboot the server i couldn't ping linux.local

here is my linux.local file config


$TTL    1H
@               IN      SOA    ns1.linux.local.      root (
                        2009091114 ; serial
                        1H ; refresh
                        15M ; retry
                        4W ; expire
                        1H ; Negative caching TTL of 1 hour
                        )
; Name servers
                 IN      NS      ns1.linux.local.
ns1              IN      A       10.10.10.100
www              IN      A       10.10.10.100
ftp              IN      A       10.10.10.100
linux.local      IN      A       10.10.10.100


Any idea?

screenshot.JPG
0
Comment
Question by:david875
  • 9
  • 6
16 Comments
 
LVL 6

Expert Comment

by:_iskywalker_
ID: 34935057
not in the windows host files? not in the dns serve?!
0
 

Author Comment

by:david875
ID: 34935066
hold on but what you mean, i didn't understand what you said, forgive me
0
 
LVL 76

Expert Comment

by:arnold
ID: 34936230
run the following command on your centos box and it will be clear why you have an issue.
dig @localhost axfr linux.local

pay attention to the linux.local (unterminated line)
replace the linux.local with @ or add a period at the end of the linux.local. IN A line and update the serial number to correct the issue.
0
 

Author Comment

by:david875
ID: 34937582
It didnt work with what you said, i tried to replace linux.local with an "@" and nthing, i tried also to add a dot "." after linux.local. but nothing, here is what your command gives:

[linux.local named]# dig @localhost axfr linux.local

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @localhost axfr linux.local
; (1 server found)
;; global options:  printcmd
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
linux.local.            3600    IN      NS      ns1.linux.local.
ftp.linux.local.        3600    IN      A       10.10.10.100
linux.local.linux.local. 3600   IN      A       10.10.10.100
ns1.linux.local.        3600    IN      A       10.10.10.100
www.linux.local.        3600    IN      A       10.10.10.100
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 20 15:35:10 2011
;; XFR size: 7 records (messages 1)

[linux.local named]#
0
 
LVL 76

Expert Comment

by:arnold
ID: 34937761
Did you update the serial number? Did you issue rndc reload linux.local (to have bind reload the zone)
0
 

Author Comment

by:david875
ID: 34937840
no i didn't, i don't have rndc in my config files in /var/named

How to do all this?

I just discovered a funny thing, i started the samba server and i can ping linux.local again but i tried 1 thing, i stopped samba and i can still ping, that's strange , in addition i deleted the line that has

linux.local IN A 10.10.10.100 and saved the config, restarted named, then no ping, but now i see that i can ping, this will make me crazy
0
 
LVL 76

Expert Comment

by:arnold
ID: 34937889
Note that your TTL the number between the left most record and the IN directive is 3600.  This is how long the record is kept on any one system.
so you ping linux.local that fails the negative response is cached on the system.
You then update the record and reload named. While the server now has a new set of information, the system that has a negative cache will not check with the server until the time runs out.

To setup RNDC you need to run /usr/sbin/rndc-confgen
You then copy the output as directed. one portion into /etc/rndc.cong and one portion into the top of the /etc/named.conf file.  You would once again need to restart named /etc/init.d/named restart.
rndc reconfig deals if you are adding a zone and do not want the whole named to restart
rndc reload tells named to reload all information
rndc reload zonename tells named that zonename has changed and it should be reprocessed.

0
 

Author Comment

by:david875
ID: 34937938
thank you for the useful information @arnold, you're doing a  great effort with me :)

I configured now rndc and everything is OK

I must tell you something, i'm not experienced with BIND, i'm doing my first experiences with it, you said TTL mustbe 3600? in config all TTL are 3600 so what should i do?

0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 76

Expert Comment

by:arnold
ID: 34937972
It is not an issue of what you should do it was just a statement that your current zone config has the setting for the TTL at 3600 (seconds)
The issue is as follows. if you set the TTL low changes within the zone will propagate quicker.
However, the tradeoff is that your DNS server will see many more requests.
i.e. your TTL is 3600 which means the same system that looks up any record will not lookup the same record for 3600 seconds and this is the maximum length of time this system will have to wait to see an update you make to the same record. At 3600 seconds, the maximum number of queries the server will see from this system for this record is 24.
If you lower the TTL to 90 seconds. When you make a change in the zone, it will take 90 seconds for it to be seen, but your server will see a max of 960 queries from this system for this record.
Usually, a higher TTL is better, but if you are planning on making a change, you should lower the TTL a day before such that when the change is made it propagates at a quicker pace and then you can increase it again to limit the number of queries that are generated against your server.(network traffic that might not be necessary)

0
 

Author Comment

by:david875
ID: 34938008
ok so this is why the ping fail against linux.local? the strange thing is that i can ping ns1.linux.local or www.linux.local from the first time without any problem
0
 

Author Comment

by:david875
ID: 34938020
and i think that the Negative caching TTL of 1 hour is much time, maybe i should lower it to 90 seconds as you said, what do you think?
0
 

Author Comment

by:david875
ID: 34938026
just to understand 1 thing and sorry to post many questions because they come time after time, if i can't ping linux.local the system will wait 1 H to update and see that ping again?
0
 
LVL 76

Expert Comment

by:arnold
ID: 34938131
The negative caching only deals with a record that could not be looked up.
could you post the new info
dig @localhost axfr linux.local
as well as the contents of the linux.local zone.
0
 

Author Comment

by:david875
ID: 34938171
[linux.local ~]# dig @localhost axfr linux.local

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @localhost axfr linux.local
; (1 server found)
;; global options:  printcmd
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
linux.local.            3600    IN      NS      ns1.linux.local.
ftp.linux.local.        3600    IN      A       10.10.10.100
ns1.linux.local.        3600    IN      A       10.10.10.100
www.linux.local.        3600    IN      A       10.10.10.100
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 20 18:06:30 2011
;; XFR size: 6 records (messages 1)

[linux.local ~]#nano /var/named/linux.local

$TTL    1H
@               IN      SOA    ns1.linux.local.      root (
                        2009091114 ; serial
                        1H ; refresh
                        15M ; retry
                        4W ; expire
                        1H ; Negative caching TTL of 1 hour
                        )
; Name servers
                 IN      NS      ns1.linux.local.
ns1              IN      A       10.10.10.100
www              IN      A       10.10.10.100
ftp              IN      A       10.10.10.100





0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 34939447
you removed the
@ IN A 10.10.10.100
or
linux.local. IN A 10.10.10.100

This is why linux.local can not be pinged. There is no record for it in your zone's configuration

Add one of the above into your linux.local zone and then run rndc reload linux.local and you should be good to go.

The local system likely has the hosts entry that points linux.local to the IP which is why it can be pinged.
0
 

Author Closing Comment

by:david875
ID: 34939684
you're the best
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Resolve DNS query failed errors for Exchange
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now