Solved

BIND : Ping Failed when i ping my CentOS Server

Posted on 2011-02-19
16
886 Views
Last Modified: 2012-05-11
when i reboot the server i couldn't ping linux.local

here is my linux.local file config


$TTL    1H
@               IN      SOA    ns1.linux.local.      root (
                        2009091114 ; serial
                        1H ; refresh
                        15M ; retry
                        4W ; expire
                        1H ; Negative caching TTL of 1 hour
                        )
; Name servers
                 IN      NS      ns1.linux.local.
ns1              IN      A       10.10.10.100
www              IN      A       10.10.10.100
ftp              IN      A       10.10.10.100
linux.local      IN      A       10.10.10.100


Any idea?

screenshot.JPG
0
Comment
Question by:david875
  • 9
  • 6
16 Comments
 
LVL 6

Expert Comment

by:_iskywalker_
ID: 34935057
not in the windows host files? not in the dns serve?!
0
 

Author Comment

by:david875
ID: 34935066
hold on but what you mean, i didn't understand what you said, forgive me
0
 
LVL 77

Expert Comment

by:arnold
ID: 34936230
run the following command on your centos box and it will be clear why you have an issue.
dig @localhost axfr linux.local

pay attention to the linux.local (unterminated line)
replace the linux.local with @ or add a period at the end of the linux.local. IN A line and update the serial number to correct the issue.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 

Author Comment

by:david875
ID: 34937582
It didnt work with what you said, i tried to replace linux.local with an "@" and nthing, i tried also to add a dot "." after linux.local. but nothing, here is what your command gives:

[linux.local named]# dig @localhost axfr linux.local

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @localhost axfr linux.local
; (1 server found)
;; global options:  printcmd
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
linux.local.            3600    IN      NS      ns1.linux.local.
ftp.linux.local.        3600    IN      A       10.10.10.100
linux.local.linux.local. 3600   IN      A       10.10.10.100
ns1.linux.local.        3600    IN      A       10.10.10.100
www.linux.local.        3600    IN      A       10.10.10.100
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 20 15:35:10 2011
;; XFR size: 7 records (messages 1)

[linux.local named]#
0
 
LVL 77

Expert Comment

by:arnold
ID: 34937761
Did you update the serial number? Did you issue rndc reload linux.local (to have bind reload the zone)
0
 

Author Comment

by:david875
ID: 34937840
no i didn't, i don't have rndc in my config files in /var/named

How to do all this?

I just discovered a funny thing, i started the samba server and i can ping linux.local again but i tried 1 thing, i stopped samba and i can still ping, that's strange , in addition i deleted the line that has

linux.local IN A 10.10.10.100 and saved the config, restarted named, then no ping, but now i see that i can ping, this will make me crazy
0
 
LVL 77

Expert Comment

by:arnold
ID: 34937889
Note that your TTL the number between the left most record and the IN directive is 3600.  This is how long the record is kept on any one system.
so you ping linux.local that fails the negative response is cached on the system.
You then update the record and reload named. While the server now has a new set of information, the system that has a negative cache will not check with the server until the time runs out.

To setup RNDC you need to run /usr/sbin/rndc-confgen
You then copy the output as directed. one portion into /etc/rndc.cong and one portion into the top of the /etc/named.conf file.  You would once again need to restart named /etc/init.d/named restart.
rndc reconfig deals if you are adding a zone and do not want the whole named to restart
rndc reload tells named to reload all information
rndc reload zonename tells named that zonename has changed and it should be reprocessed.

0
 

Author Comment

by:david875
ID: 34937938
thank you for the useful information @arnold, you're doing a  great effort with me :)

I configured now rndc and everything is OK

I must tell you something, i'm not experienced with BIND, i'm doing my first experiences with it, you said TTL mustbe 3600? in config all TTL are 3600 so what should i do?

0
 
LVL 77

Expert Comment

by:arnold
ID: 34937972
It is not an issue of what you should do it was just a statement that your current zone config has the setting for the TTL at 3600 (seconds)
The issue is as follows. if you set the TTL low changes within the zone will propagate quicker.
However, the tradeoff is that your DNS server will see many more requests.
i.e. your TTL is 3600 which means the same system that looks up any record will not lookup the same record for 3600 seconds and this is the maximum length of time this system will have to wait to see an update you make to the same record. At 3600 seconds, the maximum number of queries the server will see from this system for this record is 24.
If you lower the TTL to 90 seconds. When you make a change in the zone, it will take 90 seconds for it to be seen, but your server will see a max of 960 queries from this system for this record.
Usually, a higher TTL is better, but if you are planning on making a change, you should lower the TTL a day before such that when the change is made it propagates at a quicker pace and then you can increase it again to limit the number of queries that are generated against your server.(network traffic that might not be necessary)

0
 

Author Comment

by:david875
ID: 34938008
ok so this is why the ping fail against linux.local? the strange thing is that i can ping ns1.linux.local or www.linux.local from the first time without any problem
0
 

Author Comment

by:david875
ID: 34938020
and i think that the Negative caching TTL of 1 hour is much time, maybe i should lower it to 90 seconds as you said, what do you think?
0
 

Author Comment

by:david875
ID: 34938026
just to understand 1 thing and sorry to post many questions because they come time after time, if i can't ping linux.local the system will wait 1 H to update and see that ping again?
0
 
LVL 77

Expert Comment

by:arnold
ID: 34938131
The negative caching only deals with a record that could not be looked up.
could you post the new info
dig @localhost axfr linux.local
as well as the contents of the linux.local zone.
0
 

Author Comment

by:david875
ID: 34938171
[linux.local ~]# dig @localhost axfr linux.local

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @localhost axfr linux.local
; (1 server found)
;; global options:  printcmd
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
linux.local.            3600    IN      NS      ns1.linux.local.
ftp.linux.local.        3600    IN      A       10.10.10.100
ns1.linux.local.        3600    IN      A       10.10.10.100
www.linux.local.        3600    IN      A       10.10.10.100
linux.local.            3600    IN      SOA     ns1.linux.local. root.linux.local. 2009091114 3600 900 2419200 3600
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Feb 20 18:06:30 2011
;; XFR size: 6 records (messages 1)

[linux.local ~]#nano /var/named/linux.local

$TTL    1H
@               IN      SOA    ns1.linux.local.      root (
                        2009091114 ; serial
                        1H ; refresh
                        15M ; retry
                        4W ; expire
                        1H ; Negative caching TTL of 1 hour
                        )
; Name servers
                 IN      NS      ns1.linux.local.
ns1              IN      A       10.10.10.100
www              IN      A       10.10.10.100
ftp              IN      A       10.10.10.100





0
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 34939447
you removed the
@ IN A 10.10.10.100
or
linux.local. IN A 10.10.10.100

This is why linux.local can not be pinged. There is no record for it in your zone's configuration

Add one of the above into your linux.local zone and then run rndc reload linux.local and you should be good to go.

The local system likely has the hosts entry that points linux.local to the IP which is why it can be pinged.
0
 

Author Closing Comment

by:david875
ID: 34939684
you're the best
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Run same command on multiple files in Linux 3 29
open source backup solution 1 28
Server 2008 to 2016 Essentials migration problem 6 39
Cannot Change Local DNS 9 43
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Resolve DNS query failed errors for Exchange
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

806 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question