bind9 : Ping Problem

Does your XP system rely on the bind server as its sole DNS/Name server provider?
ipconfig /all
Does it point to other name servers as well as the IP of the linux server where bind is setup and running?
what is the output of
nslookup linux.local <ip_of_linux_server_where_bind_is_setup>

hello @arnold how are you my friend, you know in every time i say this is resolved, something happen again and this is really annoying, my XP has the IP of the server in DNS, no other IPs.

H:\> nslookup linux.local
*** Can not find server name for address 10.10.10.100:
No response from server
*** Default servers are not available
Server: UnKnown
Address: 10.10.10.100

*** UnKnown can not find linux.local: No response from
server

H:\>


H:\> nslookup linux.local 10.10.10.100
*** Can not find server name for address 10.10.10.100:
No response from server
*** Default servers are not available
Server: UnKnown
Address: 10.10.10.100

*** UnKnown can not find linux.local: No response from
server

H:\>


From XP:

H: \> ipconfig / all

Windows IP Configuration

         Hostname. . . . . . . . . . : PC1
         Primary DNS Suffix. . . . . . :
         Type of node. . . . . . . . . . : Unknown
         IP routing enabled. . . . . . . . : No
         WINS Proxy Enabled. . . . . . . . : No
         List DNS Suffix Search:            Local
                                             linux.local

Ethernet adapter Local Area Connection:

         DNS Suffix for connection:
         Description. . . . . . . . . . . : VMware Accelerated AMD PCnet Adapter

         Physical Address. . . . . . . . .: 00-0C-29-6F-C3-3B
         DHCP enabled. . . . . . . . . . . : No
         IP address. . . . . . . . .. . . : 10.10.10.12
         Subnet mask. . .. . . : 255.0.0.0
         Default gateway. . .. . . :
         DNS servers. . . . . . . . . . : 10.10.10.100

named.conf

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";


named.conf.options:

options {
      directory "/var/cache/bind";

      // If there is a firewall between you and nameservers you want
      // to talk to, you may need to fix the firewall to allow multiple
      // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

      // If your ISP provided one or more IP addresses for stable
      // nameservers, you probably want to use them as forwarders.  
      // Uncomment the following block, and insert the addresses replacing
      // the all-0's placeholder.

      //forwarders {
      //       0.0.0.0;
      //};

      auth-nxdomain no;    # conform to RFC1035
      listen-on-v6 { any; };
};


named.conf.local:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "linux.local." {
    type master;
    file "/etc/bind/db.linux.local";
};

named.conf.default-zones

// prime the server with knowledge of the root servers
zone "." {
      type hint;
      file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
      type master;
      file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
      type master;
      file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
      type master;
      file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
      type master;
      file "/etc/bind/db.255";
};

Sorry i forgot to post another file:

db.linux.local

; linux.local
$TTL    604800
@       IN      SOA     ns1.linux.local. root.linux.local. (
                     2006020201 ; Serial
                         604800 ; Refresh
                          86400 ; Retry
                        2419200 ; Expire
                         604800); Negative Cache TTL
;
              IN      NS      ns1.linux.local.
ns1           IN      A       10.10.10.100
@            IN      A      10.10.10.100
www            IN      A      10.10.10.100

root@linux:/home/u# /etc/init.d/named status
bash: /etc/init.d/named: No such file or directory
root@linux:/home/u# /etc/init.d/bind9 status
 * could not access PID file for bind9
root@linux:/home/u#


root@linux:/home/u# ps -ef | grep named
root      2174  1749  0 15:12 pts/0    00:00:00 grep --color=auto named
root@linux:/home/u#


root@linux:/home/u# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination        

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        
root@linux:/home/u#

root@linux:/etc/bind# service bind9 status
 * bind9 is running
root@linux:/etc/bind#

Guess what, i can ping now linux.local !!! i didn't add anything, just restarted bind9 3 times and check status as running and i can ping !!! how can you explain this? in addition i think that i have to add the file
10.10.10.in-addr.arpa right? what i have to fill in on it?

It should be the same as your other:

your TTL is too large at 604800 for both positive and negative cache. This why it takes a long time for negative response to be flushed.

The part from the top up-to and including NS record is common to all your zones.
 

$ORIGIN @
$TTL    604800
@       IN      SOA     ns1.linux.local. root.linux.local. (
                     2006020201 ; Serial
                         604800 ; Refresh
                          86400 ; Retry
                        2419200 ; Expire
                         604800); Negative Cache TTL
;
              IN      NS      ns1.linux.local.
100           IN      PTR     ns1.linux.local.

Select all Open in new window

ok @arnold, if "604800" is too large, please advice me with the lowerest and minimum value to put there, as you said, it takes long time and this is making me nervous....

Other thing, can you explain me what is the "100" in the config file refer to? is it the forth octet of the network address? X.Y.Z.100 ?? right? We always put the fourth octet in the configuration ?

Thank you

and check about the other values, Serial, Refresh, Retry etc... i want low value please, and i appreciate every effort you do with me

The way 10.10.10.100 is translated in DNS is as 100.10.10.10.in-addr.arpa
Since you define the zone as 10.10.10.in-addr.arpa
The contents within the zone represent the last octet. An unterminated entry has the zone appended to it.
100 IN PTR ns1.linux.local.
is translated into
100.10.10.10.in-addr.arpa.  IN PTR ns1.linux.local.
A TTL is often set to one day and as I believe I previously posted to another of your question will mean that should you make a change the TTL is the longest period of time that the change will take to propagate.

The longest period of time is often assigned to the Expire entry which deals with the length of time the zone will be maintained in the event of an error in the zone.
2592000 which represents 30 days.
The negative cache should be between 600 and 1800 (10 minutes to 30 minutes).
referesh should be 3600-7200 (1-3 hours)
retry 600-900

Use nslookup -q=soa <your favorite domain> as a reference for ranges.

Also when you make changes to a zone, you should consider using named-checkzone <zonename>
linux.local or 10.10.10.in-addr.arpa

Double check that your netmasks match.
your workstation netmask is set to 255.0.0.0 does it match your linux box
/sbin/ifconfig -a?
alt: compare the output from running netstat -rn on both.

Can you paste me the file with new Values?

The information depends on what your network configuration is.
If your network is using 10.0.0.0 with netmask 255.0.0.0 and all systems conform to the same configuration, you should not have any issues.
But if some systems have 10.x.x.x with netmask 255.0.0.0 while others have 255.255.255.0 then you will have issues.
Often if you do not have a huge network where you need more than 254 hosts, you would use 255.255.255.0 as the netmask 10.10.10.2-10.10.10.254
at times, for home networks, it is better to use the 192.168.x.x 255.255.255.0 setup in the event that you need to setup a VPN to your employer where there are more hosts which means that they might use a networking block from the 172.16.0.0-172.31.255.255 network block which can include multiple class C network or if they are a very large enterprise they may use the 10.0.0.0 255.0.0.0 network.  In this case if you have/use IPs on the 10.x.x.x network and this is the IP range on the remote LAN to which you want to establish a VPN,  you will have problems because of IP overlap. (there are ways around it i.e. instead of site to site, you will have a remote VPN or use a MAP overlay for the home users' IP range i.e. users 10.x.x.x will be overlaid and will appear within the office LAN as 192.168.y.x)

The following are common network with retail routers
192.168.0.0 255.255.255.0
192.168.1.0 255.255.255.0
192.168.2.0 255.255.255.0

So pick at random anything from 3-255 as X
and then configure your systems to
192.168.X.y netmask 255.255.255.0.

On windows, networking control panel, properties of the local connection, tcp/IP properties.

Alternatively, you could setup a DHCP server on your linux/centos box and have it allocate the IPs.

What is PTR?

a DHCP Server will be good, can you please help me in 1 thing:

I need the lowerest values of $TTL  including (Serial, refresh and etc)

$ORIGIN @
$TTL    604800
@       IN      SOA     ns1.linux.local. root.linux.local. (
                     2006020201 ; Serial
                         604800 ; Refresh
                          86400 ; Retry
                        2419200 ; Expire
                         604800); Negative Cache TTL

PTR is the reverse of an A record.
PTR is a pointer that resolves an IP to the hostname

Serial is commonly used as the form of the date:yyyymmddxx
yyyy -2011
mm - 03
dd - 16
xx - 00-99 i.e. index of changes within the same day, This way you can make 100 alterations every day by incrementing the least significant section.
referesh should be 3600-7200
retry should be 600-3600
expiry should remain large this deals with how long bind will keep the zone active in the event you make an error in the zone. 30 days (2592000) is the common time while your 28 days is fine as well.
The negative cache TTL/Default  should be between 7200-86400

you saved my life :) best expert ever