Link to home
Start Free TrialLog in
Avatar of alfred-bsp
alfred-bsp

asked on

Freebsd adding DNS record

Hello All!

I was wondering is someone could point me in the right direction on addiong a dns record to a Freebsd DNS server.  I was able to add the record to my domain.org file in the master folder but the changes do not seem to updating.  I did change the serial number as well.

Am I missing something?

-Alfred
Avatar of Papertrip
Papertrip
Flag of United States of America image
All depends on how your named.conf is configured, paste it please.  Also post the zone file for mydomain.org.
Avatar of alfred-bsp
alfred-bsp

ASKER

Here is the named.conf info:
----------------------------------------------------------
// $FreeBSD: src/etc/namedb/named.conf,v 1.26.2.5.2.1 2010/02/10 00:26:20 kensmi
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

acl "allowed-servers" {
        localhost;
        65.51.68.224/28;
        192.168.99.252/30;
        167.206.112.3;
        167.206.112.4;
        167.206.112.138;
        10.1.33.1;
        10.1.33.16;
        10.1.64.14;
};

acl "allowed-clients" {
        localhost;
        10.1.0.0/16;
        192.168.0.0/16;
        172.16.0.0/20;
        65.51.68.224/28;
};

logging {
        channel simple_log {
                file "/var/log/bind.log" size 5m;
                severity warning;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default {
                simple_log;
        };
};

options {
        // All file and path names are relative to the chroot directory,
        // if any, and should be fully qualified.
        directory       "/etc/namedb/";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";
        listen-on       { localhost; };
//      listen-on-v6    { ::1; };
        allow-query     { any; };
        allow-recursion { allowed-clients; };
        allow-transfer  { allowed-servers; };
        forward first;
        forwarders      {
                          167.206.112.3;
                          167.206.112.4;
                          167.206.112.138;
        };


// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
        disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
        disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
        disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
};

view "internal" {
  match-clients { 10.1.0.0/16;192.168.0.0/16;172.17.141.0/24; };
     recursion yes;
     zone "skylinewindows.com" {
        type master;
        file "/etc/namedb/internal/master/skylinewindows.com";
     };

     zone "skylinewindows.org" {
        type master;
        file "/etc/namedb/internal/master/skylinewindows.org";
     };

     zone "skylinewindows.local" {
        type master;
        file "/etc/namedb/internal/master/skylinewindows.local";
        allow-query { allowed-clients; };
     };

zone "." { type hint; file "/etc/namedb/named.root"; };

/*      Serving the following zones locally will prevent any queries
        for these zones leaving your network and going to the root
        name servers.  This has two significant advantages:
        1. Faster local resolution for your users
        2. No spurious traffic will be sent from your network to the roots
*/
// RFC 1912
Zone "localhost"        { type master; file "/etc/namedb/master/localhost-forwar
zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-revers
zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// RFC 1912-style zone for IPv6 localhost address
zone "0.ip6.arpa"       { type master; file "/etc/namedb/master/localhost-revers

// "This" Network (RFCs 1912 and 3330)
zone "0.in-addr.arpa"           { type master; file "/etc/namedb/master/empty.db

// Private Use Networks (RFC 1918)
zone "10.in-addr.arpa"          { type master; file "/etc/namedb/master/empty.db
zone "16.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "17.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "18.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "19.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "20.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "21.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "22.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "23.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "24.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "25.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "26.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "27.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "28.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "29.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "30.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "31.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "168.192.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db

// Link-local/APIPA (RFCs 3330 and 3927)
zone "254.169.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db

// TEST-NET for Documentation (RFC 3330)
zone "2.0.192.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db

// Router Benchmark Testing (RFC 3330)
zone "18.198.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db
zone "19.198.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db

// IANA Reserved - Old Class E Space
zone "240.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "241.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "242.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "243.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "244.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "245.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "246.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "247.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "248.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "249.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "250.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "251.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "252.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "253.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db
zone "254.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db

// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "3.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "4.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "5.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "6.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "7.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "8.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "9.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "a.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "b.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "c.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "d.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "e.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db
zone "0.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "1.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "2.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "3.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "4.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "5.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "6.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "7.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "8.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "9.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "a.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "b.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "0.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "1.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "2.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "3.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "4.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "5.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "6.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "7.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db

// IPv6 ULA (RFC 4193)
zone "c.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db
zone "d.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db

// IPv6 Link Local (RFC 4291)
zone "8.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "9.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "a.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "b.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db

// IPv6 Deprecated Site-Local Addresses (RFC 3879)
zone "c.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "d.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "e.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db
zone "f.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db

// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int"                  { type master; file "/etc/namedb/master/empty.db
};

view "external" {
  match-clients { any; };
     zone "skylinewindows.com" {
        type master;
        file "/etc/namedb/external/master/skylinewindows.com";
        allow-query { any; };
     };

     zone "skylinewindows.org" {
        type master;
        file "/etc/namedb/external/master/skylinewindows.org";
        allow-query { any; };
     };

     zone "239-224.68.51.65.in-addr.arpa" {
        type master;
        file "/etc/namedb/external/master/239-224.68.51.65.in-addr.arpa";
        allow-query { any; };
     };

zone "." { type hint; file "/etc/namedb/named.root"; };

/*      Serving the following zones locally will prevent any queries
        for these zones leaving your network and going to the root
        name servers.  This has two significant advantages:
        1. Faster local resolution for your users
        2. No spurious traffic will be sent from your network to the roots
*/
// RFC 1912 (and BCP 32 for localhost)
zone "localhost"        { type master; file "/etc/namedb/master/localhost-forwar
zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-revers
zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// RFC 1912-style zone for IPv6 localhost address
zone "0.ip6.arpa"       { type master; file "/etc/namedb/master/localhost-revers

// "This" Network (RFCs 1912 and 3330)
zone "0.in-addr.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// Private Use Networks (RFC 1918)
zone "10.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "30.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "31.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "168.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }

// Link-local/APIPA (RFCs 3330 and 3927)
zone "254.169.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }

// TEST-NET-[1-3] for Documentation (RFC 5737)
zone "2.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; }
zone "100.51.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"
zone "113.0.203.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db";

// IPv6 Range for Documentation (RFC 3849)
zone "0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/etc/namedb

// Domain Names for Documentation and Testing (BCP 32)
zone "test" { type master; file "/etc/namedb/master/empty.db"; };
zone "example" { type master; file "/etc/namedb/master/empty.db"; };
zone "invalid" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.com" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.net" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.org" { type master; file "/etc/namedb/master/empty.db"; };

// Router Benchmark Testing (RFC 3330)
zone "18.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "19.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// IANA Reserved - Old Class E Space
zone "240.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "241.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "242.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "243.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "244.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "245.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "246.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "247.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "248.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "249.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "250.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "251.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "252.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "253.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "254.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "3.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "4.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "5.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "6.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "7.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "8.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "9.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "a.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "b.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "c.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "d.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "e.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "0.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "1.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "2.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "3.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "4.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "5.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "6.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "7.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "8.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "9.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "a.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "b.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "c.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "d.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "e.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "0.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "1.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "2.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "3.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "4.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "5.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "6.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "7.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "8.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "9.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "a.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "b.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "0.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "1.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "2.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "3.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "4.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "5.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "6.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "7.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 ULA (RFC 4193)
zone "c.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "d.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Link Local (RFC 4291)
zone "8.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "9.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "a.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "b.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Deprecated Site-Local Addresses (RFC 3879)
zone "c.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "d.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "e.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "f.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int"                  { type master; file "/etc/namedb/master/empty.db
};

// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
//
// Example slave zone config entries.  It can be convenient to become
// a slave at least for the zone your own domain is in.  Ask
// your network administrator for the IP address of the responsible
// master name server.
//
// Do not forget to include the reverse lookup zone!
// This is named after the first bytes of the IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
//
// Before starting to set up a master zone, make sure you fully
// understand how DNS and BIND work.  There are sometimes
// non-obvious pitfalls.  Setting up a slave zone is usually simpler.
//
// NB: Don't blindly enable the examples below. :-)  Use actual names
// and addresses instead.

/* An example dynamic zone
key "exampleorgkey" {
        algorithm hmac-md5;
        secret "sf87HJqjkqh8ac87a02lla==";
};
zone "example.org" {
        type master;
        allow-update {
                key "exampleorgkey";
        };
        file "/etc/namedb/dynamic/example.org";
};
*/

/* Example of a slave reverse zone
zone "1.168.192.in-addr.arpa" {
        type slave;
        file "/etc/namedb/slave/1.168.192.in-addr.arpa";
        masters {
                192.168.1.1;
        };
};
*/
----------------------------------------------------------------------------

This is my external mydomain.org info:
----------------------------------------------------------------------------
$TTL 86400
skylinewindows.org.     IN SOA ns1.skylinewindows.org. abuse@skylinewindows.org.
                        2011100800      ; Serial
                        7200            ; Refresh
                        600             ; Retry
                        604800          ; Expire
                        86400 )         ; Minimum

; DNS Servers
                IN      NS      ns1.skylinewindows.org.
                IN      NS      ns2.skylinewindows.org.

; MX Records
                IN      MX 10   mail.skylinewindows.org.
                IN      MX 20   mx.skylinewindows.org.

                IN      TXT     "v=spf1 a:mail.skylinewindows.org a:mx.skylinewi

                IN      A       65.51.68.225
; Machine Names
deathstar       IN      A       65.51.68.224
ns1             IN      A       65.51.68.226
ns2             IN      A       65.51.68.227
mail            IN      A       65.51.68.229
mx              IN      A       65.51.68.229
bx-1            IN      A       69.74.114.78
office          IN      A       69.74.114.78
internal-services IN    A       69.74.114.78
prefna          IN      A       69.74.114.78
saleslogix      IN      A       69.74.114.78
--------------------------------------------------------------

saleslogix is the new dns record.
Avatar of alfred-bsp
alfred-bsp

ASKER

Correction on the mydomain.org file

---------------------------------------------------
$TTL 86400
skylinewindows.org.     IN SOA ns1.skylinewindows.org. abuse@skylinewindows.org. (
                        2011100800      ; Serial
                        7200            ; Refresh
                        600             ; Retry
                        604800          ; Expire
                        86400 )         ; Minimum

; DNS Servers
                IN      NS      ns1.skylinewindows.org.
                IN      NS      ns2.skylinewindows.org.

; MX Records
                IN      MX 10   mail.skylinewindows.org.
                IN      MX 20   mx.skylinewindows.org.

                IN      TXT     "v=spf1 a:mail.skylinewindows.org a:mx.skylinewindows.org ip4:65.51.68.224/28 ip4:69.74.114.78 mx:skylinewindows.com -all"

                IN      A       65.51.68.225
; Machine Names
deathstar       IN      A       65.51.68.224
ns1             IN      A       65.51.68.226
ns2             IN      A       65.51.68.227
mail            IN      A       65.51.68.229
mx              IN      A       65.51.68.229
bx-1            IN      A       69.74.114.78
office          IN      A       69.74.114.78
internal-services IN    A       69.74.114.78
prefna          IN      A       69.74.114.78
saleslogix      IN      A       69.74.114.78


Avatar of Papertrip
Papertrip
Flag of United States of America image
Hah, well we definitely need to talk about using includes in named.conf so that it isnt 800 lines long :p

Will review and give recommendations once I read through your gigantic conf file ;)
Avatar of alfred-bsp
alfred-bsp

ASKER

I thnk some info was chopped off the named.conf
--------------------------------------------------------------------
L: 1 C: 1 =====================================================================
// $FreeBSD: src/etc/namedb/named.conf,v 1.26.2.5.2.1 2010/02/10 00:26:20 kensmith Exp $
//
// Refer to the named.conf(5) and named(8) man pages, and the documentation
// in /usr/share/doc/bind9 for more details.
//
// If you are going to set up an authoritative server, make sure you
// understand the hairy details of how DNS works.  Even with
// simple mistakes, you can break connectivity for affected parties,
// or cause huge amounts of useless Internet traffic.

acl "allowed-servers" {
        localhost;
        65.51.68.224/28;
        192.168.99.252/30;
        167.206.112.3;
        167.206.112.4;
        167.206.112.138;
        10.1.33.1;
        10.1.33.16;
        10.1.64.14;
};

acl "allowed-clients" {
        localhost;
        10.1.0.0/16;
        192.168.0.0/16;
        172.16.0.0/20;
        65.51.68.224/28;
};

logging {
        channel simple_log {
                file "/var/log/bind.log" size 5m;
                severity warning;
                print-time yes;
                print-severity yes;
                print-category yes;
        };
        category default {
                simple_log;
        };
};

options {
        // All file and path names are relative to the chroot directory,
        // if any, and should be fully qualified.
        directory       "/etc/namedb/";
        pid-file        "/var/run/named/pid";
        dump-file       "/var/dump/named_dump.db";
        statistics-file "/var/stats/named.stats";
        listen-on       { localhost; };
//      listen-on-v6    { ::1; };
        allow-query     { any; };
        allow-recursion { allowed-clients; };
        allow-transfer  { allowed-servers; };

        forward first;
        forwarders      {
                          167.206.112.3;
                          167.206.112.4;
                          167.206.112.138;
        };


// These zones are already covered by the empty zones listed below.
// If you remove the related empty zones below, comment these lines out.
        disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
        disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
        disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
};

view "internal" {
  match-clients { 10.1.0.0/16;192.168.0.0/16;172.17.141.0/24; };
     recursion yes;
     zone "skylinewindows.com" {
        type master;
        file "/etc/namedb/internal/master/skylinewindows.com";
     };

     zone "skylinewindows.org" {
        type master;
        file "/etc/namedb/internal/master/skylinewindows.org";
     };

     zone "skylinewindows.local" {
        type master;
        file "/etc/namedb/internal/master/skylinewindows.local";
        allow-query { allowed-clients; };
     };

zone "." { type hint; file "/etc/namedb/named.root"; };

/*      Serving the following zones locally will prevent any queries
        for these zones leaving your network and going to the root
        name servers.  This has two significant advantages:
        1. Faster local resolution for your users
        2. No spurious traffic will be sent from your network to the roots
*/
// RFC 1912
Zone "localhost"        { type master; file "/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// RFC 1912-style zone for IPv6 localhost address
zone "0.ip6.arpa"       { type master; file "/etc/namedb/master/localhost-reverse.db"; };

// "This" Network (RFCs 1912 and 3330)
zone "0.in-addr.arpa"           { type master; file "/etc/namedb/master/empty.db"; };

// Private Use Networks (RFC 1918)
// Private Use Networks (RFC 1918)
zone "10.in-addr.arpa"          { type master; file "/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "30.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "31.172.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "168.192.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db"; };

// Link-local/APIPA (RFCs 3330 and 3927)
zone "254.169.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db"; };

// TEST-NET for Documentation (RFC 3330)
zone "2.0.192.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db"; };

// Router Benchmark Testing (RFC 3330)
zone "18.198.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };
zone "19.198.in-addr.arpa"      { type master; file "/etc/namedb/master/empty.db"; };

// IANA Reserved - Old Class E Space
zone "240.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "241.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "242.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "243.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "244.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "245.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "246.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "247.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "248.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "249.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "250.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "251.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "252.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "253.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };
zone "254.in-addr.arpa"         { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "3.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "4.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "5.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "6.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "7.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "8.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "9.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "a.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "b.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "c.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "d.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "e.ip6.arpa"               { type master; file "/etc/namedb/master/empty.db"; };
zone "0.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "1.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "2.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "3.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "4.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "5.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "6.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "7.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "8.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "9.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "a.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "b.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "0.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "1.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "2.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "3.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "4.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "5.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "6.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "7.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 ULA (RFC 4193)
zone "c.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };
zone "d.f.ip6.arpa"             { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Link Local (RFC 4291)
zone "8.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "9.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "a.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "b.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Deprecated Site-Local Addresses (RFC 3879)
zone "c.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "d.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "e.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };
zone "f.e.f.ip6.arpa"           { type master; file "/etc/namedb/master/empty.db"; };

// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int"                  { type master; file "/etc/namedb/master/empty.db"; };
};

view "external" {
  match-clients { any; };
     zone "skylinewindows.com" {
        type master;
        file "/etc/namedb/external/master/skylinewindows.com";
        allow-query { any; };
     };

     zone "skylinewindows.org" {
        type master;
        file "/etc/namedb/external/master/skylinewindows.org";
        allow-query { any; };
     };

     zone "239-224.68.51.65.in-addr.arpa" {
        type master;
        file "/etc/namedb/external/master/239-224.68.51.65.in-addr.arpa";
        allow-query { any; };
     };

zone "." { type hint; file "/etc/namedb/named.root"; };

/*      Serving the following zones locally will prevent any queries
        for these zones leaving your network and going to the root
        name servers.  This has two significant advantages:
        1. Faster local resolution for your users
        2. No spurious traffic will be sent from your network to the roots
*/
// RFC 1912 (and BCP 32 for localhost)
zone "localhost"        { type master; file "/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "/etc/namedb/master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// RFC 1912-style zone for IPv6 localhost address
zone "0.ip6.arpa"       { type master; file "/etc/namedb/master/localhost-reverse.db"; };

// "This" Network (RFCs 1912 and 3330)
zone "0.in-addr.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// Private Use Networks (RFC 1918)
zone "10.in-addr.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "30.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "31.172.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "168.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// Link-local/APIPA (RFCs 3330 and 3927)
zone "254.169.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// TEST-NET-[1-3] for Documentation (RFC 5737)
zone "2.0.192.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "100.51.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "113.0.203.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Range for Documentation (RFC 3849)
zone "0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// Domain Names for Documentation and Testing (BCP 32)
zone "test" { type master; file "/etc/namedb/master/empty.db"; };
zone "example" { type master; file "/etc/namedb/master/empty.db"; };
zone "invalid" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.com" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.net" { type master; file "/etc/namedb/master/empty.db"; };
zone "example.org" { type master; file "/etc/namedb/master/empty.db"; };

// Router Benchmark Testing (RFC 3330)
zone "18.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "19.198.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// IANA Reserved - Old Class E Space
zone "240.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "241.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "242.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "243.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "244.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "245.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "246.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "247.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "248.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "249.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "250.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "251.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "252.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "253.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };
zone "254.in-addr.arpa" { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "3.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "4.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "5.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "6.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "7.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "8.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "9.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "a.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "b.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "c.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "d.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "e.ip6.arpa"       { type master; file "/etc/namedb/master/empty.db"; };
zone "0.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "1.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "2.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "3.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "4.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "5.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "6.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "7.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "8.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "9.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "a.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "b.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "0.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "1.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "2.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "3.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "4.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "5.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "6.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "7.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 ULA (RFC 4193)
zone "c.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };
zone "d.f.ip6.arpa"     { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Link Local (RFC 4291)
zone "8.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "9.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "a.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "b.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// IPv6 Deprecated Site-Local Addresses (RFC 3879)
zone "c.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "d.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "e.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };
zone "f.e.f.ip6.arpa"   { type master; file "/etc/namedb/master/empty.db"; };

// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int"                  { type master; file "/etc/namedb/master/empty.db"; };
};

// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
//
// Example slave zone config entries.  It can be convenient to become
// a slave at least for the zone your own domain is in.  Ask
// your network administrator for the IP address of the responsible
// master name server.
//
// Do not forget to include the reverse lookup zone!
// This is named after the first bytes of the IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended, or ".IP6.ARPA" for IPv6.
//
// Before starting to set up a master zone, make sure you fully
// understand how DNS and BIND work.  There are sometimes
// non-obvious pitfalls.  Setting up a slave zone is usually simpler.
//
// NB: Don't blindly enable the examples below. :-)  Use actual names
// and addresses instead.

/* An example dynamic zone
key "exampleorgkey" {
        algorithm hmac-md5;
        secret "sf87HJqjkqh8ac87a02lla==";
};
zone "example.org" {
        type master;
        allow-update {
                key "exampleorgkey";
        };
        file "/etc/namedb/dynamic/example.org";
};
*/

/* Example of a slave reverse zone
zone "1.168.192.in-addr.arpa" {
        type slave;
        file "/etc/namedb/slave/1.168.192.in-addr.arpa";
        masters {
                192.168.1.1;
        };
};
*/

Avatar of alfred-bsp
alfred-bsp

ASKER

Sorry... this was setup from the old IT person. I'm just getting my feet wet on Freebsd.  Thanks for review the code.
Avatar of Papertrip
Papertrip
Flag of United States of America image
OK in general your named.conf looks pretty good... there are some parts I'll touch on later once we get your main problem solved (your SPF record is killin me! :p )

Alright the big thing I wanted to find out from your named.conf is whether the zone you were trying to update was static or dynamic -- all zones you have are static.

That being said, you also have views setup.  My guess at this point is that you updated either the internal or external zone, but when trying to verify it, you got results from the other view.  You pasted what appears to be the external zone file -- are you 100% certain that is the zone file you made the changes to, and not the internal version?

Show me how you are trying to verify your changes, and which zone file you made the updates to.


Curious, which version are you running?
named -v

Open in new window

Avatar of Papertrip
Papertrip
Flag of United States of America image
and which zone file you made the updates to.
To be clear I mean which zone on the filesystem, like the full path to the file.
Avatar of alfred-bsp
alfred-bsp

ASKER

Version
BIND 9.4.-ESV

when i do a pwd I get the following path

/var/named/etc/namedb/external/master

That is where I adjusted skylinewindows.org file

I also adjusted the internal file with the local ip address.
Avatar of alfred-bsp
alfred-bsp

ASKER

To verify I am trying to ping the address from another network.
Avatar of Papertrip
Papertrip
Flag of United States of America image
BIND 9.4.-ESV
That is old and is no longer supported either http://www.isc.org/software/bind/versions

/var/named/etc/namedb/external/master
That is where I adjusted skylinewindows.org file
Which record did you update so I can verify?  I still think this is an issue with views.
Avatar of alfred-bsp
alfred-bsp

ASKER

I updated the saleslogix record.
Avatar of alfred-bsp
alfred-bsp

ASKER

Will that cause any issues not being supported?
Avatar of Papertrip
Papertrip
Flag of United States of America image
I did miss something wrong in your zone file...
skylinewindows.org.     IN SOA ns1.skylinewindows.org. abuse@skylinewindows.org. (

Open in new window

that should be
skylinewindows.org.     IN SOA ns1.skylinewindows.org. abuse.skylinewindows.org. (

Open in new window

Now onto your new record.  Good news is that has indeed updated, however the negative-cache TTL is screwing you over.

[root@broken ~]# dig @8.8.8.8 saleslogix.skylinewindows.org +short
[root@broken ~]# dig @208.67.222.222 saleslogix.skylinewindows.org +short
67.215.65.132

Open in new window

What that says is Google @8.8.8.8 has cached an NXDOMAIN result for your query, and will retain that cached result for a duration dictated by the "Minimum" value defined in your SOA.  The 2nd query got a result because they did not have any cached results for saleslogix.skylinewindows.org.

The minimum/neg cache is the last field in your SOA:
[root@broken ~]# dig soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400

skylinewindows.org.     IN SOA ns1.skylinewindows.org. abuse@skylinewindows.org. (
                        2011100800      ; Serial
                        7200            ; Refresh
                        600             ; Retry
                        604800          ; Expire
                        86400 )         ; Minimum

Open in new window


Summary:
1.  Your update is visible, your change was successful.
2.  The value of "Minimum" in your SOA is too high -- I suggest changing that to 600 -- that means that the longest an NXDOMAIN result will stay cached on a resolver is 5 minutes.
3.  There are other things in your configs that should be addressed -- if you want to inquire about that, let me know and I'll tell you how you should ask a new question for it.



*** UPDATE ***
Technically some of the info I just wrote up is incorrect, specifically about the visibility of your update -- I had missed something in my testing and will write a new answer based on that info.  The reason I'm not updating this reply to reflect my new findings is because my explanation of negative-cache TTL is still valid and something you should understand.
Avatar of Papertrip
Papertrip
Flag of United States of America image
Don't change anything until I say to, please, I have more to explain first.
Avatar of alfred-bsp
alfred-bsp

ASKER

Ok thanks.
Avatar of Papertrip
Papertrip
Flag of United States of America image
I must admit, I have never seen these symptoms before.  I am querying several public DNS servers for the same record, and each is giving back different results (some no result at all).

[root@broken ~]# dig @198.153.192.1 saleslogix.skylinewindows.org +short
198.153.192.3
[root@broken ~]# dig @208.67.222.222 saleslogix.skylinewindows.org +short
67.215.65.132
[root@broken ~]# dig @156.154.70.1 saleslogix.skylinewindows.org +short
92.242.144.2
[root@broken ~]# dig @4.2.2.2 saleslogix.skylinewindows.org +short
[root@broken ~]# dig saleslogix.skylinewindows.org +short
[root@broken ~]#

Open in new window

Your authoritative masters are not giving a result either.
[root@broken ~]# dig ns skylinewindows.org +short
ns2.skylinewindows.org.
ns1.skylinewindows.org.
[root@broken ~]# dig @ns2.skylinewindows.org saleslogix.skylinewindows.org +short
[root@broken ~]# dig @ns1.skylinewindows.org saleslogix.skylinewindows.org +short

Open in new window

Regardless if this is the source of this particular problem, you need to fix your SOA record, and of course update the serial when you do.  If the problem still exists after that, we will take a different approach.
[root@broken ~]# dig @ns1.skylinewindows.org soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400

Open in new window

Avatar of Papertrip
Papertrip
Flag of United States of America image
FYI, the Minimum value in your SOA also dictates the default TTL for any record that does not have a TTL specified for it.

That being said, I recommend the TTL for A/PTR records to be 300, SOA/NS/MX 3600.  If you set a TTL for each record, then the minimum value never comes into play in that regard and is only used for negative-cache purposes as explained above.
Avatar of Papertrip
Papertrip
Flag of United States of America image
Oh, another correction:

2.  The value of "Minimum" in your SOA is too high -- I suggest changing that to 600 -- that means that the longest an NXDOMAIN result will stay cached on a resolver is 5 minutes

600 seconds == 10 minutes, not 5 :p
Avatar of alfred-bsp
alfred-bsp

ASKER

Thank you very much. I will follow up after I have reviewed your suggestions.  
Avatar of Papertrip
Papertrip
Flag of United States of America image
Ah just noticed something else.

From your zone file:
2011100800      ; Serial

Open in new window


From your authoritative nameserver:
[root@broken ~]# dig @ns1.skylinewindows.org soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400
[root@broken ~]# dig @ns2.skylinewindows.org soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400

Open in new window


That means that your zone has been broken since the TTL changed to 2010061000.  Any changes made to your zone between 2010061000 and 2011100800 have not been valid.  Keep in mind however that the date scheme you are using is not required -- you don't have to make the serial match the timestamp of when you made the change, all that matters is that it's incremented by at least +1.

Do this now and paste output, and remember for future use:
cd /var/named/etc/namedb/external/master
named-checkzone skylinewindows.org skylinewindows.org

Open in new window


Avatar of alfred-bsp
alfred-bsp

ASKER

Okay.. so if I change the serial to 2010061001 the saleslogix should be picked up?
Avatar of alfred-bsp
alfred-bsp

ASKER

I did the named-checkzone and received the following

zone skylinewindows.org/IN: loaded serial 2011100800
OK

Is that okay?  Do I need to run thats everytime I add a dns record and change the serial?
Avatar of Papertrip
Papertrip
Flag of United States of America image
The serial needs to be updated so that the slave servers know there is new stuff for it to pull down.

Still need to change the email in your SOA

[root@broken ~]# dig @ns2.skylinewindows.org soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400

Open in new window

Avatar of alfred-bsp
alfred-bsp

ASKER

I changed the serial to 201006001. Is that okay?
Avatar of Papertrip
Papertrip
Flag of United States of America image
I changed the serial to 201006001. Is that okay?
No, that is bad, don't go backwards in serials or you are asking for (more) trouble.

Before I start having you test other options, please change the RNAME (email address) in your SOA as mentioned in http:#36937653 and http#:36937625

Current:
abuse\@skylinewindows.org.

Suggested:
abuse.skylinewindows.org.
Avatar of alfred-bsp
alfred-bsp

ASKER


Should I change the serial back?  I updated the SOA record to be abuse.skylinewindows.org as suggested.
Avatar of Papertrip
Papertrip
Flag of United States of America image
Yes.  Get in the habit of incrementing the serial every time you make a change to a zone file.
Avatar of alfred-bsp
alfred-bsp

ASKER

Okay... I changed the serial to 2011100801 due to the SOA change....
Avatar of Papertrip
Papertrip
Flag of United States of America image
[root@broken ~]# dig @ns1.skylinewindows.org soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400
[root@broken ~]# dig @ns2.skylinewindows.org soa skylinewindows.org +short
ns1.skylinewindows.org. abuse\@skylinewindows.org. 2010061000 7200 600 604800 86400

Open in new window


Your authoritative nameservers are not getting your updates.  Are you sure you are reloading the zone or restarting named after making changes?

Avatar of alfred-bsp
alfred-bsp

ASKER

No.... I did not know i have to restart anything or reload. How do I do that?
ASKER CERTIFIED SOLUTION
Avatar of Papertrip
Papertrip
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Papertrip
Papertrip
Flag of United States of America image
You might be able to a reload instead of a restart, but it depends on how your named init script is written.
Avatar of Linux Guru
Linux Guru
Flag of India image
Reloading named would be good. Try using the following command.

FreeBSD comes with some stock reload and restart scripts:

      To reload the nameserver (without clearing cache):
      # named.reload

      To completely restart the nameserver:
      # named.restart
Avatar of alfred-bsp
alfred-bsp

ASKER

Thanks Papertrip for your time and hard work.  After rebooting the named service everything kicked in.