internal dns settlement woes


alright, i am going state adult front doubt competence too concerned (amount fact complexity) medium. nonetheless i figured best place start.



i am attempting setup explanation visualisation digest bond settlement initial large hurdle. i wish setup 3 dns servers 3 physical boxes. none boxes needs solve open addresses, middle only. i have review by setup middle roots (mostly) glorious dns & bond 5th ed book. nonetheless interpretation instance functional. ip's rfc 1918 non-routable.



box 1 official addresses box1.bogus domain, box 2 official addresses box2.bogus domain. box 3 act both an middle bottom tld server domain bogus.



current new issues:




  • i have hints record box 1 2 contains unparalleled ns record ns construction bottom zone. additionally there an a record translates ns ip root. i dig . box 1 i an authority domain ns name, an answer additional record section. therefore i am amateurish indeed solve ip bottom server box 1.


  • if i indicate /etc/resolv.conf box 1 directly during bottom server dig box1.bogus i ns.box1.bogus answer record interpretation additional section. however unbroken iteration (when should a record) i dig: couldn't castle ns.box1.bogus




obviously configs not correct. i don't proceed insert post, wish transport by step step i cut'n'paste critique question. differently i am open holding 'offline' "dns guy" figure out where i'm blank '.' have too many!



i personally cruise web another middle bottom instance doesn't movie-u example.



ok, going this, following should petrify instance eh? i have 3 machines setup private vlan contrast this. reason check i companion down applicable configs, precipitated able, redeployed 2 namesevers. i left out scratchy now. same law above. here configs initial puncture outputs.





bogus



machine name: feign (i only satisfied i should change this...)  
role:         middle bottom tld nameserver  
ip:           10.0.0.1  
bind:         9.5.0-16.a6.fc8


/etc/named.conf



// controls queries dns server. now wholly the
// internal exam bed. there stereotyped ip addr scheme, have
// those addr ranges enabled even firewall manners broken, the
// open internet can't query middle dns.
//
acl "authorized" {
        localhost;      // localhost
        10.0.0.0/24;          // internal test
};

options {
    listen-on pier 53 {
        127.0.0.1;
        10.0.0.1;
    };
    listen-on-v6 pier 53 { ::1; };
    office   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    pid-file    "/var/run/named/named.pid";
    allow-query     { any; };
    recursion no;
};

logging {
        channel default_debug {
                record "data/named.run";
                sourness dynamic;
        };
};

//
// feign root.
//
zone "." {
    form master;
    record "master/root";
    allow-query { authorized; };
};

//
// tld testing
//
zone "bogus" {
    form master;
    record "master/bogus";
    allow-query { authorized; };
    allow-transfer { authorized; };
};


/var/named/master/root 



$ttl    3600
.                   soa ns.bogustld. hostmaster.internal.bogus. (
                        2008101601  ; serial
                        1h      ; refresh
                        2h      ; retry
                        14d     ; expire
                        5m )        ; minimum
;
; feign bottom section servers defined.
;
.                   ns  ns.bogustld.
ns.bogustld.          10.0.0.1
;
; contrast tld
;
bogus           ns  ns1.bogus.
ns1.bogus.                10.0.0.1


/var/named/master/bogus



$ttl 3600
@           soa ns1.internal.bogus. hostmaster.internal.bogus. (
                2008102201  ; sequence date +seq
                1h      ; refresh
                2h      ; retry
                14d     ; expire
                5m)     ; min ttl
;
            ns  ns1.internal.bogus.
;
; auth servers
;
ns1.internal.bogus.   10.0.0.1
;
; fan delegations any fan 2nd turn domain it's
; possess section file.
;
;modified unparalleled nameservers feign domain
itchy           ns  ns1-itchy.bogus.
ns1-itchy.bogus.      10.0.0.2
;
scratchy        ns  ns1-scratchy.bogus.
ns1-scratchy.bogus.   10.0.0.3


output puncture .



; <<>> puncture 9.5.0-p2 <<>> .
;; tellurian options:  printcmd
;; got answer:
;; ->>header<<- opcode: query, status: noerror, id: 57175
;; flags: qr aa rd; query: 1, answer: 0, authority: 1, additional: 0
;; warning: recursion requested nonetheless available

;; doubt section:
;.                                   a

;; management section:
.                       300          soa     ns.bogustld. hostmaster.internal
.bogus. 2008101601 3600 7200 1209600 300

;; query time: 1 msec
;; server: 10.0.0.1#53(10.0.0.1)
;; when: tue oct 21 12:23:59 2008
;; msg distance  rcvd: 88


output puncture +trace itchy.bogus 



; <<>> puncture 9.5.0-p2 <<>> +trace itchy.bogus
;; tellurian options:  printcmd
.                       3600         ns      ns.bogustld.
;; viewed 57 bytes 10.0.0.1#53(10.0.0.1) 1 ms

itchy.bogus.            3600         ns      ns1-itchy.bogus.
;; viewed 69 bytes 10.0.0.1#53(ns.bogustld) 0 ms

itchy.bogus.            3600               10.0.0.2
itchy.bogus.            3600         ns      ns1.itchy.bogus.
;; viewed 79 bytes 10.0.0.2#53(ns1-itchy.bogus) 0 ms




itchy



machine name: rawness   
role:         sld nameserver (supposed owners itchy.bogus) 
ip:           10.0.0.2  
bind:         9.5.0-16.a6.fc8


/etc/named.conf



// controls queries dns server. now wholly the
// internal exam bed. there stereotyped ip addr scheme, have
// those addr ranges enabled even firewall manners broken, the
// open internet can't query middle dns.
//
acl "authorized" {
        localhost;      // localhost
        10.0.0.0/24;          // lan test
};

options {
    listen-on pier 53 {
        127.0.0.1;
        10.0.0.2;
    };
    listen-on-v6 pier 53 { ::1; };
    office   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
    pid-file    "/var/run/named/named.pid";
    allow-query     { any; };
    recursion no;
};

logging {
        channel default_debug {
                record "data/named.run";
                sourness dynamic;
        };
};

zone "." {
    form hint;
    record "master/root.hint";
 };

zone "itchy.bogus" {
    form master;
    record "master/itchy.bogus";
    allow-query { authorized; };
    allow-transfer { authorized; };
};


/var/named/master/itchy.bogus



$ttl    3600
@       soa     ns1.itchy.bogus. hostmaster.itchy.bogus. (
                2008102202  ; serial
                1h      ; refresh
                2h      ; retry
                14d     ; expire
                5m )        ; minimum
;
          10.0.0.2
        ns      ns1.itchy.bogus.
ns1       10.0.0.2


/var/named/master/root.hint



.                        3600000      ns    ns.bogustld.
ns.bogustld.         3600000          10.0.0.1
; finish file


/etc/resolv.conf



nameserver 10.0.0.2


cost puncture .



; <<>> puncture 9.5.0-p2 <<>> .
;; tellurian options:  printcmd
;; got answer:
;; ->>header<<- opcode: query, status: noerror, id: 31291
;; flags: qr rd; query: 1, answer: 0, authority: 1, additional: 0
;; warning: recursion requested nonetheless available

;; doubt section:
;.                                   a

;; management section:
.                       3600000      ns      ns.bogustld.

;; query time: 0 msec
;; server: 10.0.0.2#53(10.0.0.2)
;; when: tue oct 21 17:09:53 2008
;; msg distance  rcvd: 41


output puncture + snippet itchy.bogus 



; <<>> puncture 9.5.0-p2 <<>> +trace itchy.bogus
;; tellurian options:  printcmd
.                       3600000      ns      ns.bogustld.
;; viewed 41 bytes 10.0.0.2#53(10.0.0.2) 0 ms

dig: couldn't castle 'ns.bogustld': failure


Comments

Post a Comment

Popular posts from this blog

list macos calm editors formula editors

i searched found maudite's doubt text editors nonetheless windows. as have doubt guessed, i am perplexing out there any text/code editors mac besides i know of. i'll correct post consolidate editors listed. free textwrangler xcode mac vim aquamacs closer uncanny emacs jedit editra eclipse netbeans kod textmate2 - gpl brackets atom.io commercial textmate bbedit subethaedit coda sublime calm 2 smultron webstorm peppermint articles associated subject faceoff, best calm editor ever? maceditors.com, mac editors comforts compared thank everybody total suggestions.
Read more

how i practical urls indicate .aspx pages asp.net deployed an iis? (preferably but iis)

what's best proceed good purify url structure smoke-stack yield has? do i need iis this? there proceed i arrange mapping record asp .net? the site i wish hundreds pages, already deployed. i slight requires slightest volume changes possible. note: i do not wish suggestions urls friendly i do wish suggestions best control permitted urls emanate mappings. i fundamentally wish have any route ends aspx have aspx progression instead feeling folder an index.aspx inside it. -> edit: i'm controlling iis 6.0
Read more

jaxb - xjc - reworking generated typesafe enum category members

when compiling following simpletype xjc accumulate (from jaxb package)... <xs:simpletype name="test"> <xs:annotation> <xs:appinfo> <jaxb:typesafeenumclass/> </xs:appinfo> </xs:annotation> <xs:restriction base="xs:string"> <xs:enumeration value="4"> <xs:annotation> <xs:appinfo> <jaxb:typesafeenummember name="four"/> </xs:appinfo> </xs:annotation> </xs:enumeration> <xs:enumeration value="6"> <xs:annotation> <xs:appinfo> <jaxb:typesafeenummember name="six"/> </xs:appinfo> </xs:annotation> </xs:enumeration> </xs:restriction> </xs:simpletype> i finish adult following enum java (import statements comments removed) @xmlenum public ...
Read more