[MaraDNS list] Having trouble running maradns and deadwood on the same host
David Kowis
dkowis at shlrm.org
Fri May 27 16:56:06 EDT 2011
I'm unable to run both the authoritative nameserver and the recursive
nameserver on the same box on separate interfaces.
Here's a paste of all the dig requests that I've tested with, then my
configuration follows. (vorador is a different host on my network)
Also, during my setup of this stuff, I found I had to specify the root
servers if I wanted to specify an authoritative server for a different
domain, which is different behaviour than I had before with maradns 1.4.
Not a show stopper, just was difficult to figure out.
Thanks in advance for your help.
=======================================================================
Ask the recursive DNS where google is... works
[root at vorador ~]# dig @10.10.220.235 www.google.com
; <<>> DiG 9.7.3-RedHat-9.7.3-1.fc14 <<>> @10.10.220.235 www.google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5020
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.google.com. IN A
;; ANSWER SECTION:
www.google.com. 47 IN CNAME www.l.google.com.
www.l.google.com. 47 IN A 74.125.227.18
www.l.google.com. 47 IN A 74.125.227.19
www.l.google.com. 47 IN A 74.125.227.17
www.l.google.com. 47 IN A 74.125.227.20
www.l.google.com. 47 IN A 74.125.227.16
;; Query time: 0 msec
;; SERVER: 10.10.220.235#53(10.10.220.235)
;; WHEN: Fri May 27 15:44:52 2011
;; MSG SIZE rcvd: 132
# ask recursive dns where my webserver is, should return a CNAME and
eventual ip of 10.10.220.205, instead it does nothing.
[root at vorador ~]# dig @10.10.220.235 www.shlrm.org
; <<>> DiG 9.7.3-RedHat-9.7.3-1.fc14 <<>> @10.10.220.235 www.shlrm.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36173
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.shlrm.org. IN A
;; AUTHORITY SECTION:
shlrm.org. 86400 IN SOA shlrm.org.
dkowis.shlrm.org. 169287225 7200 3600 604800 1800
;; Query time: 0 msec
;; SERVER: 10.10.220.235#53(10.10.220.235)
;; WHEN: Fri May 27 15:44:55 2011
;; MSG SIZE rcvd: 74
# Ask the authoritative DNS server where www.shlrm.org is, works.
[root at vorador ~]# dig @10.10.220.232 www.shlrm.org
; <<>> DiG 9.7.3-RedHat-9.7.3-1.fc14 <<>> @10.10.220.232 www.shlrm.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44322
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;www.shlrm.org. IN A
;; ANSWER SECTION:
www.shlrm.org. 86400 IN CNAME shlrm.org.
shlrm.org. 86400 IN A 10.10.220.205
;; AUTHORITY SECTION:
shlrm.org. 86400 IN NS turel-a.shlrm.org.
;; ADDITIONAL SECTION:
turel-a.shlrm.org. 86400 IN A 10.10.220.232
;; Query time: 2 msec
;; SERVER: 10.10.220.232#53(10.10.220.232)
;; WHEN: Fri May 27 15:52:49 2011
;; MSG SIZE rcvd: 99
CONFIGURATIONS:
=======================================================================
I've got two interfaces on the host, configured with different IP
addresses, just to get that out of the way.
root at turel:/etc# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:3A:6E:C7
inet addr:10.10.220.235 Bcast:10.10.220.255 Mask:255.255.255.0
inet6 addr: 2001:1938:140:2:216:3eff:fe3a:6ec7/64 Scope:Global
eth1 Link encap:Ethernet HWaddr 00:16:3E:DE:AD:00
inet addr:10.10.220.232 Bcast:10.10.220.255 Mask:255.255.255.0
inet6 addr: 2001:1938:140:2:216:3eff:fede:ad00/64 Scope:Global
I've deadwood configured to be a recursive nameserver, also to route
requests for my domain internally to the authoritative maradns.
the mararc is configured as follows:
=======================================================================
hide_disclaimer = "YES"
verbose_level = 10
csv2 = {}
csv2["shlrm.org."] = "db.shlrm.org"
ipv4_bind_addresses = "10.10.220.232"
chroot_dir = "/etc/maradns"
=======================================================================
dwood3rc is:
=======================================================================
ipv4_bind_addresses = "10.10.220.235"
chroot_dir = "/etc/maradns"
recursive_acl = "10.10.220.0/24"
verbose_level = 200
root_servers = {}
root_servers["shlrm.org."] = "10.10.220.232"
root_servers["220.10.10.in-addr.arpa."] = "10.10.220.232"
root_servers["."] = "198.41.0.4,"
root_servers["."] += "2001:503:BA3E::2:30,"
root_servers["."] += "192.228.79.201,"
root_servers["."] += "192.33.4.12,"
root_servers["."] += "128.8.10.90,"
root_servers["."] += "192.203.230.10,"
root_servers["."] += "192.5.5.241,"
root_servers["."] += "2001:500:2F::F,"
root_servers["."] += "192.112.36.4,"
root_servers["."] += "128.63.2.53,"
root_servers["."] += "2001:500:1::803F:235,"
root_servers["."] += "192.36.148.17,"
root_servers["."] += "2001:7FE::53,"
root_servers["."] += "192.58.128.30,"
root_servers["."] += "2001:503:C27::2:30,"
root_servers["."] += "193.0.14.129,"
root_servers["."] += "2001:7FD::1,"
root_servers["."] += "199.7.83.42,"
root_servers["."] += "2001:500:3::42,"
root_servers["."] += "202.12.27.33,"
root_servers["."] += "2001:DC3::35"
=======================================================================
More information about the list
mailing list