hi,
i'm using nsd3 from debian lenny repo and all packages are up to date.
all function almost as i wish with exception for .IN domain names.
i have this in /etc/nsd3/root.zone :
$TTL 1D
@ IN SOA @ none. ( 120 1D 10 3W 1W );
IN NS @
IN A 1.2.3.4
* IN A 1.2.3.4
so that it should give one single IP for any domain.
most domain works fine.
dig what.ever.domain @ 127.0.0.1 will returns the correct answer,
with one exception for .IN domain:
# dig whatever.in @127.0.0.1
; <<>> DiG 9.5.1-P3 <<>> firm.in @127.0.0.1
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63457
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;firm.in. IN A
;; AUTHORITY SECTION:
. 86400 IN SOA . none. 120 86400 10 1814400
604800
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 22 20:35:25 2010
;; MSG SIZE rcvd: 63
what's wrong?
tnx.
rgds.dennyhalim.com
kiddysurf.blogspot.com | indosearch.blogspot.com | polaris.blogspot.com |
www.mypolaris.com | www.host-jet.com
... they look but do not see and hear but do not listen or understand. Mat
13:13
... but that which cometh out of the mouth, this defileth a man. Mat 15:11
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20100422/31dc79d6/attachment.htm>
Hey there, What is the output of: $dig +trace whatever.in @localhost ? Shami dny wrote:> hi, > > i'm using nsd3 from debian lenny repo and all packages are up to date. > > all function almost as i wish with exception for .IN domain names. > > > i have this in /etc/nsd3/root.zone : > $TTL 1D > @ IN SOA @ none. ( 120 1D 10 3W 1W ); > IN NS @ > IN A 1.2.3.4 > * IN A 1.2.3.4 > > so that it should give one single IP for any domain. > most domain works fine. > dig what.ever.domain @ 127.0.0.1 will returns the correct answer, > with one exception for .IN domain: > > # dig whatever.in <http://whatever.in> @127.0.0.1 <http://127.0.0.1> > > ; <<>> DiG 9.5.1-P3 <<>> firm.in <http://firm.in> @127.0.0.1 > <http://127.0.0.1> > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63457 > ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; WARNING: recursion requested but not available > > ;; QUESTION SECTION: > ;firm.in <http://firm.in>. IN A > > ;; AUTHORITY SECTION: > . 86400 IN SOA . none. 120 86400 10 > 1814400 604800 > > ;; Query time: 0 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Thu Apr 22 20:35:25 2010 > ;; MSG SIZE rcvd: 63 > > > > what's wrong? > > tnx. > > > rgds.dennyhalim.com <http://rgds.dennyhalim.com> > kiddysurf.blogspot.com <http://kiddysurf.blogspot.com> | > indosearch.blogspot.com <http://indosearch.blogspot.com> | > polaris.blogspot.com <http://polaris.blogspot.com> | www.mypolaris.com > <http://www.mypolaris.com> | www.host-jet.com <http://www.host-jet.com> > > ... they look but do not see and hear but do not listen or understand. > Mat 13:13 > ... but that which cometh out of the mouth, this defileth a man. Mat 15:11 > >
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I am not sure what zones you have configured more or how your complete root.zone file looks like, in order to make the other domains work. One thing that is remarkable is the wildcard RR (*. IN A 1.2.3.4). This matches all top level domains (note that wildcards only go one level deep). In order to get more insight of the stuff you are trying to do here, I would need the nsd.conf and root.zone files. Best regards, Matthijs dny wrote:> hi, > > i'm using nsd3 from debian lenny repo and all packages are up to date. > > all function almost as i wish with exception for .IN domain names. > > > i have this in /etc/nsd3/root.zone : > $TTL 1D > @ IN SOA @ none. ( 120 1D 10 3W 1W ); > IN NS @ > IN A 1.2.3.4 > * IN A 1.2.3.4 > > so that it should give one single IP for any domain. > most domain works fine. > dig what.ever.domain @ 127.0.0.1 will returns the correct answer, > with one exception for .IN domain: > > # dig whatever.in <http://whatever.in> @127.0.0.1 <http://127.0.0.1> > > ; <<>> DiG 9.5.1-P3 <<>> firm.in <http://firm.in> @127.0.0.1 > <http://127.0.0.1> > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63457 > ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; WARNING: recursion requested but not available > > ;; QUESTION SECTION: > ;firm.in <http://firm.in>. IN A > > ;; AUTHORITY SECTION: > . 86400 IN SOA . none. 120 86400 10 > 1814400 604800 > > ;; Query time: 0 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Thu Apr 22 20:35:25 2010 > ;; MSG SIZE rcvd: 63 > > > > what's wrong? > > tnx. > > > rgds.dennyhalim.com <http://rgds.dennyhalim.com> > kiddysurf.blogspot.com <http://kiddysurf.blogspot.com> | > indosearch.blogspot.com <http://indosearch.blogspot.com> | > polaris.blogspot.com <http://polaris.blogspot.com> | www.mypolaris.com > <http://www.mypolaris.com> | www.host-jet.com <http://www.host-jet.com> > > ... they look but do not see and hear but do not listen or understand. > Mat 13:13 > ... but that which cometh out of the mouth, this defileth a man. Mat 15:11 > > > > ------------------------------------------------------------------------ > > _______________________________________________ > nsd-users mailing list > nsd-users at NLnetLabs.nl > http://open.nlnetlabs.nl/mailman/listinfo/nsd-users-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBAgAGBQJL0FVkAAoJEA8yVCPsQCW5UigH/0wlUA60h3DCg0Eu5VT0EJ7+ MHUAXVo3Xb8HeT4z4qRTnv3vbtJD361fekmL9ZwzpupRk1sdJkbK+UQOo48fKrLi XqjA5anQJRjaXFs7ZDxIpNmV3mm4tH35cH09sYB4+FurxfRxuVU7WvbGsNP/1QWi pxEiX6hwwhopiSCFEOYrkiZNc9pTT7wALH7oX/Tf3oUkv3nT5kWJ+RGzCnMI7qz4 8YuUSSEGLQBn3dFhyVjXbrirZ8iNHYvt2s5mQwMSwGs9g/lqAsut3jbv0lA8TXXL 1PPZbLdIDtVgB/mJg7igHs2jH8wu1owf3DChX+yT6MJhgU4fQyTbVupQYG/ELDM=uCIa -----END PGP SIGNATURE-----
On Apr 22, 2010, at 3:36 PM, dny wrote:> hi, > > i'm using nsd3 from debian lenny repo and all packages are up to date. > > all function almost as i wish with exception for .IN domain names.Could it be that somewhere class "IN" is interpreted as the top level domain "IN" ? For instance:> i have this in /etc/nsd3/root.zone : > $TTL 1D > @ IN SOA @ none. ( 120 1D 10 3W 1W ); > IN NS @ > IN A 1.2.3.4 > * IN A 1.2.3.4If in the above root.zone the CLASS "IN" is specified with no indentation, (i.e. no whitespace before IN) it would be interpreted as the name IN. Check the 4th line above and see if the line starts with a whitespace. Roy
hi Roy, sent you the file. did you get it? rgds.dennyhalim.com kiddysurf.blogspot.com | indosearch.blogspot.com | polaris.blogspot.com | www.mypolaris.com | www.host-jet.com ... they look but do not see and hear but do not listen or understand. Mat 13:13 ... but that which cometh out of the mouth, this defileth a man. Mat 15:11 On Thu, Apr 29, 2010 at 8:22 PM, dny <mail2dny at gmail.com> wrote:> file attached. > > > > rgds.dennyhalim.com > kiddysurf.blogspot.com | indosearch.blogspot.com | polaris.blogspot.com | > www.mypolaris.com | www.host-jet.com > > ... they look but do not see and hear but do not listen or understand. Mat > 13:13 > ... but that which cometh out of the mouth, this defileth a man. Mat > 15:11 > > > > > On Thu, Apr 29, 2010 at 3:20 PM, Roy Arends <roy at dnss.ec> wrote: > >> On Apr 29, 2010, at 5:47 AM, dny wrote: >> >> > sorry been away few days... >> > >> > i'm setup domain parking which should give one single ip to >> whatever.domain.is >> > and it seems to me it works ok, until i registered .IN domain name. >> > >> > so, i only have one .zone file. nothing else. >> > >> > for all domain i had, it works ok. >> > >> > afaik, only .IN domain failed. >> >> DNY, could you gzip that .zone file and send it to me? I'll check it >> off-list. Please no copy and paste, just the file. >> >> Roy >> >> >> >> > >> > >> > dig asd.in @127.0.0.1 >> > >> > ; <<>> DiG 9.5.1-P3 <<>> asd.in @127.0.0.1 >> > ;; global options: printcmd >> > ;; Got answer: >> > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16341 >> > ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 >> > ;; WARNING: recursion requested but not available >> > >> > ;; QUESTION SECTION: >> > ;asd.in. IN A >> > >> > ;; AUTHORITY SECTION: >> > . 86400 IN SOA . none. 120 86400 10 >> 1814400 604800 >> > >> > ;; Query time: 0 msec >> > ;; SERVER: 127.0.0.1#53(127.0.0.1) >> > ;; WHEN: Thu Apr 29 10:43:36 2010 >> > ;; MSG SIZE rcvd: 62 >> > >> > >> > >> > rgds.dennyhalim.com >> > kiddysurf.blogspot.com | indosearch.blogspot.com | polaris.blogspot.com| >> www.mypolaris.com | www.host-jet.com >> > >> > ... they look but do not see and hear but do not listen or understand. >> Mat 13:13 >> > ... but that which cometh out of the mouth, this defileth a man. Mat >> 15:11 >> > >> > >> > >> > >> > On Fri, Apr 23, 2010 at 4:39 PM, Ond?ej Sur? <ondrej at sury.org> wrote: >> > >> i have this in /etc/nsd3/root.zone : >> > >> $TTL 1D >> > >> @ IN SOA @ none. ( 120 1D 10 3W 1W ); >> > >> IN NS @ >> > >> IN A 1.2.3.4 >> > >> * IN A 1.2.3.4 >> > > >> > > If in the above root.zone the CLASS "IN" is specified with no >> indentation, (i.e. no whitespace before IN) it would be interpreted as the >> name IN. >> > >> > Or you can try: >> > >> > < /etc/nsd3/root.zone ldns-read-zone -c > /etc/nsd3/canonical-root.zone >> > >> > and check canonical-root.zone if it's correct and use it instead of >> > your root.zone file. >> > >> > -- >> > ?Ond?ej Sur? <ondrej at sury.org> >> > http://blog.rfc1925.org/ >> > >> > _______________________________________________ >> > nsd-users mailing list >> > nsd-users at NLnetLabs.nl >> > http://open.nlnetlabs.nl/mailman/listinfo/nsd-users >> >> >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20100501/ca93ee12/attachment.htm>