Named problem when changing external ip
by Maico from LinuxQuestions.org on (#5GBQ2)
Hello I am new here so take into account = D.
I have a server where a dns was running, but I had to change his extended ip to a new one but even changing ns1 he doesn't find it in dig and nslookup.
What I did was change the ip that was on the go-ch.com.zone for my new ip, I did the release of port 53 of the dns, and even then it is giving the error SERVFAIL, and no and it does not update the domain for the new ip.
CentOS release 5.5
Below is the configuration of the files.
/etc/named.conf
=================================================================
options {
#recursion no;
allow-query { any; };
allow-recursion { clientes; };
#additional-from-auth no;
#additional-from-cache no;
directory "/var/named/";
# pid-file "/var/run/named/named.pid";
# statistics-file "/var/run/named/named.stats";
# dump-file "/var/run/named/named.db";
# transfer-format many-answers;
#hide our "real" version number
version "[secured]";
forwarders {
1.1.1.1;
8.8.8.8;
208.67.222.222;
};
forward only;
#ssec-enable no;
};
# Use with the following in named.conf, adjusting the allow list as needed:
key "server" {
algorithm HMAC-MD5;
secret "";
};
#controls {
# inet 127.0.0.1 port 953
# allow-update { key server; };
#};
# The root nameservers
zone "." in {
type hint;
file "db.cache";
};
# localhost - forward zone
zone "localhost" in {
type master;
file "db.localhost";
notify yes;
};
# localhost - inverse zone
zone "0.0.127.in-addr.arpa" in {
type master;
file "db.127.0.0.0";
notify no;
};
zone "go-ch.com" in {
type master;
file "go-ch.com.zone";
allow-update { key server; };
notify yes;
};
logging{
channel log_dns {
file "dns.log" versions 6 size 10m;
severity notice; #(critical | error | warning | notice | info | debug [ level ] | dynamic )
print-time yes;
print-severity yes;
print-category yes;
};
channel log_queries {
file "/var/named/queries.log" versions 6 size 10m;
severity warning; #(critical | error | warning | notice | info | debug [ level ] | dynamic )
print-time yes;
print-severity yes;
print-category yes;
};
category default{ log_dns; };
category queries { log_queries; };
};
acl clientes {
localhost;
10.10.10.0/24;
10.9.9.0/24;
};
====================================================
go-ch.com.zone
$ORIGIN .
$TTL 86400; 1 day
go-ch.com.IN SOAns1.go-ch.com. ddns.go-ch.com. (
2015691841 ; serial
7200 ; refresh (2 hours)
300 ; retry (5 minutes)
604800 ; expire (1 week)
60 ; minimum (1 minute)
)
NSns1.go-ch.com.
NSns2.go-ch.com.
$ORIGIN go-ch.com.
$TTL 300; 5 minutes
ns1 A 187.xxx.xxx.xxx
========================================================
result of dig
[root@ServidorDNS named]# dig ns1.go-ch.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> ns1.go-ch.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3736
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.go-ch.com. IN A
;; Query time: 2067 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Apr 8 15:28:47 2021
;; MSG SIZE rcvd: 31
I have a server where a dns was running, but I had to change his extended ip to a new one but even changing ns1 he doesn't find it in dig and nslookup.
What I did was change the ip that was on the go-ch.com.zone for my new ip, I did the release of port 53 of the dns, and even then it is giving the error SERVFAIL, and no and it does not update the domain for the new ip.
CentOS release 5.5
Below is the configuration of the files.
/etc/named.conf
=================================================================
options {
#recursion no;
allow-query { any; };
allow-recursion { clientes; };
#additional-from-auth no;
#additional-from-cache no;
directory "/var/named/";
# pid-file "/var/run/named/named.pid";
# statistics-file "/var/run/named/named.stats";
# dump-file "/var/run/named/named.db";
# transfer-format many-answers;
#hide our "real" version number
version "[secured]";
forwarders {
1.1.1.1;
8.8.8.8;
208.67.222.222;
};
forward only;
#ssec-enable no;
};
# Use with the following in named.conf, adjusting the allow list as needed:
key "server" {
algorithm HMAC-MD5;
secret "";
};
#controls {
# inet 127.0.0.1 port 953
# allow-update { key server; };
#};
# The root nameservers
zone "." in {
type hint;
file "db.cache";
};
# localhost - forward zone
zone "localhost" in {
type master;
file "db.localhost";
notify yes;
};
# localhost - inverse zone
zone "0.0.127.in-addr.arpa" in {
type master;
file "db.127.0.0.0";
notify no;
};
zone "go-ch.com" in {
type master;
file "go-ch.com.zone";
allow-update { key server; };
notify yes;
};
logging{
channel log_dns {
file "dns.log" versions 6 size 10m;
severity notice; #(critical | error | warning | notice | info | debug [ level ] | dynamic )
print-time yes;
print-severity yes;
print-category yes;
};
channel log_queries {
file "/var/named/queries.log" versions 6 size 10m;
severity warning; #(critical | error | warning | notice | info | debug [ level ] | dynamic )
print-time yes;
print-severity yes;
print-category yes;
};
category default{ log_dns; };
category queries { log_queries; };
};
acl clientes {
localhost;
10.10.10.0/24;
10.9.9.0/24;
};
====================================================
go-ch.com.zone
$ORIGIN .
$TTL 86400; 1 day
go-ch.com.IN SOAns1.go-ch.com. ddns.go-ch.com. (
2015691841 ; serial
7200 ; refresh (2 hours)
300 ; retry (5 minutes)
604800 ; expire (1 week)
60 ; minimum (1 minute)
)
NSns1.go-ch.com.
NSns2.go-ch.com.
$ORIGIN go-ch.com.
$TTL 300; 5 minutes
ns1 A 187.xxx.xxx.xxx
========================================================
result of dig
[root@ServidorDNS named]# dig ns1.go-ch.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> ns1.go-ch.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3736
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.go-ch.com. IN A
;; Query time: 2067 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Apr 8 15:28:47 2021
;; MSG SIZE rcvd: 31