I am having an issue where I have 4 DNS servers ( Suse 11 ) 1 Primary and 3 secondaries running. We are having an issue where the servers are not talking to the internic. The initial master server was a AIX server that we are trying to decommission but it seems that there are some connections still to that server. I removed the AIX server from the names server list that I have with in the Linux servers. I removed the AIX server ip address from the name server list and basic options with in the DNS Gui. I have removed the AIX ip address from the forwarder.conf file just to be safe. I am not sure why I stop the NAMED service on the AIX server that my Linux DNS servers lost communication to the internet. I also am having a really odd behavior where I remove the forwarder line and servers from the basic option on the primary server ( Linux ) but when I restart DNS it is recreated in the named.conf file and in the gui.
[QUOTE=ehernandez0619;17844]I am having an issue where I have 4 DNS servers ( Suse 11 ) 1 Primary and 3 secondaries running. We are having an issue where the servers are not talking to the internic. The initial master server was a AIX server that we are trying to decommission but it seems that there are some connections still to that server. I removed the AIX server from the names server list that I have with in the Linux servers. I removed the AIX server ip address from the name server list and basic options with in the DNS Gui. I have removed the AIX ip address from the forwarder.conf file just to be safe. I am not sure why I stop the NAMED service on the AIX server that my Linux DNS servers lost communication to the internet. I also am having a really odd behavior where I remove the forwarder line and servers from the basic option on the primary server ( Linux ) but when I restart DNS it is recreated in the named.conf file and in the gui.
I need some help.
Thanks[/QUOTE]
seems you’re seeing two issues:
1 - your forwarding setup seems to be in trouble
2 - configuration changes get overwritten automatically
Let’s start with #2 - “but when I restart DNS it is recreated in the named.conf file”: Which named.conf file are you looking at? The “master file” (in terms of where changes go, not in terms of “DNS zone master” ) is in /etc/named.conf and there are some included files as well. If you’re running named in a chroot jail, these files get copied over to /var/lib/named, so if you’re looking at (and/or changing) the latter, then of course things get overwritten on each service (re)start…
Concerning #1, DNS forwarding to the Internet:I see a few possible causes, but of course everything is guesswork without proper details ;). Assuming that you have set up your DNS services (SLES 1 - 4) properly, my best guess would be that your new SLES DNS master has a different IP address than the AIX machine (especially since it sounds as if that AIX is still online) and that your Internet connection is secured by a firewall - have you made sure that the DNS packets from your SLES master may traverse the firewall to the Internet and the responses are coming through, too?
Depending on your level of expertise in the DNS area and the way your firewall is set up, there are a number of things to check in the SLES named configuration:
is there an external (or better, DMZ) DNS server (or a set of servers) your master named should forward to? Is/are that server’s address in the SLES named config as the forwarder(s) address?
if not all 4 SLES DNS servers are to access the Internet directly - do the “other” SLES DNS servers (those not permitted to forward directly) have “forward only” in their config?
you mentioned “I removed the AIX server ip address from the name server list […] with in the DNS Gui”. Let’s keep things straight to DNS server level and look at the client lib at a later time: Please use only nslookup or dig to verify name server operation.
My recommendation would be to set up (and look at) only that server first, which is to forward DNS queries to the Internet. Don’t use “host” for lookups, but direct DNS tools, like “dig” or “nslookup”. Use named debug modes (esp. query trace) to see how that name server responds to the query, where it is forwarding the queries and to check if responses are received.
If you sum up your DNS concept and list the according named.conf sections, I’m happy to further assist with the setup.
) is in /etc/named.conf and there are some included files as well. If you’re running named in a chroot jail, these files get copied over to /var/lib/named, so if you’re looking at (and/or changing) the latter, then of course things get overwritten on each service (re)start…