[SOLVED] dig does not return anything

Ask questions about your setup or get help installing ZCS server (ZD section below).
martinezjr
Posts: 29
Joined: Sat Sep 13, 2014 12:23 am

[SOLVED] dig does not return anything

Post by martinezjr »

I am having a problem with my DNS. I followed the instructions with the splitDNS, but I get nothing with dig. What can I do?


[martinezjr@bcldap ~]$ cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

10.100.177.205 bcldap.hcjbc.org bcldap




[martinezjr@bcldap ~]$ cat /etc/resolv.conf

# Generated by NetworkManager

nameserver 10.100.177.205

nameserver 10.100.177.5

I just saw the REFUSED:



[martinezjr@bcldap ~]$ dig hcjbc.org mx
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> hcjbc.org mx

;; global options: +cmd

;; Got answer:

;; ->>HEADER<
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; WARNING: recursion requested but not available
;; QUESTION SECTION:

;hcjbc.org. IN MX
;; Query time: 3 msec

;; SERVER: 10.100.177.205#53(10.100.177.205)

;; WHEN: Sat Jan 30 13:58:12 2010

;; MSG SIZE rcvd: 27




[martinezjr@bcldap ~]$ dig hcjbc.org any
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> hcjbc.org any

;; global options: +cmd

;; Got answer:

;; ->>HEADER<
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; WARNING: recursion requested but not available
;; QUESTION SECTION:

;hcjbc.org. IN ANY
;; Query time: 2 msec

;; SERVER: 10.100.177.205#53(10.100.177.205)

;; WHEN: Sat Jan 30 13:58:15 2010

;; MSG SIZE rcvd: 27





[martinezjr@bcldap ~]$ host `hostname`

bcldap.hcjbc.org has address 10.100.177.205





[martinezjr@bcldap ~]$ host -v bcldap.hcjbc.org

Trying "bcldap.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;bcldap.hcjbc.org. IN A
;; ANSWER SECTION:

bcldap.hcjbc.org. 0 IN A 10.100.177.205
Received 50 bytes from 10.100.177.5#53 in 2 ms

Trying "bcldap.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;bcldap.hcjbc.org. IN AAAA
Received 34 bytes from 10.100.177.5#53 in 91 ms

Trying "bcldap.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;bcldap.hcjbc.org. IN MX
Received 34 bytes from 10.100.177.5#53 in 570 ms

[martinezjr@bcldap ~]$
ArcaneMagus
Elite member
Elite member
Posts: 1138
Joined: Fri Sep 12, 2014 10:25 pm

[SOLVED] dig does not return anything

Post by ArcaneMagus »

You have two DNS servers listed in your resolv.conf, I'm guessing that 10.100.177.5 is your company DNS server while 10.100.177.205 is the Zimbra server address. You need to remove the 10.100.177.5 line. On to the next problem that you are seeing...
10.100.177.205 is refusing the recursive request for hcjbc.org, this means that it didn't have a record for hcjbc.org setup so it tried to do a recursive query but it was denied by configuration.
You need to verify that the server has it's domain configured correctly on it's internal DNS server, and that if it can't find a record it is able to do a recursive query to your company DNS server.
martinezjr
Posts: 29
Joined: Sat Sep 13, 2014 12:23 am

[SOLVED] dig does not return anything

Post by martinezjr »

[quote user="ArcaneMagus"]You have two DNS servers listed in your resolv.conf, I'm guessing that 10.100.177.5 is your company DNS server [/quote] actually the internal address of the firewall [quote user="ArcaneMagus"]while 10.100.177.205 is the Zimbra server address [/quote] actual internal DNS server that I am trying to set up for the whole network.
[quote user="ArcaneMagus"]10.100.177.205 is refusing the recursive request for hcjbc.org, this means that it didn't have a record for hcjbc.org setup so it tried to do a recursive query but it was denied by configuration.
You need to verify that the server has it's domain configured correctly on it's internal DNS server, and that if it can't find a record it is able to do a recursive query to your company DNS server.[/QUOTE]

A record for the domain? How to I do that on Fedora 11 with BIND9?
martinezjr
Posts: 29
Joined: Sat Sep 13, 2014 12:23 am

[SOLVED] dig does not return anything

Post by martinezjr »

OK, I got it. I changed "Allow queries from:10.100.177.200;" to "10.100.177.200;any;", but I am not getting my mx record to show up.
Any hints?
ArcaneMagus
Elite member
Elite member
Posts: 1138
Joined: Fri Sep 12, 2014 10:25 pm

[SOLVED] dig does not return anything

Post by ArcaneMagus »

Could you post the output from a dig command again?
And by record I was talking about a zone configuration file, something like this:

$TTL 2D

@ IN SOA ns1.domain.com. admin.domain.com. (

2010020200 ; serial

3H ; refresh

1H ; retry

1W ; expiry

1D ) ; minimum
domain.com. IN NS ns1.domain.com.

domain.com. IN NS ns2.domain.com.

domain.com. IN MX 0 mail.domain.com.

domain.com. IN TXT "v=spf1 mx ~all"

_xmpp-server._tcp IN SRV 10 100 5269 mail.domain.com.

_xmpp-client._tcp IN SRV 10 100 5222 mail.domain.com.

domain.com. IN A 192.168.1.4

ns1 IN A 192.168.1.2

ns2 IN A 192.168.1.3

www IN A 192.168.1.4

mail IN A 192.168.1.6
martinezjr
Posts: 29
Joined: Sat Sep 13, 2014 12:23 am

[SOLVED] dig does not return anything

Post by martinezjr »

Ok, As soon I get to work I will post the results.
martinezjr
Posts: 29
Joined: Sat Sep 13, 2014 12:23 am

[SOLVED] dig does not return anything

Post by martinezjr »

Sorry about the delay. I had another computer lose its mind.

Oh, and this is internal only. No external access. It's hard to explain. Long story short, I need to give an alternative to M$ Exchange. And its behind two nat'd firewalls, both with dynamic ip's.
Here is the most recent results


[martinezjr@bcmailbox ~]$ dig mx hcjbc.org
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> mx hcjbc.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;hcjbc.org. IN MX
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
;; Query time: 2 msec

;; SERVER: 10.100.177.205#53(10.100.177.205)

;; WHEN: Wed Feb 3 18:24:08 2010

;; MSG SIZE rcvd: 95





[martinezjr@bcmailbox ~]$ dig any hcjbc.org

;; Truncated, retrying in TCP mode.
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> any hcjbc.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 12, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:

;hcjbc.org. IN ANY
;; ANSWER SECTION:

hcjbc.org. 38400 IN RRSIG SOA 3 2 38400 20100304045837 20100202045837 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=

hcjbc.org. 38400 IN RRSIG NS 3 2 38400 20100304014145 20100202014145 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=

hcjbc.org. 38400 IN NSEC 10.100.177.200.hcjbc.org. NS SOA RRSIG NSEC DNSKEY

hcjbc.org. 38400 IN RRSIG NSEC 3 2 38400 20100301180544 20100130180544 59949 hcjbc.org. C!@(*&$^!*&@^(*&!@#=

hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 58505 hcjbc.org. CDP/m!@(*&$^!*&@^(*&!@#=

hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 59949 hcjbc.org. !@(*&$^!*&@^(*&!@#=

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400

hcjbc.org. 38400 IN NS 10.100.177.200.

hcjbc.org. 38400 IN NS 10.100.177.205.

hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.

hcjbc.org. 38400 IN DNSKEY 256 3 3 !@(*&$^!*&@^(*&!@#

hcjbc.org. 38400 IN DNSKEY 257 3 3 !@(*&$^!*&@^(*&!@#
;; Query time: 9 msec

;; SERVER: 10.100.177.205#53(10.100.177.205)

;; WHEN: Wed Feb 3 18:24:14 2010

;; MSG SIZE rcvd: 1477





[martinezjr@bcmailbox ~]$ ping bcldap

PING bcldap.hcjbc.org (10.100.177.205) 56(84) bytes of data.

64 bytes from 10.100.177.205: icmp_seq=1 ttl=64 time=0.221 ms

64 bytes from 10.100.177.205: icmp_seq=2 ttl=64 time=0.445 ms

64 bytes from 10.100.177.205: icmp_seq=3 ttl=64 time=0.288 ms

^Z

[1]+ Stopped ping bcldap

[martinezjr@bcmailbox ~]$ ping bcldap.hcjbc.org

PING bcldap.hcjbc.org (10.100.177.205) 56(84) bytes of data.

64 bytes from 10.100.177.205: icmp_seq=1 ttl=64 time=0.264 ms

64 bytes from 10.100.177.205: icmp_seq=2 ttl=64 time=0.244 ms

64 bytes from 10.100.177.205: icmp_seq=3 ttl=64 time=0.235 ms

64 bytes from 10.100.177.205: icmp_seq=4 ttl=64 time=0.254 ms

^Z

[2]+ Stopped ping bcldap.hcjbc.org





[martinezjr@bcmailbox ~]$ cat '/etc/hosts'

127.0.0.1 localhost.localdomain localhost

10.100.177.200 bcmailbox.hcjbc.org bcmailbox





[martinezjr@bcmailbox ~]$ host `hostname`

bcmailbox.hcjbc.org has address 10.100.177.200

bcmailbox.hcjbc.org mail is handled by 1 10.100.177.200.hcjbc.org.





[martinezjr@bcmailbox ~]$ cat /etc/resolv.conf

# Generated by NetworkManager

nameserver 10.100.177.205

nameserver 10.100.177.200





[martinezjr@bcmailbox ~]$ host -v bcldap.hcjbc.org

Trying "bcldap.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION SECTION:

;bcldap.hcjbc.org. IN A
;; ANSWER SECTION:

bcldap.hcjbc.org. 38400 IN A 10.100.177.205
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN NS 10.100.177.200.

hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.

hcjbc.org. 38400 IN NS 10.100.177.205.
Received 133 bytes from 10.100.177.205#53 in 3 ms

Trying "bcldap.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;bcldap.hcjbc.org. IN AAAA
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
Received 102 bytes from 10.100.177.205#53 in 1 ms

Trying "bcldap.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;bcldap.hcjbc.org. IN MX
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
Received 102 bytes from 10.100.177.205#53 in 1 ms





[martinezjr@bcmailbox ~]$ host -v bcmailbox.hcjbc.org

Trying "bcmailbox.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION SECTION:

;bcmailbox.hcjbc.org. IN A
;; ANSWER SECTION:

bcmailbox.hcjbc.org. 38400 IN A 10.100.177.200
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.

hcjbc.org. 38400 IN NS 10.100.177.205.

hcjbc.org. 38400 IN NS 10.100.177.200.
Received 136 bytes from 10.100.177.205#53 in 2 ms

Trying "bcmailbox.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;bcmailbox.hcjbc.org. IN AAAA
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org.hcjbc.org. hcjbc.yahoo.com. 1264874187 10800 3600 604800 38400
Received 105 bytes from 10.100.177.205#53 in 3 ms

Trying "bcmailbox.hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 0
;; QUESTION SECTION:

;bcmailbox.hcjbc.org. IN MX
;; ANSWER SECTION:

bcmailbox.hcjbc.org. 380000 IN MX 1 10.100.177.200.hcjbc.org.
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN NS 10.100.177.5.hcjbc.org.

hcjbc.org. 38400 IN NS 10.100.177.205.

hcjbc.org. 38400 IN NS 10.100.177.200.
Received 151 bytes from 10.100.177.205#53 in 2 ms


and the zone file (the keys have been changed to protect the innocent)



$ttl 38400

hcjbc.org. IN SOA bcldap.hcjbc.org hcjbc.yahoo.com. (

1264874188

10800

3600

604800

38400 )

hcjbc.org. IN NS 10.100.177.205.

hcjbc.org. IN NS 10.100.177.200.

hcjbc.org. IN DNSKEY 257 3 3 !@!@#$&^()*!&@)(*^)(*&!@#^$

hcjbc.org. IN DNSKEY 256 3 3 !@!@#$&^()*!&@)(*^)(*&!@#^$

bcmailbox.hcjbc.org. 380000 IN MX 10 10.100.177.200

bcmta.hcjbc.org. 380000 IN MX 1 10.100.177.210

bcldap.hcjbc.org. IN A 10.100.177.205

10.100.177.205.hcjbc.org. IN PTR bcldap.hcjbc.org

bcmailbox.hcjbc.org. IN A 10.100.177.200

bcmta.hcjbc.org. IN A 10.100.177.210

10.100.177.200.hcjbc.org. IN PTR bcmailbox.hcjbc.org

10.100.177.210.hcjbc.org. IN PTR bcmta.hcjbc.org

hcjbc.org. IN NS 10.100.177.5

hcjbc.org. 38400 IN RRSIG SOA 3 2 38400 20100304045837 20100202045837 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

hcjbc.org. 38400 IN RRSIG NS 3 2 38400 20100304014145 20100202014145 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

hcjbc.org. 38400 IN NSEC 10.100.177.200.hcjbc.org. NS SOA RRSIG NSEC DNSKEY

hcjbc.org. 38400 IN RRSIG NSEC 3 2 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 58505 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

hcjbc.org. 38400 IN RRSIG DNSKEY 3 2 38400 20100301165617 20100130165617 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

10.100.177.200.hcjbc.org. 38400 IN RRSIG PTR 3 6 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

10.100.177.200.hcjbc.org. 38400 IN NSEC 10.100.177.205.hcjbc.org. PTR RRSIG NSEC

10.100.177.200.hcjbc.org. 38400 IN RRSIG NSEC 3 6 38400 20100301180544 20100130180544 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

10.100.177.210.hcjbc.org. 38400 IN RRSIG PTR 3 6 38400 20100301180647 20100130180647 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

10.100.177.210.hcjbc.org. 38400 IN NSEC bcldap.hcjbc.org. PTR RRSIG NSEC

10.100.177.210.hcjbc.org. 38400 IN RRSIG NSEC 3 6 38400 20100304014145 20100202014145 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

10.100.177.205.hcjbc.org. 38400 IN RRSIG PTR 3 6 38400 20100301170513 20100130170513 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

10.100.177.205.hcjbc.org. 38400 IN NSEC 10.100.177.210.hcjbc.org. PTR RRSIG NSEC

10.100.177.205.hcjbc.org. 38400 IN RRSIG NSEC 3 6 38400 20100301180647 20100130180647 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

bcldap.hcjbc.org. 38400 IN RRSIG A 3 3 38400 20100301170039 20100130170039 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$U=

bcldap.hcjbc.org. 38400 IN NSEC bcmailbox.hcjbc.org. A RRSIG NSEC

bcldap.hcjbc.org. 38400 IN RRSIG NSEC 3 3 38400 20100301170039 20100130170039 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$k=

bcmailbox.hcjbc.org. 38400 IN RRSIG A 3 3 38400 20100301180130 20100130180130 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

bcmailbox.hcjbc.org. 380000 IN RRSIG MX 3 3 380000 20100304021217 20100202021217 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

bcmailbox.hcjbc.org. 38400 IN NSEC bcmta.hcjbc.org. A MX RRSIG NSEC

bcmailbox.hcjbc.org. 38400 IN RRSIG NSEC 3 3 38400 20100301180130 20100130180130 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

bcmta.hcjbc.org. 38400 IN RRSIG A 3 3 38400 20100301180238 20100130180238 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=

bcmta.hcjbc.org. 380000 IN RRSIG MX 3 3 380000 20100304021301 20100202021301 59949 hcjbc.org. C!@!@#$&^()*!&@)(*^)(*&!@#^$=

bcmta.hcjbc.org. 38400 IN NSEC hcjbc.org. A MX RRSIG NSEC

bcmta.hcjbc.org. 38400 IN RRSIG NSEC 3 3 38400 20100301180238 20100130180238 59949 hcjbc.org. !@!@#$&^()*!&@)(*^)(*&!@#^$=
phoenix
Ambassador
Ambassador
Posts: 27272
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

[SOLVED] dig does not return anything

Post by phoenix »

The problem would appear to be the fact you have two DNS server and one of them does not have DNS records for your domain You can see the server it's using in the following response:
;; Query time: 9 msec

;; SERVER: 10.100.177.205#53(10.100.177.205)

;; WHEN: Wed Feb 3 18:24:14 2010

;; MSG SIZE rcvd: 1477

You should only have one DNS server (at 10.100.177.200) in your hosts file and that should be the one on your Zimbra server, you can check the records with the following:
dig @10.100.177.200 hcjbc.org mx

dig @10.100.177.200 hcjbc.org anyIf that returns valid records then you should remove the second DNS server (10.100.177.205) from your resolv.conf file.
Can you also update your forum profile with the output of the following command (do not post it in this thread):



zmcontrol -v
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
ArcaneMagus
Elite member
Elite member
Posts: 1138
Joined: Fri Sep 12, 2014 10:25 pm

[SOLVED] dig does not return anything

Post by ArcaneMagus »

Are you trying to setup the Zimbra server to be it's own DNS server, with recursive queries going out to the 10.100.177.205 one? Or are you trying to setup the Zimbra server to use the 10.100.177.205 server as it's only DNS server and have that server work for all internal queries?
Also just as a note:

In your record file you are missing the "." at the end of the primary DNS server part of the SOA, that is why it is returning "bcldap.hcjbc.org.hcjbc.org." rather then "bcldap.hcjbc.org.". Also you currently have your MX records setup for the servers FQDN. This is fine if your email addresses will be in the form of user@bcmailbox.hcjbc.org, however it is a problem if you are trying to do addresses like user@hcjbc.org. If you want addresses like that you need to set the MX record on just hcjbc.org, not bcmailbox.hcjbc.org. So the lines would look like this (if you are going with the internal dns server not split dns):

hcjbc.org. 380000 IN MX 10 10.100.177.200

hcjbc.org. 380000 IN MX 1 10.100.177.210

With how it is currently setup you have 1 MX record for addresses like user@bcmta.hcjbc.org. that has a priority of 1 (out of the 1 record), and then you have another record for addresses like user@bcmailbox.hcjbc.org. that has a priority of 10 (out of the 1 record). Addresses like user@hcjbc.org have no MX record associated with them right now.
Also your PTR records that you have in there are useless and will never be used unless you manually query for them. The proper way to do PTR records would be to create another zone file for the 177.100.10.in-addr.arpa zone. It should look something like the following:

$TTL 2D

@ IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. (

2009091300 ; serial

3H ; refresh

1H ; retry

1W ; expiry

1D ) ; minimum
IN NS bcldap.hcjbc.org.

200 IN PTR bcmailbox.hcjbc.org.

205 IN PTR bcldap.hcjbc.org.

210 IN PTR bcmta.hcjbc.org.
You also have your firewall (10.100.177.5) in there as an authoritative NS for your domain... is that meant to be there?
martinezjr
Posts: 29
Joined: Sat Sep 13, 2014 12:23 am

[SOLVED] dig does not return anything

Post by martinezjr »

[quote user="ArcaneMagus"]Are you trying to setup the Zimbra server to be it's own DNS server, with recursive queries going out to the 10.100.177.205 one? Or are you trying to setup the Zimbra server to use the 10.100.177.205 server as it's only DNS server and have that server work for all internal queries?

[/quote]

I have split Zimbra into different servers as I only have low end desktops:

3 Dell GX240's

-each

--1.6G CPU

--1.2G RAM

--Fedora11

-1 with ldap and BIND9 as DNS master (bcldap)

-1 with store, logger, snmp, apache and BIND9 DNS slave (bcmailbox)

-1 with mta (bcmta)


[quote]

Also just as a note:

In your record file you are missing the "." at the end of the primary DNS server part of the SOA, that is why it is returning "bcldap.hcjbc.org.hcjbc.org." rather then "bcldap.hcjbc.org.".

[/quote]

ok done
[quote]

Also you currently have your MX records setup for the servers FQDN. This is fine if your email addresses will be in the form of user@bcmailbox.hcjbc.org, however it is a problem if you are trying to do addresses like user@hcjbc.org. If you want addresses like that you need to set the MX record on just hcjbc.org, not bcmailbox.hcjbc.org. So the lines would look like this (if you are going with the internal dns server not split dns):

hcjbc.org. 380000 IN MX 10 10.100.177.200

hcjbc.org. 380000 IN MX 1 10.100.177.210

With how it is currently setup you have 1 MX record for addresses like user@bcmta.hcjbc.org. that has a priority of 1 (out of the 1 record), and then you have another record for addresses like user@bcmailbox.hcjbc.org. that has a priority of 10 (out of the 1 record). Addresses like user@hcjbc.org have no MX record associated with them right now.

[/quote]

Done

[quote]

Also your PTR records that you have in there are useless and will never be used unless you manually query for them. The proper way to do PTR records would be to create another zone file for the 177.100.10.in-addr.arpa zone. It should look something like the following:

$TTL 2D

@ IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. (

2009091300 ; serial

3H ; refresh

1H ; retry

1W ; expiry

1D ) ; minimum
IN NS bcldap.hcjbc.org.

200 IN PTR bcmailbox.hcjbc.org.

205 IN PTR bcldap.hcjbc.org.

210 IN PTR bcmta.hcjbc.org.

[/quote]

You lost me on this section. I do not remember setting up PTR records.
[quote]

You also have your firewall (10.100.177.5) in there as an authoritative NS for your domain... is that meant to be there?[/QUOTE]

For some reason, if I do not have this as one of the ns, I will not have external access from the machines. I use IPCop as my router/firewall/proxy/urlfilter/dhcp/ntp server. I disabled the DHCP, and now I can access the internet. I will be changing bcldap to bcdc as it will have to be the DHCP and DNS and NTP server now. And making a new bcldap.
I can now get dig to respond for my mx records.


[martinezjr@bcldap ~]$ host -v hcjbc.org

Trying "hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;hcjbc.org. IN A
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. 1264874199 10800 3600 604800 38400
Received 85 bytes from 10.100.177.205#53 in 8 ms

Trying "hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:

;hcjbc.org. IN AAAA
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN SOA bcldap.hcjbc.org. hcjbc.yahoo.com. 1264874199 10800 3600 604800 38400
Received 85 bytes from 10.100.177.205#53 in 1 ms

Trying "hcjbc.org"

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:

;hcjbc.org. IN MX
;; ANSWER SECTION:

hcjbc.org. 380000 IN MX 10 10.100.177.200.hcjbc.org.
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN NS 10.100.177.205.

hcjbc.org. 38400 IN NS 10.100.177.200.
Received 114 bytes from 10.100.177.205#53 in 1 ms
[martinezjr@bcldap ~]$ dig mx hcjbc.org
; <<>> DiG 9.6.1-P3-RedHat-9.6.1-9.P3.fc11 <<>> mx hcjbc.org

;; global options: +cmd

;; Got answer:

;; ->>HEADER<
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:

;hcjbc.org. IN MX
;; ANSWER SECTION:

hcjbc.org. 380000 IN MX 10 10.100.177.200.hcjbc.org.
;; AUTHORITY SECTION:

hcjbc.org. 38400 IN NS 10.100.177.200.

hcjbc.org. 38400 IN NS 10.100.177.205.
;; Query time: 2 msec

;; SERVER: 10.100.177.205#53(10.100.177.205)

;; WHEN: Fri Feb 5 18:23:08 2010

;; MSG SIZE rcvd: 114
[martinezjr@bcldap ~]$
Post Reply