Forumul Ubuntu România

mircicabondar · #1

Daca dau un test cu comanda dig @188.26.9.xxx www.bondarul.com imi apaare asa:

Cod:

; <<>> DiG 9.8.1-P1 <<>> @188.26.9.xxx www.bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22655
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.bondarul.com.              IN      A

;; ANSWER SECTION:
www.bondarul.com.       10800   IN      CNAME   bondarul.com.
bondarul.com.           10800   IN      A       188.26.9.xxx

;; AUTHORITY SECTION:
bondarul.com.           10800   IN      NS      ns2.bondarul.com.
bondarul.com.           10800   IN      NS      ns1.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com.       10800   IN      A       188.26.9.xxx
ns2.bondarul.com.       10800   IN      A       188.26.9.xxx

;; Query time: 4 msec
;; SERVER: 188.26.9.118#53(188.26.9.118)
;; WHEN: Sun Aug 12 19:46:33 2012
;; MSG SIZE  rcvd: 132

Iar cu dig @188.26.9.xxx -x 192.168.0.13 imi apare asa:

Cod:

; <<>> DiG 9.8.1-P1 <<>> @188.26.9.xxx -x 192.168.0.13
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 47607
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;13.0.168.192.in-addr.arpa.     IN      PTR

;; Query time: 9 msec
;; SERVER: 188.26.9.118#53(188.26.9.xxx)
;; WHEN: Sun Aug 12 19:48:52 2012
;; MSG SIZE  rcvd: 43

Este normala chestia asta? afecteaza intrun fel serverul dns?

Andy · 13 Aug 2012 10:21:12

Rulezi ceva gen dnscache sau tidydns?

mircicabondar · 13 Aug 2012 13:32:37

Andy a scris:
Rulezi ceva gen dnscache sau tidydns?

Nu

Andy · 13 Aug 2012 13:37:34

Poti afisa

Cod:

cat /etc/resolv.conf

si

Cod:

ps aux

mircicabondar · 13 Aug 2012 17:19:41

Andy a scris:
Poti afisa
Cod:
cat /etc/resolv.conf
si
Cod:
ps aux

Resolv.conf:

Cod:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.0.1

ps aux:

Cod:

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0   3376  1840 ?        Ss   16:19   0:00 /sbin/init
root         2  0.0  0.0      0     0 ?        S    16:19   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    16:19   0:00 [ksoftirqd/0]
root         6  0.0  0.0      0     0 ?        S    16:19   0:00 [migration/0]
root         7  0.0  0.0      0     0 ?        S    16:19   0:00 [watchdog/0]
root         8  0.0  0.0      0     0 ?        S    16:19   0:00 [migration/1]
root        10  0.0  0.0      0     0 ?        S    16:19   0:00 [ksoftirqd/1]
root        12  0.0  0.0      0     0 ?        S    16:19   0:00 [watchdog/1]
root        13  0.0  0.0      0     0 ?        S<   16:19   0:00 [cpuset]
root        14  0.0  0.0      0     0 ?        S<   16:19   0:00 [khelper]
root        15  0.0  0.0      0     0 ?        S    16:19   0:00 [kdevtmpfs]
root        16  0.0  0.0      0     0 ?        S<   16:19   0:00 [netns]
root        18  0.0  0.0      0     0 ?        S    16:19   0:00 [sync_supers]
root        19  0.0  0.0      0     0 ?        S    16:19   0:00 [bdi-default]
root        20  0.0  0.0      0     0 ?        S<   16:19   0:00 [kintegrityd]
root        21  0.0  0.0      0     0 ?        S<   16:19   0:00 [kblockd]
root        22  0.0  0.0      0     0 ?        S<   16:19   0:00 [ata_sff]
root        23  0.0  0.0      0     0 ?        S    16:19   0:00 [khubd]
root        24  0.0  0.0      0     0 ?        S<   16:19   0:00 [md]
root        25  0.0  0.0      0     0 ?        S    16:19   0:00 [kworker/1:1]
root        27  0.0  0.0      0     0 ?        S    16:19   0:00 [khungtaskd]
root        28  0.0  0.0      0     0 ?        S    16:19   0:00 [kswapd0]
root        29  0.0  0.0      0     0 ?        SN   16:19   0:00 [ksmd]
root        30  0.0  0.0      0     0 ?        SN   16:19   0:00 [khugepaged]
root        31  0.0  0.0      0     0 ?        S    16:19   0:00 [fsnotify_mark]
root        32  0.0  0.0      0     0 ?        S    16:19   0:00 [ecryptfs-kthrea]
root        33  0.0  0.0      0     0 ?        S<   16:19   0:00 [crypto]
root        41  0.0  0.0      0     0 ?        S<   16:19   0:00 [kthrotld]
root        43  0.0  0.0      0     0 ?        S    16:19   0:00 [scsi_eh_0]
root        44  0.0  0.0      0     0 ?        S    16:19   0:00 [scsi_eh_1]
root        45  0.0  0.0      0     0 ?        S    16:19   0:00 [scsi_eh_2]
root        46  0.0  0.0      0     0 ?        S    16:19   0:00 [scsi_eh_3]
root        47  0.0  0.0      0     0 ?        S    16:19   0:00 [scsi_eh_4]
root        48  0.0  0.0      0     0 ?        S    16:19   0:00 [scsi_eh_5]
root        51  0.0  0.0      0     0 ?        S    16:19   0:00 [kworker/u:5]
root        72  0.0  0.0      0     0 ?        S<   16:19   0:00 [devfreq_wq]
root       243  0.0  0.0      0     0 ?        S<   16:19   0:00 [kdmflush]
root       255  0.0  0.0      0     0 ?        S<   16:19   0:00 [kdmflush]
root       266  0.0  0.0      0     0 ?        S    16:19   0:00 [jbd2/dm-0-8]
root       267  0.0  0.0      0     0 ?        S<   16:19   0:00 [ext4-dio-unwrit]
root       349  0.0  0.0   2816   604 ?        S    16:20   0:00 upstart-udev-bridge --daemon
root       354  0.0  0.0   3080  1336 ?        Ss   16:20   0:00 /sbin/udevd --daemon
root       405  0.0  0.0      0     0 ?        S    16:20   0:00 [irq/47-mei]
root       411  0.0  0.0      0     0 ?        S<   16:20   0:00 [cfg80211]
root       441  0.0  0.0   3040   796 ?        S    16:20   0:00 /sbin/udevd --daemon
root       442  0.0  0.0   3032   856 ?        S    16:20   0:00 /sbin/udevd --daemon
root       476  0.0  0.0      0     0 ?        S<   16:20   0:00 [kpsmoused]
root       586  0.0  0.0   2828   348 ?        S    16:20   0:00 upstart-socket-bridge --daemon
root       601  0.0  0.0      0     0 ?        S<   16:20   0:00 [led_workqueue]
root       603  0.0  0.0   5940  1288 ?        Ss   16:20   0:00 /sbin/wpa_supplicant -s -B -P /var/run/wpa_supplican
root       628  0.0  0.0      0     0 ?        S<   16:20   0:00 [hd-audio0]
syslog     696  0.0  0.0  31044  1332 ?        Sl   16:20   0:00 rsyslogd -c5
102        698  0.0  0.0   3240   656 ?        Ss   16:20   0:00 dbus-daemon --system --fork --activation=upstart
root       709  0.0  0.0      0     0 ?        S    16:20   0:00 [flush-252:0]
root       739  0.0  0.0   2908   412 ?        Ss   16:20   0:00 dhclient3 -e IF_METRIC=100 -pf /var/run/dhclient.wla
root       760  0.0  0.1   6664  2416 ?        Ss   16:20   0:00 /usr/sbin/sshd -D
root       840  0.0  0.0   4612   844 tty4     Ss+  16:20   0:00 /sbin/getty -8 38400 tty4
root       844  0.0  0.0   4612   844 tty5     Ss+  16:20   0:00 /sbin/getty -8 38400 tty5
root       851  0.0  0.0   4612   844 tty2     Ss+  16:20   0:00 /sbin/getty -8 38400 tty2
root       852  0.0  0.0   4612   840 tty3     Ss+  16:20   0:00 /sbin/getty -8 38400 tty3
root       856  0.0  0.0   4612   840 tty6     Ss+  16:20   0:00 /sbin/getty -8 38400 tty6
root       861  0.0  0.0   2600   884 ?        Ss   16:20   0:00 cron
daemon     863  0.0  0.0   2452   348 ?        Ss   16:20   0:00 atd
root       868  0.0  0.0   3584   636 ?        Ss   16:20   0:00 /usr/sbin/irqbalance
root       896  0.0  0.0   3156  1484 tty1     Ss   16:20   0:00 /bin/login --
root       899  0.0  0.1   9632  3100 ?        Ss   16:22   0:00 sshd: server [priv]
server     915  0.0  0.0   9632  1580 ?        R    16:22   0:00 sshd: server@pts/0
server     916  0.0  0.3   9552  5928 pts/0    Ss   16:22   0:00 -bash
root      1014  0.0  0.0   5240  1548 pts/0    S    16:23   0:00 sudo su
root      1015  0.0  0.0   5056  1256 pts/0    S    16:23   0:00 su
root      1016  0.0  0.0   5560  1908 pts/0    S    16:23   0:00 bash
ntp       1493  0.0  0.1   5712  1988 ?        Ss   16:26   0:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 104:111
root      2927  0.0  0.4  38016  9152 ?        Ss   16:33   0:00 /usr/sbin/apache2 -k start
server    4523  0.0  0.3   9580  5952 tty1     S    16:38   0:00 -bash
root      4621  0.0  0.0   5240  1552 tty1     S    16:38   0:00 sudo su
root      4622  0.0  0.0   5056  1256 tty1     S    16:38   0:00 su
root      4623  0.0  0.0   5548  1872 tty1     S+   16:38   0:00 bash
mysql     5684  0.0  1.8 320052 35688 ?        Ssl  16:41   0:01 /usr/sbin/mysqld
www-data  6307  0.0  0.6  44180 11940 ?        S    16:43   0:00 /usr/sbin/apache2 -k start
www-data  6310  0.0  0.4  40920  9192 ?        S    16:43   0:00 /usr/sbin/apache2 -k start
www-data  6312  0.0  0.6  44248 12272 ?        S    16:43   0:00 /usr/sbin/apache2 -k start
www-data  6314  0.0  0.6  44300 12056 ?        S    16:43   0:01 /usr/sbin/apache2 -k start
www-data  6315  0.0  0.6  44056 12148 ?        S    16:43   0:01 /usr/sbin/apache2 -k start
www-data  6316  0.0  0.6  44308 12380 ?        S    16:43   0:00 /usr/sbin/apache2 -k start
root      6318  0.1  0.0      0     0 ?        S    16:44   0:02 [kworker/0:0]
www-data  6319  0.0  0.4  42064  8864 ?        S    16:44   0:00 /usr/sbin/apache2 -k start
www-data  6322  0.0  0.6  44064 12012 ?        S    16:45   0:00 /usr/sbin/apache2 -k start
root      6576  0.0  0.0   4668   988 ?        Ss   16:49   0:00 /usr/sbin/vsftpd
root      6579  0.0  0.0      0     0 ?        S    16:49   0:00 [kworker/u:0]
www-data  6599  0.0  0.2  38056  4884 ?        S    16:53   0:00 /usr/sbin/apache2 -k start
www-data  6628  0.0  0.2  38040  4636 ?        S    16:53   0:00 /usr/sbin/apache2 -k start
root      7224  0.0  0.0      0     0 ?        S    16:55   0:00 [kworker/1:2]
root      7399  0.0  0.0      0     0 ?        S    17:07   0:00 [kworker/0:2]
bind      7446  0.0  0.6  53852 12488 ?        Ssl  17:12   0:00 /usr/sbin/named -u bind
root      7480  0.0  0.0      0     0 ?        S    17:14   0:00 [kworker/0:1]
root      7492  0.0  0.0   4924  1164 pts/0    R+   17:18   0:00 ps aux

Andy · 13 Aug 2012 17:32:04

Ok,

Cod:

flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

"A DNS server that's only authoritative must send back an answer with the RA bit clear. Similarly the RD bit must be copied from the request to the response. If the server fails to copy the RD bit you won't see that warning"

Cand am intrebat daca ai tinydns sau dnscache, eram curios sa vad daca asa ceva ruleaza NU pe

Cod:

nameserver 192.168.0.1

ci la celalalt capat.

Daca dai

Cod:

dig @127.0.0.1 IP/domeniu

sau chiar fara IP

Cod:

dig domeniu

veti primi un rapuns de la orice ai in resolv.conf

mircicabondar · 13 Aug 2012 18:33:36

Andy a scris:
Ok,
Cod:
flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
"A DNS server that's only authoritative must send back an answer with the RA bit clear. Similarly the RD bit must be copied from the request to the response. If the server fails to copy the RD bit you won't see that warning"

Cand am intrebat daca ai tinydns sau dnscache, eram curios sa vad daca asa ceva ruleaza NU pe
Cod:
nameserver 192.168.0.1
ci la celalalt capat.

Daca dai
Cod:
dig @127.0.0.1 IP/domeniu
sau chiar fara IP
Cod:
dig domeniu
veti primi un rapuns de la orice ai in resolv.conf

Deci nu e in regula? Ar mai trebui modificat ceva in resolv.conf?

Andy · 13 Aug 2012 18:46:08

Cod:

dig @127.0.0.1 www.bondarul.com

posteaza output-ul.

guletz2002 · 13 Aug 2012 19:35:39

Mesajul "WARNING: recursion requested but not available" apare pt. acel server pe care il interoghezi tu 188.26.9.xxx, pt. ca nu permite interogari recursive(cereri de intoragare DNS pt. domenii pt. care acel domeniu nu este AUTORITAR) de la masina pe care lansezi comanda DIG. Daca ne arati fisierele named.conf.local si named.conf.options, te putem ajuta. De asemenea, este f. important sa ne spui de pe ce masina lansezi comanda DIG(sa banuim ca de pe acceasi masina cu serverul DNS?).

Editat ultima oară de guletz2002 (13 Aug 2012 19:36:33)

mircicabondar · 13 Aug 2012 20:08:06

Andy a scris:
Cod:
dig @127.0.0.1 www.bondarul.com
posteaza output-ul.

Cod:

root@SERVER:/home/server# dig @127.0.0.1 www.bondarul.com

; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 www.bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2151
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.bondarul.com.              IN      A

;; ANSWER SECTION:
www.bondarul.com.       10800   IN      CNAME   bondarul.com.
bondarul.com.           10800   IN      A       86.121.132.107

;; AUTHORITY SECTION:
bondarul.com.           10800   IN      NS      ns1.bondarul.com.
bondarul.com.           10800   IN      NS      ns2.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com.       10800   IN      A       86.121.132.107
ns2.bondarul.com.       10800   IN      A       86.121.132.107

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Aug 13 20:07:24 2012
;; MSG SIZE  rcvd: 132

mircicabondar · 13 Aug 2012 20:11:17

guletz2002 a scris:
Mesajul "WARNING: recursion requested but not available" apare pt. acel server pe care il interoghezi tu 188.26.9.xxx, pt. ca nu permite interogari recursive(cereri de intoragare DNS pt. domenii pt. care acel domeniu nu este AUTORITAR) de la masina pe care lansezi comanda DIG. Daca ne arati fisierele named.conf.local si named.conf.options, te putem ajuta. De asemenea, este f. important sa ne spui de pe ce masina lansezi comanda DIG(sa banuim ca de pe acceasi masina cu serverul DNS?).

Comanda dig o dau de pe serverul unde e instalat bind9..ubuntu server
Named.conf.local

Cod:

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";


zone "bondarul.com" {
        type master;
        file "/etc/bind/zones/bondarul.com.zone";
};

zone "132.121.86.in-addr.arpa" {
        type master;
        file "/etc/bind/zones/132.121.86.zone";
};

named.conf.options

Cod:

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        //      8.8.4.4;
        // };

        //=====================================================================$
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //=====================================================================$
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};

guletz2002 · 13 Aug 2012 21:47:32

Modifica-le sa arate cam asa:

zone "bondarul.com" {
type master;
file "/etc/bind/zones/bondarul.com.zone";
allow-query {any;};
};

zone "132.121.86.in-addr.arpa" {
type master;
file "/etc/bind/zones/132.121.86.zone";
allow-query {any;};
};

NOTA01: allow-query {any;}; -zice ca permite oricui, sa interogheze cele 2 zone

...si:

options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

// forwarders {
// 8.8.4.4;
// };

//=====================================================================$
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//=====================================================================$
dnssec-validation auto;

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
version "super-bondar v2.1";
allow-recursion { 192.168.1.0/24; 127.0.0.1; };

};

NOTA02:
version - ca sa ascunzi versiunea de bind pe care o ai, daca sunt curiosi
allow-recursion - de pe ce IP-ri, clientii pot cere rezolvari DNS, altele decat cele pt. care servererul este autoritar(zonele: bondarul.com si 132.121.86.in-addr.arpa in cazul tau) - de exemplu daca dau dig de pe server(adica 127.0.0.1) pt. a rezolva yahoo.com se cheama ca e interogare recursiva

NOTA03:
de regula, fisierele de zona se tin in /var/cache/bind, altfel chestii simpatice se pot intampla ... probabil ca tu asta vrei, sa vezi ce se intampla, daca le pui in alta parte

NOTA04:
fa backup la ce ai acum in /etc/bind, si apoi modifica cum ti-am RECOMNDAT eu, ca daca nu mere, sa poti reveni la cum a fost;

NOTA05:
a fost ideea ta sa folosesti BIND, sau te sfatuit cineva ... "de bine" ? BIND e destul de sofisticat, are sintaxa cam NASHPA, eu zic ca nu e pentru incepatori.

Editat ultima oară de guletz2002 (13 Aug 2012 21:49:14)

mircicabondar · 13 Aug 2012 22:14:14

Am facut cum ai scris tu mai sus so tot asa imi apare, in schimb am pus la: allow-recursion {any;}; si nu mai apare ..dar acuma nu stiu daca e bine sa las asa. Ce se intampla daca tin zonele in /etc/bind si nu /var/cache/bind?

la comanda dig asta im apare:

Cod:

; <<>> DiG 9.8.1-P1 <<>> @86.121.132.107 www.bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50836
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.bondarul.com.              IN      A

;; ANSWER SECTION:
www.bondarul.com.       10800   IN      CNAME   bondarul.com.
bondarul.com.           10800   IN      A       86.121.132.107

;; AUTHORITY SECTION:
bondarul.com.           10800   IN      NS      ns1.bondarul.com.
bondarul.com.           10800   IN      NS      ns2.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com.       10800   IN      A       86.121.132.107
ns2.bondarul.com.       10800   IN      A       86.121.132.107

;; Query time: 10 msec
;; SERVER: 86.121.132.107#53(86.121.132.107)
;; WHEN: Mon Aug 13 22:08:32 2012
;; MSG SIZE  rcvd: 132

Editat ultima oară de mircicabondar (13 Aug 2012 22:48:30)

mircicabondar · 13 Aug 2012 22:16:19

NU m-i la recomandat nimeni. Am citit pe internet despre el..

guletz2002 · 14 Aug 2012 00:01:33

allow-recursion {any;} pt. zonele AUTORITARE si publice in Internet, NU NU NU NU este bine deloc, ma rog, nu trebe sa ma crezi pe cuvant, si e bine ca intotdeauna sa ai rezerve - dar te poti documenta si din alte surse(google), si ai sa te lamuresti(asa cum ai pus tu cu ANY la recursion poti sa ai mari probleme: dns cache poisson, deny of service, etc);
- cel mai bine este sa pui allow-recursion asa cum ti-am scris eu, si sa te uiti in log-ri dupa ce dai comanda DIG, ai sa vezi in ele motivul pt. care apare atentionarea cu recursion(cum arata comanda dig data de tine?)

- sunt unele programe, care se asteapta sa gaseasca ceva in acelasi loc(/var/cache/bind), si daca nu gasesc ce trebe la locul stiut, pot fi probleme - unul din ele este apparmor
- daca ai sa ai curiozitatea, ai sa vezi ca dupa instalarea lui BIND, se creaza /var/cache/bind - oare aia de au facut pachet-ul de instalare, nu au avut ce face, si au
creat acest director, doar asa, ca sa se afle in treaba?

.... Bafta

Editat ultima oară de guletz2002 (14 Aug 2012 00:17:07)

mircicabondar · 14 Aug 2012 01:50:53

guletz2002 a scris:
allow-recursion {any;} pt. zonele AUTORITARE si publice in Internet, NU NU NU NU este bine deloc, ma rog, nu trebe sa ma crezi pe cuvant, si e bine ca intotdeauna sa ai rezerve - dar te poti documenta si din alte surse(google), si ai sa te lamuresti(asa cum ai pus tu cu ANY la recursion poti sa ai mari probleme: dns cache poisson, deny of service, etc);
- cel mai bine este sa pui allow-recursion asa cum ti-am scris eu, si sa te uiti in log-ri dupa ce dai comanda DIG, ai sa vezi in ele motivul pt. care apare atentionarea cu recursion(cum arata comanda dig data de tine?)

- sunt unele programe, care se asteapta sa gaseasca ceva in acelasi loc(/var/cache/bind), si daca nu gasesc ce trebe la locul stiut, pot fi probleme - unul din ele este apparmor
- daca ai sa ai curiozitatea, ai sa vezi ca dupa instalarea lui BIND, se creaza /var/cache/bind - oare aia de au facut pachet-ul de instalare, nu au avut ce face, si au
creat acest director, doar asa, ca sa se afle in treaba?

.... Bafta

Am pus allow-recursion cum ai zis. Eu dau comanda asa: dig @86.121.132.107 www.bondarul.com si apare asa:

; <<>> DiG 9.8.1-P1 <<>> @86.121.132.107 www.bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54722
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.bondarul.com. IN A

;; ANSWER SECTION:
www.bondarul.com. 10800 IN CNAME bondarul.com.
bondarul.com. 10800 IN A 86.121.132.107

;; AUTHORITY SECTION:
bondarul.com. 10800 IN NS ns2.bondarul.com.
bondarul.com. 10800 IN NS ns1.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com. 10800 IN A 86.121.132.107
ns2.bondarul.com. 10800 IN A 86.121.132.107

;; Query time: 7 msec
;; SERVER: 86.121.132.107#53(86.121.132.107)
;; WHEN: Tue Aug 14 01:50:21 2012
;; MSG SIZE rcvd: 132

Unde ar trebui sa ma uit de log?

guletz2002 · 14 Aug 2012 12:16:57

Da si asa:
1.
<<>> DiG 9.8.1-P1 <<>> @127.0.0.1 www.bondarul.com
2.
<<>> DiG 9.8.1-P1 <<>> @127.0.0.1 bondarul.com

cat /var/log/syslog|grep named

Andy · 14 Aug 2012 12:22:46

guletz2002 a scris:
Da si asa:
1.
<<>> DiG 9.8.1-P1 <<>> @127.0.0.1 www.bondarul.com
2.
<<>> DiG 9.8.1-P1 <<>> @127.0.0.1 bondarul.com

cat /var/log/syslog|grep named

Varianta 1 a fost deja postata mai sus. Nu are warning

mircicabondar · 14 Aug 2012 13:23:19

dig @127.0.0.1 www.bondarul.com

Cod:

; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 www.bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25354
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.bondarul.com.              IN      A

;; ANSWER SECTION:
www.bondarul.com.       10800   IN      CNAME   bondarul.com.
bondarul.com.           10800   IN      A       86.121.132.107

;; AUTHORITY SECTION:
bondarul.com.           10800   IN      NS      ns1.bondarul.com.
bondarul.com.           10800   IN      NS      ns2.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com.       10800   IN      A       86.121.132.107
ns2.bondarul.com.       10800   IN      A       86.121.132.107

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 14 13:17:31 2012
;; MSG SIZE  rcvd: 132

dig @127.0.0.1 bondarul.com

Cod:

; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50970
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;bondarul.com.                  IN      A

;; ANSWER SECTION:
bondarul.com.           10800   IN      A       86.121.132.107

;; AUTHORITY SECTION:
bondarul.com.           10800   IN      NS      ns1.bondarul.com.
bondarul.com.           10800   IN      NS      ns2.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com.       10800   IN      A       86.121.132.107
ns2.bondarul.com.       10800   IN      A       86.121.132.107

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 14 13:18:03 2012
;; MSG SIZE  rcvd: 114

dig @86.121.132.107 www.bondarul.com (cu allow-recursion { 192.168.1.0/24; 127.0.0.1; }

Cod:

; <<>> DiG 9.8.1-P1 <<>> @86.121.132.107 www.bondarul.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 931
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.bondarul.com.              IN      A

;; ANSWER SECTION:
www.bondarul.com.       10800   IN      CNAME   bondarul.com.
bondarul.com.           10800   IN      A       86.121.132.107

;; AUTHORITY SECTION:
bondarul.com.           10800   IN      NS      ns1.bondarul.com.
bondarul.com.           10800   IN      NS      ns2.bondarul.com.

;; ADDITIONAL SECTION:
ns1.bondarul.com.       10800   IN      A       86.121.132.107
ns2.bondarul.com.       10800   IN      A       86.121.132.107

;; Query time: 6 msec
;; SERVER: 86.121.132.107#53(86.121.132.107)
;; WHEN: Tue Aug 14 13:20:36 2012
;; MSG SIZE  rcvd: 132

Editat ultima oară de mircicabondar (14 Aug 2012 13:23:47)

mircicabondar · 14 Aug 2012 13:37:09

cat /var/log/syslog|grep named:

Cod:

Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:503:ba3e::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:500:2f::f#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:500:1::803f:235#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:7fe::53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:503:c27::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:7fd::1#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:500:3::42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/AAAA/IN': 2001:dc3::35#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 198.41.0.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.228.79.201#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.33.4.12#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.8.10.90#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.203.230.10#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.5.5.241#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.112.36.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.63.2.53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.36.148.17#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.58.128.30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 193.0.14.129#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 199.7.83.42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 202.12.27.33#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:ba3e::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:2f::f#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:1::803f:235#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fe::53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:c27::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fd::1#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:3::42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:dc3::35#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 198.41.0.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.228.79.201#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.33.4.12#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.8.10.90#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.203.230.10#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.5.5.241#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.112.36.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.63.2.53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.36.148.17#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.58.128.30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 193.0.14.129#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 199.7.83.42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 202.12.27.33#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:ba3e::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:2f::f#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:1::803f:235#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fe::53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:c27::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fd::1#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:3::42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:dc3::35#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 198.41.0.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.228.79.201#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.33.4.12#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.8.10.90#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.203.230.10#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.5.5.241#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.112.36.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.63.2.53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.36.148.17#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.58.128.30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 193.0.14.129#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 199.7.83.42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 202.12.27.33#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:ba3e::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:2f::f#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:1::803f:235#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fe::53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:c27::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fd::1#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:3::42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:dc3::35#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 198.41.0.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.228.79.201#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.33.4.12#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.8.10.90#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.203.230.10#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.5.5.241#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.112.36.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 128.63.2.53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.36.148.17#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 192.58.128.30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 193.0.14.129#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 199.7.83.42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 202.12.27.33#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:ba3e::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:2f::f#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:1::803f:235#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fe::53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:503:c27::2:30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:7fd::1#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:500:3::42#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '0.ubuntu.pool.ntp.org/A/IN': 2001:dc3::35#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 198.41.0.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.228.79.201#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.33.4.12#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 128.8.10.90#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.203.230.10#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.5.5.241#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.112.36.4#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 128.63.2.53#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.36.148.17#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 192.58.128.30#53
Aug 14 01:41:30 SERVER named[764]: error (network unreachable) resolving '1.ubuntu.pool.ntp.org/AAAA/IN': 193.0.14.129#53
Aug 14 01:44:04 SERVER named[840]: starting BIND 9.8.1-P1 -u bind
Aug 14 01:44:04 SERVER named[840]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
Aug 14 01:44:04 SERVER named[840]: adjusted limit on open files from 4096 to 1048576
Aug 14 01:44:04 SERVER named[840]: found 2 CPUs, using 2 worker threads
Aug 14 01:44:04 SERVER named[840]: using up to 4096 sockets
Aug 14 01:44:04 SERVER named[840]: loading configuration from '/etc/bind/named.conf'
Aug 14 01:44:04 SERVER named[840]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Aug 14 01:44:04 SERVER named[840]: using default UDP/IPv4 port range: [1024, 65535]
Aug 14 01:44:04 SERVER named[840]: using default UDP/IPv6 port range: [1024, 65535]
Aug 14 01:44:04 SERVER named[840]: listening on IPv6 interfaces, port 53
Aug 14 01:44:04 SERVER named[840]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 14 01:44:04 SERVER named[840]: listening on IPv4 interface wlan0, 192.168.0.13#53
Aug 14 01:44:04 SERVER named[840]: generating session key for dynamic DNS
Aug 14 01:44:04 SERVER named[840]: sizing zone task pool based on 7 zones
Aug 14 01:44:05 SERVER named[840]: using built-in root key for view _default
Aug 14 01:44:05 SERVER named[840]: set up managed keys zone for view _default, file 'managed-keys.bind'
Aug 14 01:44:05 SERVER named[840]: Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 254.169.IN-ADDR.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: D.F.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 8.E.F.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 9.E.F.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: A.E.F.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: B.E.F.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Aug 14 01:44:05 SERVER named[840]: command channel listening on 127.0.0.1#953
Aug 14 01:44:05 SERVER named[840]: command channel listening on ::1#953
Aug 14 01:44:05 SERVER named[840]: zone 0.in-addr.arpa/IN: loaded serial 1
Aug 14 01:44:05 SERVER named[840]: zone 127.in-addr.arpa/IN: loaded serial 1
Aug 14 01:44:05 SERVER named[840]: zone 255.in-addr.arpa/IN: loaded serial 1
Aug 14 01:44:05 SERVER named[840]: zone 132.121.86.in-addr.arpa/IN: loaded serial 2012130801
Aug 14 01:44:05 SERVER named[840]: zone bondarul.com/IN: loaded serial 2012130801
Aug 14 01:44:05 SERVER named[840]: zone localhost/IN: loaded serial 2
Aug 14 01:44:05 SERVER named[840]: managed-keys-zone ./IN: loaded serial 2
Aug 14 01:44:05 SERVER named[840]: zone bondarul.com/IN: sending notifies (serial 2012130801)
Aug 14 01:44:05 SERVER named[840]: zone 132.121.86.in-addr.arpa/IN: sending notifies (serial 2012130801)
Aug 14 01:44:05 SERVER named[840]: running
Aug 14 01:44:05 SERVER named[840]: client 86.121.132.107#46472: received notify for zone 'bondarul.com'
Aug 14 01:44:35 SERVER named[840]: client 86.121.132.107#59500: received notify for zone '132.121.86.in-addr.arpa'
Aug 14 01:46:17 SERVER named[840]: received control channel command 'stop -p'
Aug 14 01:46:17 SERVER named[840]: shutting down: flushing changes
Aug 14 01:46:17 SERVER named[840]: stopping command channel on 127.0.0.1#953
Aug 14 01:46:17 SERVER named[840]: stopping command channel on ::1#953
Aug 14 01:46:17 SERVER named[840]: no longer listening on ::#53
Aug 14 01:46:17 SERVER named[840]: no longer listening on 127.0.0.1#53
Aug 14 01:46:17 SERVER named[840]: no longer listening on 192.168.0.13#53
Aug 14 01:46:17 SERVER named[840]: exiting
Aug 14 01:46:18 SERVER named[1327]: starting BIND 9.8.1-P1 -u bind
Aug 14 01:46:18 SERVER named[1327]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
Aug 14 01:46:18 SERVER named[1327]: adjusted limit on open files from 4096 to 1048576
Aug 14 01:46:18 SERVER named[1327]: found 2 CPUs, using 2 worker threads
Aug 14 01:46:18 SERVER named[1327]: using up to 4096 sockets
Aug 14 01:46:18 SERVER named[1327]: loading configuration from '/etc/bind/named.conf'
Aug 14 01:46:18 SERVER named[1327]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Aug 14 01:46:18 SERVER named[1327]: using default UDP/IPv4 port range: [1024, 65535]
Aug 14 01:46:18 SERVER named[1327]: using default UDP/IPv6 port range: [1024, 65535]
Aug 14 01:46:18 SERVER named[1327]: listening on IPv6 interfaces, port 53
Aug 14 01:46:18 SERVER named[1327]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 14 01:46:18 SERVER named[1327]: listening on IPv4 interface wlan0, 192.168.0.13#53
Aug 14 01:46:18 SERVER named[1327]: generating session key for dynamic DNS
Aug 14 01:46:18 SERVER named[1327]: sizing zone task pool based on 7 zones
Aug 14 01:46:18 SERVER named[1327]: using built-in root key for view _default
Aug 14 01:46:18 SERVER named[1327]: set up managed keys zone for view _default, file 'managed-keys.bind'
Aug 14 01:46:18 SERVER named[1327]: Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 254.169.IN-ADDR.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: D.F.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 8.E.F.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 9.E.F.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: A.E.F.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: B.E.F.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Aug 14 01:46:18 SERVER named[1327]: command channel listening on 127.0.0.1#953
Aug 14 01:46:18 SERVER named[1327]: command channel listening on ::1#953
Aug 14 01:46:18 SERVER named[1327]: zone 0.in-addr.arpa/IN: loaded serial 1
Aug 14 01:46:18 SERVER named[1327]: zone 127.in-addr.arpa/IN: loaded serial 1
Aug 14 01:46:18 SERVER named[1327]: zone 255.in-addr.arpa/IN: loaded serial 1
Aug 14 01:46:18 SERVER named[1327]: zone 132.121.86.in-addr.arpa/IN: loaded serial 2012130801
Aug 14 01:46:18 SERVER named[1327]: zone bondarul.com/IN: loaded serial 2012130801
Aug 14 01:46:18 SERVER named[1327]: zone localhost/IN: loaded serial 2
Aug 14 01:46:18 SERVER named[1327]: managed-keys-zone ./IN: loaded serial 2
Aug 14 01:46:18 SERVER named[1327]: zone bondarul.com/IN: sending notifies (serial 2012130801)
Aug 14 01:46:18 SERVER named[1327]: zone 132.121.86.in-addr.arpa/IN: sending notifies (serial 2012130801)
Aug 14 01:46:18 SERVER named[1327]: running
Aug 14 01:46:18 SERVER named[1327]: client 86.121.132.107#39032: received notify for zone 'bondarul.com'
Aug 14 01:46:18 SERVER named[1327]: client 86.121.132.107#32302: received notify for zone '132.121.86.in-addr.arpa'
Aug 14 05:29:42 SERVER named[1327]: client 93.174.93.196#58473: query (cache) './ANY/IN' denied
Aug 14 13:14:26 SERVER named[872]: starting BIND 9.8.1-P1 -u bind
Aug 14 13:14:26 SERVER named[872]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro' 'CPPFLAGS=-D_FORTIFY_SOURCE=2'
Aug 14 13:14:26 SERVER named[872]: adjusted limit on open files from 4096 to 1048576
Aug 14 13:14:26 SERVER named[872]: found 2 CPUs, using 2 worker threads
Aug 14 13:14:26 SERVER named[872]: using up to 4096 sockets
Aug 14 13:14:26 SERVER named[872]: loading configuration from '/etc/bind/named.conf'
Aug 14 13:14:26 SERVER named[872]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Aug 14 13:14:26 SERVER named[872]: using default UDP/IPv4 port range: [1024, 65535]
Aug 14 13:14:26 SERVER named[872]: using default UDP/IPv6 port range: [1024, 65535]
Aug 14 13:14:26 SERVER named[872]: listening on IPv6 interfaces, port 53
Aug 14 13:14:26 SERVER named[872]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 14 13:14:26 SERVER named[872]: listening on IPv4 interface wlan0, 192.168.0.13#53
Aug 14 13:14:26 SERVER named[872]: generating session key for dynamic DNS
Aug 14 13:14:26 SERVER named[872]: sizing zone task pool based on 7 zones
Aug 14 13:14:26 SERVER named[872]: using built-in root key for view _default
Aug 14 13:14:26 SERVER named[872]: set up managed keys zone for view _default, file 'managed-keys.bind'
Aug 14 13:14:26 SERVER named[872]: Warning: 'empty-zones-enable/disable-empty-zone' not set: disabling RFC 1918 empty zones
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 254.169.IN-ADDR.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: D.F.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 8.E.F.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 9.E.F.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: A.E.F.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: B.E.F.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Aug 14 13:14:26 SERVER named[872]: command channel listening on 127.0.0.1#953
Aug 14 13:14:26 SERVER named[872]: command channel listening on ::1#953
Aug 14 13:14:26 SERVER named[872]: zone 0.in-addr.arpa/IN: loaded serial 1
Aug 14 13:14:26 SERVER named[872]: zone 127.in-addr.arpa/IN: loaded serial 1
Aug 14 13:14:26 SERVER named[872]: zone 255.in-addr.arpa/IN: loaded serial 1
Aug 14 13:14:26 SERVER named[872]: zone 132.121.86.in-addr.arpa/IN: loaded serial 2012130801
Aug 14 13:14:26 SERVER named[872]: zone bondarul.com/IN: loaded serial 2012130801
Aug 14 13:14:26 SERVER named[872]: zone localhost/IN: loaded serial 2
Aug 14 13:14:26 SERVER named[872]: managed-keys-zone ./IN: loaded serial 2
Aug 14 13:14:26 SERVER named[872]: running
Aug 14 13:14:26 SERVER named[872]: zone bondarul.com/IN: sending notifies (serial 2012130801)
Aug 14 13:14:26 SERVER named[872]: zone 132.121.86.in-addr.arpa/IN: sending notifies (serial 2012130801)
Aug 14 13:14:26 SERVER named[872]: client 86.121.132.107#12316: received notify for zone 'bondarul.com'
Aug 14 13:14:27 SERVER named[872]: client 86.121.132.107#17999: received notify for zone '132.121.86.in-addr.arpa'

guletz2002 · 14 Aug 2012 20:48:24

Din ce vad, imi dau seama, de fapt, masina pe care ruleaza BIND, are 1 interfata(fire-less), in afara de localhost:

Aug 14 13:14:26 SERVER named[872]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 14 13:14:26 SERVER named[872]: listening on IPv4 interface wlan0, 192.168.0.13#53

Acum, tu dai DIG, de pe acea masina, si interoghezi ALTA masina, despre domeniul bondar.com:

dig @86.121.132.107 www.bondarul.com (cu allow-recursion { 192.168.1.0/24; 127.0.0.1; }

1. .... intrucat 86.121.132.107, nu apartine masinii de pe care dai comanda DIG, raspunsul este absolut normal(recursion warning).
2. cum ti-am scris in postul #12, in directiva allow-recursion, trebuie trecute IP-le din LAN-ul tau, deci evident(gresesc?) 192.168.0.0/24, si nu cum
ai pus tu 192.168.1.0/24(copy/paste la ce am scris eu)
3. totusi, ce e cu acest IP 86.121.132.107, de unde / a cui este?

Editat ultima oară de guletz2002 (14 Aug 2012 20:49:12)

mircicabondar · 14 Aug 2012 21:03:18

guletz2002 a scris:
Din ce vad, imi dau seama, de fapt, masina pe care ruleaza BIND, are 1 interfata(fire-less), in afara de localhost:

Aug 14 13:14:26 SERVER named[872]: listening on IPv4 interface lo, 127.0.0.1#53
Aug 14 13:14:26 SERVER named[872]: listening on IPv4 interface wlan0, 192.168.0.13#53
Acum, tu dai DIG, de pe acea masina, si interoghezi ALTA masina, despre domeniul bondar.com:
dig @86.121.132.107 www.bondarul.com (cu allow-recursion { 192.168.1.0/24; 127.0.0.1; }
1. .... intrucat 86.121.132.107, nu apartine masinii de pe care dai comanda DIG, raspunsul este absolut normal(recursion warning).
2. cum ti-am scris in postul #12, in directiva allow-recursion, trebuie trecute IP-le din LAN-ul tau, deci evident(gresesc?) 192.168.0.0/24, si nu cum
ai pus tu 192.168.1.0/24(copy/paste la ce am scris eu)
3. totusi, ce e cu acest IP 86.121.132.107, de unde / a cui este?

Acum trec ip-ul din retea. Serverul este in spatele unui router wireless, iar serverul pe care ruleaza bind este conectat la router prin wireless. Ip-ul serverului este 192.168.0.13 iar 86.121.132.107 este ip-ul public care il primeste routerul de la isp.

guletz2002 · 14 Aug 2012 21:13:56

.... descrierea INCOMPLETA a unei probleme, sa stii ca dauneaza grav sanatatii....ca sa zic asa.

mircicabondar · 14 Aug 2012 21:19:45

E belea?

guletz2002 · 14 Aug 2012 21:33:12

... nu chiar. Uita-te pe documentaia de aici, e una dintre cele mai bune:

citeste-ma ...

Editat ultima oară de guletz2002 (14 Aug 2012 21:33:52)

Forumul Ubuntu România

Anunţ

#1 12 Aug 2012 20:00:08

WARNING: recursion requested but not available

Cod:

Cod:

#2 13 Aug 2012 10:21:12

Re: WARNING: recursion requested but not available

#3 13 Aug 2012 13:32:37

Re: WARNING: recursion requested but not available

Andy a scris:

#4 13 Aug 2012 13:37:34

Re: WARNING: recursion requested but not available

Cod:

Cod:

#5 13 Aug 2012 17:19:41

Re: WARNING: recursion requested but not available

Andy a scris:

Cod:

Cod:

Cod:

Cod:

#6 13 Aug 2012 17:32:04

Re: WARNING: recursion requested but not available

Cod:

Cod:

Cod:

Cod:

#7 13 Aug 2012 18:33:36

Re: WARNING: recursion requested but not available

Andy a scris:

Cod:

Cod:

Cod:

Cod:

#8 13 Aug 2012 18:46:08

Re: WARNING: recursion requested but not available

Cod:

#9 13 Aug 2012 19:35:39

Re: WARNING: recursion requested but not available

#10 13 Aug 2012 20:08:06

Re: WARNING: recursion requested but not available

Andy a scris:

Cod:

Cod:

#11 13 Aug 2012 20:11:17

Re: WARNING: recursion requested but not available

guletz2002 a scris:

Cod:

Cod:

#12 13 Aug 2012 21:47:32

Re: WARNING: recursion requested but not available

#13 13 Aug 2012 22:14:14

Re: WARNING: recursion requested but not available

Cod:

#14 13 Aug 2012 22:16:19

Re: WARNING: recursion requested but not available

#15 14 Aug 2012 00:01:33

Re: WARNING: recursion requested but not available

#16 14 Aug 2012 01:50:53

Re: WARNING: recursion requested but not available

guletz2002 a scris:

#17 14 Aug 2012 12:16:57

Re: WARNING: recursion requested but not available

#18 14 Aug 2012 12:22:46

Re: WARNING: recursion requested but not available

guletz2002 a scris:

#19 14 Aug 2012 13:23:19

Re: WARNING: recursion requested but not available

Cod:

Cod:

Cod:

#20 14 Aug 2012 13:37:09

Re: WARNING: recursion requested but not available

Cod:

#21 14 Aug 2012 20:48:24

Re: WARNING: recursion requested but not available

#22 14 Aug 2012 21:03:18

Re: WARNING: recursion requested but not available

guletz2002 a scris: