Forums:
Estimados:
Tengo un problema al cual aun no le encuentro ni pies ni cabeza, ya que nunca habia escuchado o leido algo similar, he preguntado, buscado, pero no he encontrado nada.
Tengo mi DNS en un Centos 5 con todas sus actualizaciones uso bind9, especificamente bind-9.3.4-6.0.2.P1.el5_2, funcionaba todo bien, resolvia todo sin problemas hasta un mes atras mas o menos, ahora tiene problemas para resolver los sitios de microsoft, NO RESUELVE NINGUN SITIO QUE TENGA QUE VER CON MICROSOFT y pasa especificamente con ellos, ya que con todos los demas dominios no hay problemas.
Lo mas raro aun es que por lo general en las mañanas resuelve bien, pero durante el transcurso de la tarde deja de hacerlo, de hecho el dia jueves y viernes recien pasado funciono perfecto, pero ayer y los dias anteriores no funcionaba.
Por favor ayuda, ya que este error ya me esta causando dolores de cabeza jajajja.
Gracias.
De pronto has probado con
De pronto has probado con caching-nameserver????
Yo tengo bind 9.3.4-6.02.P1.el5_2 y no tengo inconvenientes.
Pienso que el error está en tus archivos de configuración, pero no podemos saberlo sin no indicas los mensajes que te reporta en el /var/log/messages.
Saludos
Juan Yépez
093681879
Saludos
Juan Yépez
0993681879
Dj - Discomovil Quito
que bueno que no resuelva
que bueno que no resuelva ningun dominio de esos jaja
Pdta. es una broma
puede que opendns te ayude si los pones en tus forwards
aca dejo un extracto del log
aca dejo un extracto del log /var/log/messages.
Aug 6 15:59:08 r2d named[23663]: client 192.168.1.114#3533: view internal: updating zone 'dominio.com/IN': update unsuccessful: JUNIOR9.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 15:59:08 r2d named[23663]: client 192.168.1.114#3536: view internal: update 'dominio.com/IN' denied
Aug 6 15:59:42 r2d named[23663]: client 192.168.1.144#58698: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa27.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 15:59:42 r2d named[23663]: client 192.168.1.144#64365: view internal: update 'dominio.com/IN' denied
Aug 6 16:00:39 r2d named[23663]: client 192.168.1.126#2447: view internal: update 'dominio.com/IN' denied
Aug 6 16:00:41 r2d named[23663]: client 192.168.1.145#1307: view internal: update 'dominio.com/IN' denied
Aug 6 16:00:50 r2d named[23663]: client 192.168.1.128#55074: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa17.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:00:50 r2d named[23663]: client 192.168.1.128#59928: view internal: update 'dominio.com/IN' denied
Aug 6 16:00:52 r2d named[23663]: client 192.168.1.124#4807: view internal: updating zone 'dominio.com/IN': update unsuccessful: junior10.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:00:52 r2d named[23663]: client 192.168.1.124#4810: view internal: update 'dominio.com/IN' denied
Aug 6 16:01:16 r2d named[23663]: client 192.168.1.131#1949: view internal: update 'dominio.com/IN' denied
Aug 6 16:01:16 r2d named[23663]: client 192.168.1.102#2602: view internal: update 'dominio.com/IN' denied
Aug 6 16:01:44 r2d named[23663]: client 192.168.1.202#1026: view internal: update 'dominio.com/IN' denied
Aug 6 16:01:54 r2d named[23663]: client 192.168.1.117#3662: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:09 r2d named[23663]: client 192.168.1.112#1069: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:18 r2d named[23663]: client 192.168.1.121#1672: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa01.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:02:18 r2d named[23663]: client 192.168.1.121#1675: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:23 r2d named[23663]: client 192.168.1.111#4665: view internal: updating zone 'dominio.com/IN': update unsuccessful: junior2.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:02:23 r2d named[23663]: client 192.168.1.111#4668: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:24 r2d named[23663]: client 192.168.1.125#64385: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa15.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:02:24 r2d named[23663]: client 192.168.1.125#50192: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:25 r2d named[23663]: client 192.168.1.148#4765: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:26 r2d named[23663]: client 192.168.1.122#3587: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:27 r2d named[23663]: client 192.168.1.101#1470: view internal: update 'dominio.com/IN' denied
Aug 6 16:02:38 r2d named[23663]: unexpected RCODE (SERVFAIL) resolving 'dipromet.cl.multi.surbl.org/A/IN': 202.106.182.244#53
Aug 6 16:02:38 r2d named[23663]: unexpected RCODE (SERVFAIL) resolving 'nod32.com.multi.surbl.org/A/IN': 202.106.182.244#53
Aug 6 16:02:47 r2d named[23663]: client 192.168.1.105#2120: view internal: update 'dominio.com/IN' denied
Aug 6 16:03:34 r2d named[23663]: client 192.168.1.139#4116: view internal: updating zone 'dominio.com/IN': update unsuccessful: DESA12.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:03:34 r2d named[23663]: client 192.168.1.139#4119: view internal: update 'dominio.com/IN' denied
Aug 6 16:03:46 r2d named[23663]: client 192.168.1.113#4326: view internal: update 'dominio.com/IN' denied
Aug 6 16:04:00 r2d named[23663]: client 192.168.1.149#54592: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa23.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:04:00 r2d named[23663]: client 192.168.1.149#54645: view internal: update 'dominio.com/IN' denied
Aug 6 16:04:08 r2d named[23663]: client 192.168.1.114#3620: view internal: updating zone 'dominio.com/IN': update unsuccessful: JUNIOR9.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:04:08 r2d named[23663]: client 192.168.1.114#3623: view internal: update 'dominio.com/IN' denied
Aug 6 16:04:43 r2d named[23663]: client 192.168.1.144#57519: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa27.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:04:43 r2d named[23663]: client 192.168.1.144#64372: view internal: update 'dominio.com/IN' denied
Aug 6 16:05:39 r2d named[23663]: client 192.168.1.126#2464: view internal: update 'dominio.com/IN' denied
Aug 6 16:05:41 r2d named[23663]: client 192.168.1.145#1408: view internal: update 'dominio.com/IN' denied
Aug 6 16:05:50 r2d named[23663]: client 192.168.1.128#54818: view internal: updating zone 'dominio.com/IN': update unsuccessful: desa17.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:05:50 r2d named[23663]: client 192.168.1.128#61617: view internal: update 'dominio.com/IN' denied
Aug 6 16:05:52 r2d named[23663]: client 192.168.1.124#4888: view internal: updating zone 'dominio.com/IN': update unsuccessful: junior10.dominio.com/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 6 16:05:52 r2d named[23663]: client 192.168.1.124#4891: view internal: update 'dominio.com/IN' denied
ya tengo unstalado el caching-nameserver
[root@r2d ~]# rpm -qa |grep bind
bind-chroot-9.3.4-6.0.2.P1.el5_2
bind-utils-9.3.4-6.0.2.P1.el5_2
ypbind-1.19-8.el5
bind-libs-9.3.4-6.0.2.P1.el5_2
bind-9.3.4-6.0.2.P1.el5_2
al hacer un dig me arroja este resultado
[root@r2d2 ~]# dig www.hotmail.com +trace
; <<>> DiG 9.3.4-P1 <<>> www.hotmail.com +trace
;; global options: printcmd
. 518301 IN NS M.ROOT-SERVERS.NET.
. 518301 IN NS A.ROOT-SERVERS.NET.
. 518301 IN NS B.ROOT-SERVERS.NET.
. 518301 IN NS C.ROOT-SERVERS.NET.
. 518301 IN NS D.ROOT-SERVERS.NET.
. 518301 IN NS E.ROOT-SERVERS.NET.
. 518301 IN NS F.ROOT-SERVERS.NET.
. 518301 IN NS G.ROOT-SERVERS.NET.
. 518301 IN NS H.ROOT-SERVERS.NET.
. 518301 IN NS I.ROOT-SERVERS.NET.
. 518301 IN NS J.ROOT-SERVERS.NET.
. 518301 IN NS K.ROOT-SERVERS.NET.
. 518301 IN NS L.ROOT-SERVERS.NET.
;; Received 500 bytes from 192.168.1.235#53(192.168.1.235) in 1 ms
com. 172800 IN NS G.GTLD-SERVERS.NET.
com. 172800 IN NS L.GTLD-SERVERS.NET.
com. 172800 IN NS C.GTLD-SERVERS.NET.
com. 172800 IN NS H.GTLD-SERVERS.NET.
com. 172800 IN NS B.GTLD-SERVERS.NET.
com. 172800 IN NS J.GTLD-SERVERS.NET.
com. 172800 IN NS I.GTLD-SERVERS.NET.
com. 172800 IN NS E.GTLD-SERVERS.NET.
com. 172800 IN NS K.GTLD-SERVERS.NET.
com. 172800 IN NS F.GTLD-SERVERS.NET.
com. 172800 IN NS D.GTLD-SERVERS.NET.
com. 172800 IN NS A.GTLD-SERVERS.NET.
com. 172800 IN NS M.GTLD-SERVERS.NET.
;; Received 493 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 278 ms
hotmail.com. 172800 IN NS ns1.msft.net.
hotmail.com. 172800 IN NS ns2.msft.net.
hotmail.com. 172800 IN NS ns3.msft.net.
hotmail.com. 172800 IN NS ns4.msft.net.
hotmail.com. 172800 IN NS ns5.msft.net.
;; Received 211 bytes from 192.42.93.30#53(G.GTLD-SERVERS.NET) in 570 ms
dig: couldn't get address for 'ns1.msft.net': failure
pruebas de ping
[root@r2d ~]# ping www.hotmail.com
ping: unknown host www.hotmail.com
[root@r2d ~]# ping www.google.com
PING www.l.google.com (209.85.193.99) 56(84) bytes of data.
64 bytes from br-in-f99.google.com (209.85.193.99): icmp_seq=1 ttl=247 time=107 ms
64 bytes from br-in-f99.google.com (209.85.193.99): icmp_seq=2 ttl=247 time=94.3 ms
64 bytes from br-in-f99.google.com (209.85.193.99): icmp_seq=3 ttl=247 time=99.8 ms
64 bytes from br-in-f99.google.com (209.85.193.99): icmp_seq=4 ttl=247 time=98.2 ms
64 bytes from br-in-f99.google.com (209.85.193.99): icmp_seq=5 ttl=247 time=97.5 ms
--- www.l.google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4163ms
rtt min/avg/max/mdev = 94.308/99.422/107.192/4.297 ms
[root@r2d2 ~]#
como se pueden dar cuenta en el log anterior, imposible hacer un ping a hotmail o cualquir sitio de microsoft, pero funciona perfecto para los otros dominios como google
hoy en la mañana podia resolver a hotmail, pero hace unos minutos atras dejo de ser asi
como ven el log???????
Gracias....helpppppppppppppppppppppp :?
Tu dig con trace falla al
Tu dig con trace falla al resolver ns1.msft.net, ¿puedes hacerle el mismo dig detallado a ese nombre de host para ver donde falla?
--
haber != a ver
ha != a
Encontre un sitio donde
Encontre un sitio donde alguien menciona que le pasa lo mismo, pero no puedo ver los comentarios. :(:( alguien tiene una cuenta.
http://www.experts-exchange.com/Networking/Protocols/DNS/Q_22899346.html
Puedes crearte tu propia
Puedes crearte tu propia cuenta.
--
haber != a ver
ha != a
A mi me ha pasado con
A mi me ha pasado con dominios en específico que a ratos funciona y a ratos no... después de varias pruebas verifiqué que es el dns de mi proveedor es el que se fuma a veces y no resuelve bien.
Cambié a opendns y no he tenido problemas.
Saludos
Saludos,
antares
Este es mi named.conf, se
Este es mi named.conf, se los muestro para que me den su opinion y me digan si esta bien configurado o no
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { 127.0.0.1; 192.168.1.255; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
recursion no;
allow-query { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
acl internos {
127.0.0.1;
192.168.1.0/24;
192.168.2.0/24;
localhost;
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
view "internal" {
match-clients { internos; };
recursion yes;
notify no;
include "/etc/named.rfc1912.zones";
# Zonas
zone "dominio.com" IN {
type master;
file "int/dominio.com.zone";
};
// zone "1.168.192.in-addr.arpa" IN {
// type master;
// file "1.168.192.in-addr.arpa.zone";
// };
};
view "external" {
match-clients {!localnets; any; };
recursion no;
notify no;
include "/etc/named.rfc1912.zones";
# Zonas
zone "dominio.com" IN {
type master;
allow-transfer {
200.1.123.7;
};
file "dominio.com.zone";
};
// zone "xxx.xxx.201.in-addr.arpa" IN {
// type master;
// file "xxx.xxx.xxx.201.in-addr.arpa.zone";
// };
};
a todo esto solucione el problema que tenia comentando estas lineas
//query-source port 53;
//query-source-v6 port 53;
pero ahora en que influyen esas dos lineas que he comentado, me interesa mucho que el dns quede seguro, me podrian ayudar comentandome que hacen estas dos lineas por favor y en general como ven mi configuracion?..
Gracias.