Problems with configuring DNS (bind)?

Asked by jblackmer

For the first time manually steer DNS'kimi, and immediately had a problem. Even friends who have done this often say strange problems.

We have: Debian Stable on VDS (firstvds, unfortunately) and bind (8.4.7). It runs a pair of PHP-sites, the customer's server (but you can do anything). And we have our own cool server with Debian Squeeze, which has a Python site (just the smallest VDS, he did not master the python from memory). The main domain is linked to the VDS server IP, let's call it domain.ru. One of the subdomains is required to contact my IP. That is, domain.ru is on IP VDS, sub.domain.ru is mine. The task seems to be simple, but then the fun begins.

Zone file:

$TTL 3600 <br/>
domain.ru. IN SOA ns1.firstvds.ru. root.domain.ru. (2010090201 10800 3600 604800 86400) <br/>
domain.ru. IN NS ns1.firstvds.ru. <br/>
domain.ru. IN NS ns2.firstvds.ru. <br/>
domain.ru. IN NS ns3.firstvds.ru. <br/>
domain.ru. IN MX 10 mail <br/>
domain.ru. IN MX 20 mail <br/>
domain.ru. IN A [IP VDS] <br/>
www IN A [IP VDS] <br/>
ftp IN A [IP VDS] <br/>
mail IN A [IP VDS] <br/>
smtp IN A [IP VDS] <br/>
pop IN A [IP VDS] <br/>
sub IN A [IP своего сервера] # - все самое интересное здесь


I figured it all out, the zone ID in the first line is also constantly changing as expected. bind has been restarted, after a few hours the DNS has been updated, and if via SSH with VDS, do:

root: ~ # host sub.domain.ru

sub.domain.ru A [IP of my server]

And, it would seem, everything is fine. Only here every 3-4 hours (when DNS'ki updated), it changes the IP. That subdomain has the old IP then the new one. This is how it looks from my car (the console shows the time, you can trace it):

[21:24:05]:vas3k@arch ~&gt;nslookup sub.domain.ru<br/>
Server: 192.168.0.1<br/>
Address: 192.168.0.1#53<br/>
<br/>
Non-authoritative answer:<br/>
Name: sub.domain.ru<br/>
Address: [новый IP]<br/>
<br/>
[23:26:06]:vas3k@arch ~&gt;nslookup sub.domain.ru<br/>
Server: 192.168.0.1<br/>
Address: 192.168.0.1#53<br/>
<br/>
Non-authoritative answer:<br/>
Name: sub.domain.ru<br/>
Address: [старый IP, который на VDS]


So you see that DNS is jumping back and forth. After a few hours it becomes normal again, then the old one again. The site will start soon, so I would like to get rid of it. And I myself do it for the first time, since I don’t trump the admin. I even tried to delete a domain through ISPManager and add it again. The same crap, and sometimes both IPs come to the Non-authoritative answer at once.

This has been happening for more than a month. Changed the zone file many times. In support of FirstVDS, I don’t even know whether to contact, as they always say “your server is your problem” and advise you to reinstall everything.

PS: Immediately apologize for the fictional domains, I hope clearly explained.

Answers

ratko
The problem was really on the side of FirstVDS and quickly resolved after the very first letter to technical support. Thanks to all.
asisha
Most likely on the FirstVDS name servers information is different. I would advise you (well, or to the customer more precisely) to contact technical support, help.
And so - edited the file with handles or through ISPmanager? It is necessary through ISPmanager, as it changes the series of the zone and notifies external servers that it would not be bad to update the domain information.

Shl: ns3.firstvds.ru does not exist - it is better to remove it (and from the ISPmanager settings)
Replies:
Recently edited through ISPManager. A button with a red first-aid kit (update information) also stung :)
Now I will delete too much, let's see, thanks for the answer. If anything, we will contact the support, although I really do not like to do it. - rithika kancharla
well, just at first glance - some problems with external servers - one gives one, and the second - the second - without seeing the domain, of course, it is difficult to say, but everything speaks about it. And about technical support - in vain, though I don’t like to touch the support myself - paul mcgee
annette tang
You still have to contact technical support. There people are quite adequate.
lajuan
And there is a second DNS server?

In general, I understood a long time ago that a self-compiled DNS server is not a rewarding business. It is much easier to get a DNS server for a whole year for 40 eurocents and not to bathe.
Replies:
Second is not available. Need to think about it, thanks. - kathren
Do not count for advertising, but let's say Fastvps has the service "Rent DNS". The domain control panel is highlighted, and two DNS servers. All this for 0.40 euros per year. - jdgibson gibson
Recently, I hear a lot of good about fastvps. As soon as the customer decides to move (think, soon), I will advise him. - dedra
monstor
I understand - master dnsom master - firstvds himself?
Then there are a couple of questions:
1. Do you have your dns server on VDS? Then why is there no him in the zone?
2. If this is not the case, then in the firstvds web interface you can indicate that their dns will be like a slave?
3. a) If yes, then do your master, their slave
 b) If not, then try, if there is an opportunity, to make your own slave for them and see what the zone looks like at the moment of changing ip and, what is the most important thing, which key?

If I misunderstand you - ask. If you have questions - write;)
Replies:
key = serial in the config file of the zone - jandy nelson
1) No, your server is at home, DNS is not configured on it. I thought that you can just say that DNS “if you see this domain, go to this IP”. Or am I stupid? :)
2) I have not seen this even. Just a list of servers. - theophanu
1) I thought that dns is hanging on the VDS itself and you want to control the zone on it too.
2)
#dig domain.ru ns + noqr + short
ns1.firstvds.ru.
ns2.firstvds.ru.
ns3.firstvds.ru.

Just used to operate only with my own dns =)
3) I can, in an extreme case, offer to slap a slave zone on my server, and master on my VDS =) $ - amerydbaker
% # @ !!! New Habr damn.
2) dig the same data? ISPManager now for the sake of development I will look, maybe I can think of it.
There is just another feeling that they themselves had masters / slaves after a liter tuned :) - dylan lysen
[14:44:39]: vas3k @ arch ~ & gt; dig domain.ru ns + noqr + short
ns2.firstvds.ru.
ns1.firstvds.ru.
ns3.firstvds.ru.

so here. - jim keith
dig domain.ru @ ns1 | 2 | 3.firstvds + short
produces the same thing? - stephanie adams
Each ns gives two IP, the first everywhere the same (VDS), the second the other. My in them is not. - rafatjahan siddique
was sealed.
dig sub.domain.ru @ ns1 | 2 | 3.firstvds.ru + short
but I think you understand me. - karen mcp
holly parmelee
There seems to be some kind of troubles on the servers, I have been worrying about DNS for a few days already with the DNS
Replies:
It would be a few days. Here a month already. Therefore, most likely my crooked hands. - chris kujawa
apurv
, are you making changes in the zone on the primary server?

a picture of what you are doing changes on the secondary, and the primary in 3 hours rubs your notes.
I mean, what to do with pens and always on Primari ns1.firstvds.ru
write a record, change the series, it is written as a date and at the end the change number (from 00 - 99) which number is not so important, the main thing that it differs from the previously entered, the date is also not desirable to change.

ps
try a record like this
sub.domain.ru. A ipaddr

note after the full spelling of the domain is worth a point.
Replies:
ns1.firstvds.ru seems to be updated by clicking on a button in ISPmanager. I did this.
The series I know how to prescribe, and through the manager he generates it himself, so everything should be ok with him.
I will try this entry now, thanks. - vedrana
nick white
the first thing I noticed:
domain.ru. IN MX 10 mail
domain.ru. IN MX 20 mail
that's bullshit. Why are you two identical server in mx indicated? What do you really expect? What mail server will knock 2 times on one server? No, after the first failure, he will stop trying in this case.
Your problem is really easy. I think a caliper could help.
You can diagnose yourself: for this you need to ask about sub.domain.ru. all name servers specified for domain.ru. The list of these servers can be obtained from the command line using the command
whois domain.ru

Please note that it may not coincide with
domain.ru. IN NS ns1.firstvds.ru.
domain.ru. IN NS ns2.firstvds.ru.
domain.ru. IN NS ns3.firstvds.ru.
When you find out, check the A-record on each of this list, for example:
nslookup sub.domain.ru. ns3.firstvds.ru.
if there is a mistake somewhere - correct
Replies:
forgot that there is no whois in Windows. Then through the web:
 who.is/whois/domain.ru/ - dinar
Pro delusions are automatically generated by ISPmagager nonsense.
I have archlinux, it could be understood by the logs from the console.
I went to diagnose, thanks for the minus. - lorna dh
Sorry, not your minus :)
In general, apparently some of the above methods helped. All ns say the correct IP. We will observe more, I hope everything will work.
Thanked in karma. - bookmaniac70
How to choose a license? :: Do you use JScript at work? :: The most convenient client for Livejournal under Linux? :: How to solve the problem with the coding in conjunction Evolution + Exchange 2007? :: Advise books on the basics of UI
Leave Repply for Problems with configuring DNS (bind)?
Useful Links