Problems with configuring DNS (bind)?

Asked byjblackmer

For the first time manually steer DNS'kimi, and immediately had a problem. Even friends who have done this often say strange problems.

We have: Debian Stable on VDS (firstvds, unfortunately) and bind (8.4.7). It runs a pair of PHP-sites, the customer's server (but you can do anything). And we have our own cool server with Debian Squeeze, which has a Python site (just the smallest VDS, he did not master the python from memory). The main domain is linked to the VDS server IP, let's call it One of the subdomains is required to contact my IP. That is, is on IP VDS, is mine. The task seems to be simple, but then the fun begins.

Zone file:

$TTL 3600 <br/> IN SOA (2010090201 10800 3600 604800 86400) <br/> IN NS <br/> IN NS <br/> IN NS <br/> IN MX 10 mail <br/> IN MX 20 mail <br/> IN A [IP VDS] <br/>
www IN A [IP VDS] <br/>
ftp IN A [IP VDS] <br/>
mail IN A [IP VDS] <br/>
smtp IN A [IP VDS] <br/>
pop IN A [IP VDS] <br/>
sub IN A [IP своего сервера] # - все самое интересное здесь

I figured it all out, the zone ID in the first line is also constantly changing as expected. bind has been restarted, after a few hours the DNS has been updated, and if via SSH with VDS, do:

root: ~ # host A [IP of my server]

And, it would seem, everything is fine. Only here every 3-4 hours (when DNS'ki updated), it changes the IP. That subdomain has the old IP then the new one. This is how it looks from my car (the console shows the time, you can trace it):

[21:24:05]:[email protected] ~&gt;nslookup<br/>
Non-authoritative answer:<br/>
Address: [новый IP]<br/>
[23:26:06]:[email protected] ~&gt;nslookup<br/>
Non-authoritative answer:<br/>
Address: [старый IP, который на VDS]

So you see that DNS is jumping back and forth. After a few hours it becomes normal again, then the old one again. The site will start soon, so I would like to get rid of it. And I myself do it for the first time, since I don’t trump the admin. I even tried to delete a domain through ISPManager and add it again. The same crap, and sometimes both IPs come to the Non-authoritative answer at once.

This has been happening for more than a month. Changed the zone file many times. In support of FirstVDS, I don’t even know whether to contact, as they always say “your server is your problem” and advise you to reinstall everything.

PS: Immediately apologize for the fictional domains, I hope clearly explained.


The problem was really on the side of FirstVDS and quickly resolved after the very first letter to technical support. Thanks to all.
Most likely on the FirstVDS name servers information is different. I would advise you (well, or to the customer more precisely) to contact technical support, help.
And so - edited the file with handles or through ISPmanager? It is necessary through ISPmanager, as it changes the series of the zone and notifies external servers that it would not be bad to update the domain information.

Shl: does not exist - it is better to remove it (and from the ISPmanager settings)
Recently edited through ISPManager. A button with a red first-aid kit (update information) also stung :)
Now I will delete too much, let's see, thanks for the answer. If anything, we will contact the support, although I really do not like to do it. - rithika kancharla
well, just at first glance - some problems with external servers - one gives one, and the second - the second - without seeing the domain, of course, it is difficult to say, but everything speaks about it. And about technical support - in vain, though I don’t like to touch the support myself - paul mcgee
annette tang
You still have to contact technical support. There people are quite adequate.
And there is a second DNS server?

In general, I understood a long time ago that a self-compiled DNS server is not a rewarding business. It is much easier to get a DNS server for a whole year for 40 eurocents and not to bathe.
Second is not available. Need to think about it, thanks. - kathren
Do not count for advertising, but let's say Fastvps has the service "Rent DNS". The domain control panel is highlighted, and two DNS servers. All this for 0.40 euros per year. - jdgibson gibson
Recently, I hear a lot of good about fastvps. As soon as the customer decides to move (think, soon), I will advise him. - dedra
I understand - master dnsom master - firstvds himself?
Then there are a couple of questions:
1. Do you have your dns server on VDS? Then why is there no him in the zone?
2. If this is not the case, then in the firstvds web interface you can indicate that their dns will be like a slave?
3. a) If yes, then do your master, their slave
 b) If not, then try, if there is an opportunity, to make your own slave for them and see what the zone looks like at the moment of changing ip and, what is the most important thing, which key?

If I misunderstand you - ask. If you have questions - write;)
key = serial in the config file of the zone - jandy nelson
1) No, your server is at home, DNS is not configured on it. I thought that you can just say that DNS “if you see this domain, go to this IP”. Or am I stupid? :)
2) I have not seen this even. Just a list of servers. - theophanu
1) I thought that dns is hanging on the VDS itself and you want to control the zone on it too.
#dig ns + noqr + short

Just used to operate only with my own dns =)
3) I can, in an extreme case, offer to slap a slave zone on my server, and master on my VDS =) $ - amerydbaker
% # @ !!! New Habr damn.
2) dig the same data? ISPManager now for the sake of development I will look, maybe I can think of it.
There is just another feeling that they themselves had masters / slaves after a liter tuned :) - dylan lysen
[14:44:39]: vas3k @ arch ~ & gt; dig ns + noqr + short

so here. - jim keith
dig @ ns1 | 2 | 3.firstvds + short
produces the same thing? - stephanie adams
Each ns gives two IP, the first everywhere the same (VDS), the second the other. My in them is not. - rafatjahan siddique
was sealed.
dig @ ns1 | 2 | + short
but I think you understand me. - karen mcp
holly parmelee
There seems to be some kind of troubles on the servers, I have been worrying about DNS for a few days already with the DNS
It would be a few days. Here a month already. Therefore, most likely my crooked hands. - chris kujawa
, are you making changes in the zone on the primary server?

a picture of what you are doing changes on the secondary, and the primary in 3 hours rubs your notes.
I mean, what to do with pens and always on Primari
write a record, change the series, it is written as a date and at the end the change number (from 00 - 99) which number is not so important, the main thing that it differs from the previously entered, the date is also not desirable to change.

try a record like this A ipaddr

note after the full spelling of the domain is worth a point.
Replies: seems to be updated by clicking on a button in ISPmanager. I did this.
The series I know how to prescribe, and through the manager he generates it himself, so everything should be ok with him.
I will try this entry now, thanks. - vedrana
nick white
the first thing I noticed: IN MX 10 mail IN MX 20 mail
that's bullshit. Why are you two identical server in mx indicated? What do you really expect? What mail server will knock 2 times on one server? No, after the first failure, he will stop trying in this case.
Your problem is really easy. I think a caliper could help.
You can diagnose yourself: for this you need to ask about all name servers specified for The list of these servers can be obtained from the command line using the command

Please note that it may not coincide with IN NS IN NS IN NS
When you find out, check the A-record on each of this list, for example:
if there is a mistake somewhere - correct
forgot that there is no whois in Windows. Then through the web: - dinar
Pro delusions are automatically generated by ISPmagager nonsense.
I have archlinux, it could be understood by the logs from the console.
I went to diagnose, thanks for the minus. - lorna dh
Sorry, not your minus :)
In general, apparently some of the above methods helped. All ns say the correct IP. We will observe more, I hope everything will work.
Thanked in karma. - bookmaniac70
How to choose a license? :: Do you use JScript at work? :: The most convenient client for Livejournal under Linux? :: How to solve the problem with the coding in conjunction Evolution + Exchange 2007? :: Advise books on the basics of UI
Leave Repply forProblems with configuring DNS (bind)?
Useful Links