From: Zulkuf OK (zulkuf_ok@hotmail.com)
Date: Wed 20 Jul 2005 - 18:39:02 EEST
Sistemimiz router uzerinden Superonline servis saglayicisi uzerinden
internette cikiyor
213.74.4.130
213.74.4.131 Superonline DNS leri
bu rakamlari kaldirip 192.168.105.101 (bind kurulu makinenin ip numarasi)
yazinca bind kurulu makine internete cikmiyor.
ekte netstat -an ciktisini netstat.txt ve hosts.ve resolv.conf dosyasina
ekledim.incelerseniz sevininirm.Galiba 53 port kapali bunu nasil
acabilirim.cunku verdiginiz komutta 53 nolu port gorunmuyor.
ayni konfigrasyonla eski server calisiyor.ilginc.bu konuda hic iyi degilim
From: Hasan AHLATCI <ogrenci@ahlatci.net>
Reply-To: linux-sunucu@liste.linux.org.tr
To: Zulkuf OK <linux-sunucu@liste.linux.org.tr>
Subject: Re[2]: [Linux-sunucu] DNS problemi
Date: Wed, 20 Jul 2005 17:31:40 +0300
Hello Zulkuf,
Wednesday, July 20, 2005, 3:06:59 PM, you wrote:
>service named status
>dediğimde rndc: connect failed: connection refused [FAILED]
>ama eski makinemde de aynı hata mesaji olmasina karsin DNS hizmeti
>veriyor.Eski makinemdeki DNS konfigrasyonlari kopyaladim yeni server
>makineme.ve nslookup yazdigimda calisiyor galiba.
>----- Original Message -----
>From: "Tolga Han Cerit" <tolgahan.cerit@comsat.com.tr>
>To: <linux-sunucu@liste.linux.org.tr>
>Sent: Wednesday, July 20, 2005 2:48 PM
>Subject: Re: [Linux-sunucu] DNS problemi
>Merhaba,
>İlk gözüme çarpan şey ağ kartınızdan gelen sorgu isteklerine izin vermemiş
>olduğunuz. named.conf ' da ağ kartınıza bağlı ağdan sorgu yapılmasına izin
>vermelisiniz. Yanlışsam düzeltin lütfen arkadaşlar...
>Kolay gelsin
>On Wednesday 20 July 2005 14:34, Zulkuf OK wrote:
>>hostname : mail
>>mx : 195.33.204.130
>>domain adi:perencodiy.com
>>linux redhat kurulu olan makinenin IP numarasi :192.168.105.101
>>
>>Merhaba
>>
>>Linux Redhat 9.0 kullaniyorum.DNS kurulu makinem eski oldugundan yeni bir
>>makine alip oraya Redhat 9.0 kurdum.DNS servisi calisiyor gorunuyor ama
>>Windows kurulu terminallerden bu DNS numarasini yazararak internette
>>cikamiyorum(Preferded DNS Number) .Ama eski makinemden ayni konfigrasyonla
>>cikabiliyorum.Eski makinemden DNS ayarllari yaptigim dosyalari yeni
>>kurdugum makineye kopyaladim.Firewall kurmadim.
>>
>>nslookup komutunu kulandigimda DNS calisiyor gorunuyor .
>>Yardimlarinizdan dolayi tesekkur edrerim.
>>
>>Saygilarimla.
>>
>>root@mail root]# nslookup
>>Note: nslookup is deprecated and may be removed from
>>future releases.
>>Consider using the `dig' or `host' programs instead.
>>Run nslookup with
>>the `-sil[ent]' option to prevent this message from
>>appearing.
>>
>> > www.gelecek.com.tr
>>
>>Server: 213.74.4.130
>>Address: 213.74.4.130#53
>>
>>Non-authoritative answer:
>>Name: www.gelecek.com.tr
>>Address: 62.244.213.90
>>
>> > www.yahoo.com
>>
>>Server: 213.74.4.130
>>Address: 213.74.4.130#53
>>
>>Non-authoritative answer:
>>www.yahoo.com canonical name = www.yahoo.akadns.net.
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.86
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.88
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.71
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.72
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.74
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.78
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.83
>>Name: www.yahoo.akadns.net
>>Address: 68.142.197.85
>>
>>Kullandigim DNS dosyalari
>>
>>named.conf dosyasi
>>controls {
>> inet 127.0.0.1 allow { 127.0.0.1; } keys { rndckey; };
>>};
>>
>>key "rndckey" {
>> algorithm "hmac-md5";
>> secret "qYlct1UlUiqkficy/5uDrA==";
>>};
>>
>>options {
>> directory "/etc/named.data";
>> forwarders { 213.74.4.130; 213.74.4.131; 144.122.199.90;
>>144.122.199.93; }; forward only;
>> /*
>> * If there is a firewall between you and nameservers you want
>> * to talk to, you might need to uncomment the query-source
>> * directive below. Previous versions of BIND always asked
>> * questions using port 53, but BIND 8.1 uses an unprivileged
>> * port by default.
>> */
>> query-source address * port 53;
>>};
>>
>>//
>>// a caching only nameserver config
>>//
>>zone "." IN {
>> type hint;
>> file "named.cache";
>>};
>>
>>zone "perencodiy.com." IN {
>> type master;
>> file "named.perenco";
>> allow-update { none; };
>>};
>>zone "localhost" IN {
>> type master;
>> notify no;
>> file "named.local";
>> allow-update { none; };
>>};
>>zone "204.33.195.IN-ADDR.ARPA" IN {
>> type master;
>> file "named.rev";
>>};
>>
>>zone "0.0.0.127.in-addr.arpa" IN {
>> type master;
>> file "named.127";
>>};
>>
>>named.local dosyasi
>>$TTL 86400
>>@ IN SOA @ root (
>> 2005062201 ; serial (d. adams)
>> 3H ; refresh
>> 15M ; retry
>> 1W ; expiry
>> 1D ) ; minimum
>> IN NS @
>> IN A 127.0.0.1 ; makes it 127.0.0.0
>>hosts dosyasi
>># hosts This file describes a number of hostname-to-address
>># mappings for the TCP/IP subsystem. It is mostly
>># used at boot time, when no name servers are running.
>># On small systems, this file can be used instead of a
>># "named" name server. Just add the names, addresses
>># and any aliases to this file...
>>#
>># By the way, Arnt Gulbrandsen <agulbra@nvg.unit.no> says that 127.0.0.1
>># should NEVER be named with the name of the machine. It causes problems
>># for some (stupid) programs, irc and reputedly talk. :^)
>>#
>>
>># For loopbacking.
>>127.0.0.1 localhost
>>195.33.204.130 mail.perencodiy.com mail
>>192.168.105.15 zulkufokpc
>>
>># End of hosts.
>>
>>named.rev dosyasi
>>$TTL 86400
>>@ IN SOA mail.perencodiy.com. root.perencodiy.com. (
>> 2005062201 ; Serial
>> 28800 ; Refresh
>> 7200 ; Retry
>> 2419200 ; Expire
>> 86400 ) ; Minimum
>> IN NSl mail.perencodiy.com.
>>130 IN PTR mail.perencodiy.com.
>>named.127 dosyasi
>>$TTL 86400
>>@ IN SOA localhost. root.localhost. (
>> 2005062201 ; serial (d. adams)
>> 28800 ; refresh
>> 7200 ; retry
>> 2419200 ; expiry
>> 86400 ) ; minimum
>> IN NS localhost.
>>1 IN PTR localhost. ; makes it 127.0.0.1
>>named.perenco dosyasi
>>; perenco
>>$TTL 86400
>>@ IN SOA mail.perencodiy.com. root.perencodiy.com. (
>> 2005062201 ; Serial
>> 28800 ; Refresh
>> 7200 ; Retry
>> 2419200 ; Expire
>> 86400 ) ; Minimum
>> IN NS mail.perencodiy.com.
>> IN MX 10 mail
>>localhost IN A 127.0.0.1
>>perencodiy.com. IN A 195.33.204.130
>>mail IN A 195.33.204.130
>>;
>>www IN CNAME mail
>>ftp IN CNAME mail
>>perencodiy.com. IN TXT "v=spf1 a mx"
>>
>>Saygilarimla
>>Zulkuf OK
>>root@mail root]# nslookup
>>Note: nslookup is deprecated and may be removed from
>>future releases.
>>Consider using the `dig' or `host' programs instead.
>>Run nslookup with
>>the `-sil[ent]' option to prevent this message from
>>appearing.
>>
>> > www.gelecek.com.tr
>>
>>Server: 213.74.4.130
>>Address: 213.74.4.130#53
>>
>>Non-authoritative answer:
>>Name: www.gelecek.com.tr
>>Address: 62.244.213.90
mailinizde sunucunun ip adresi olarak 192.168.105.101 demişsiniz
ama nslookup ile gelecek.com.tr yi sorgulattığınız dns 213.74.4.130.
Yani yeni dns çalışan sunucu üzerinden sorgu yapmıyorsunuz eğer nat
yada başka bir yönlendirme yapmadıysanız.
bind çalışan sunucu üzerinde netstat -an ile açık olan portları
kontrol edin ve udp 53 ün dinlendiğine emin olun. nslookup ile
baktığınız sunucunun /etc/resolv.conf dosyasında bind in çalıştığı
sunucunun ipsinin yazılı olduğuna emin olun ayrıca.
-- Best regards, Hasan mailto:ogrenci@ahlatci.net
_______________________________________________
Linux-sunucu mailing list
Linux-sunucu@liste.linux.org.tr
http://liste.linux.org.tr/mailman/listinfo/linux-sunucu