bind9 debian dns lan issue wrong ip

[whitecrook]

Hi all

Had my debian box doing dns before on my old network 192.168.1.0

but my new network in my new place has kinda been setup with 192.168.0.0

So i edited the zones and reloaded and restarted bind but im still getting the old ips when i nslookup. what do i need to do to get it to refresh? or is it still looking somewhere on the system i don't know about ?

resolv.conf

domain whitecrook.lan
search whitecrook.lan
nameserver 192.168.0.140
nameserver 194.168.4.100
nameserver 194.168.8.100

/etc/bind/zones/whitecrook.lan.db

$TTL 604800
$ORIGIN whitecrook.lan.
@      IN      SOA     debian.whitecrook.lan. laser.whitecrook.lan. (
// Do not modify the following lines!
                                                        2012081405
                                                        28800
                                                        3600
                                                        604800
                                                        38400
 )

                TXT     "whitecrook.lan, serving YOUR domain :)"
// Replace the following line as necessary:
// ns1 = DNS Server name
// mta = mail server name
// example.com = domain name
@      IN      NS              debian.whitecrook.lan.
@      IN      MX     10       mail.whitecrook.lan.
@       IN      A               192.168.0.140
// Replace the IP address with the right IP addresses.
localhost          IN      A       127.0.0.1
debian          IN      A       192.168.0.140
dd-wrt          IN      A       192.168.0.1
laptopwired     IN      A       192.168.0.119
lappydip        IN      A       192.168.0.194
themacbook      IN      A       192.168.0.10
mail            IN      A       192.168.0.110 
ns1             IN      A       192.168.0.140

/etc/bind/zones/rev.0.168.192.in-addr.arpa

//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it's 1, as my IP address is 192.168.0.1.
@ IN SOA whitecrook.lan. laser.whitecrook.lan. (
                        2012081405;
                        28800; 
                        604800;
                        604800;
                        86400 
)

                     IN    NS     debian.whitecrook.lan.
140                    IN    PTR    whitecrook.lan.
140.0.168.192.in-addr.arpa       IN    PTR    ns1.whitecrook.lan.

nslookup

debian:/etc/bind# nslookup debian
Server:         192.168.0.140
Address:        192.168.0.140#53

Name:   debian.whitecrook.lan
Address: 192.168.1.140

debian:/etc/bind#

 

[memyselfandi]

Hmmmm ...

- Have you incremented the serial line value (here 2012081405) when making changes to the files (I know we used to have to do that last time I administered DNS servers but that was a very long time ago)?

- I don't think it would be affecting your issue but your reverse lookup file doesn't look right to me, I'd expect it to be more like the example given in step 1 on this link ?

- Has your /etc/named.boot or named.conf been updated to reflect the changes if needed or could it be pointing at old files still?

 

[whitecrook]

Yes. The serial was 2006xxxxxxx now i adjusted it to 2012

Rev lookup isn't a problem for me just now, I know I don't have all the records in there

named.conf is all correct

I found old files in /var/cache/bind basically copies of my old zone files, that it must have been using - I deleted them now I don't get any lookups at all, not even wrong ones. Copied some files back in there, but still no game

named.conf.local

debian:/var/lib/dpkg# less /etc/bind/named.conf.local
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
# This is the zone definition. replace example.com with your domain name
zone "whitecrook.lan" {
        type master;
        file "whitecrook.lan.db";
        };

# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone "0.168.192.in-addr.arpa" {
     type master;
     file "rev.0.168.192.in-addr.arpa";
};

 

[whitecrook]

debian:/var/lib/dpkg# /etc/init.d/bind9 restart && /etc/init.d/bind9 reload
Stopping domain name service...: bind9 waiting for pid 16435 to die.
Starting domain name service...: bind9.
Reloading domain name service...: bind9.
debian:/var/lib/dpkg# nslookup debian
;; Got SERVFAIL reply from 192.168.0.140, trying next server
Server:         192.168.0.140
Address:        192.168.0.140#53

** server can't find debian: NXDOMAIN

debian:/var/lib/dpkg# nslookup debian.whitecrook.lan
;; Got SERVFAIL reply from 192.168.0.140, trying next server
;; Got SERVFAIL reply from 192.168.0.140, trying next server
Server:         194.168.4.100
Address:        194.168.4.100#53

** server can't find debian.whitecrook.lan: NXDOMAIN

debian:/var/lib/dpkg# nslookup debian.example.com
;; Got SERVFAIL reply from 192.168.0.140, trying next server
Server:         194.168.4.100
Address:        194.168.4.100#53

** server can't find debian.example.com: NXDOMAIN

debian:/var/lib/dpkg#

why i getting weird results here ?

 

[memyselfandi]

So it sounds like it was using the old files instead of the new ones, hence the erroneous look ups, and now you have removed them the DNS service is not looking at any files.

- Is the directory option in the main named.conf file pointing at the correct directory?
- Have you tried specifying the absolute path in the file parameter in the named.conf.local file to make sure it is looking for the file you expect in the right place?

ref here

 

[whitecrook]

I tried that. Seems it was looking in /var/bind/cache

What I did was remove bind 9
Re install it
used the previously unknown( to me )tools, named-checkzone and named-checkconf and it highlighted some issues. Fixed them up and all is working now. Was weird, but will need to make updates, so I'll see if it still updates ok later