[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Reverse DNS and Err/TO getting serial# messages
- Subject: Re: [cobalt-users] Reverse DNS and Err/TO getting serial# messages
- From: flash22@xxxxxxx
- Date: Tue Oct 23 10:56:12 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Tue, 23 Oct 2001, Barbara - wrote:
> named: Err/TO getting serial# for "domain_C.tld"
> named-xfer: connect(PRIMARY-DNS-IP) for zone
> domain_A.tld failed: No route to host
> I'm wondering if this could be because neither colo
> facility (that houses the RaQ's) seems to be allowing
> Reverse DNS of my IP's. I've setup PTR records
> correctly on the primary DNS system, but when trying
> to perform a RDNS lookup on any of the IP's I get this
> message:
>
> PRIMARY-DNS-IP has badly configured reverse DNS.
>
> The reverse DNS for PRIMARY-DNS-IP is unassigned, but
> unassigned, doesn't resolve to anything.
This only menans they didn't delegate it to you...it won't bother the
nameserver. (Tho how you can state that you set them up correctly when
they aren't delegated i won't touch ;)
No route to host" means exactly what it says, one machine can't get to the
other through the net, this is a actual error, eg, some machine on the net
actually had to send you an 'i can't get there from here' message, so i
suspect you have poor connectivity...or a confused firewall
The only other thing that comes to mind is you have a domain -> IP line in
/etc/hosts that doesn't agree with the actual address of your primary, in
which case the secondary is asking some completly foreign machine for a
zone...and given a random IP address, it's fairly probable there is no
machine there....(thus no route to it), This will work/not work randomly,
as the zone update will get one address, and the local machine will give
another, make sure your NS records for the PRIMARY are right.
It's a good idea , to have a local static mapping of the primary servers
name to IP on the secondary , it reduces chances of spoofing, and
allows the secondary to update zones if it has troubles getting to the
root servers...(eg in /etc/hosts)
Also make sure,if you have internal PTR records, that they reverse
properly, if mapping domain ->IP -> domain -> IP changes the
end IP to a different address, truely strange things will happen -/
Log into one server and traceroute to the other from time to time, see
what kind of response you do get....
ps: Don't focus on 'serial' too much, it's just the first thing in the
zone the nameserver is trying to get...it's not getting past that part
gsh