nslookup "cant find domain name"

[altiris]

I have centos 6.5 with bind dns installed. When I try and do nslookups of my mail domain, which is mail.dataglobe.net, I get "Non-authoritative answer: *** Can't find mail.dataglobe.net: No answer". Which is weird because if I try nslookup dataglobe.net I get back the domainn and the external ip address given to the computer. Additionally, I can not nslookup my hostname which is necc-data, I get "server can't find necc-data: NXDOMAIN". I have these entires in the zone files of the DNS server yet they still do not

I am running DNS chrooted so basically the .conf file is in /var/named/chroot/etc/named.conf and my zone files are in /var/named/chroot/var/named/ Below are my forward and lookup zones in order.

[vonskippy]

You don't have a A record for MAIL

Also ALL of your records point to INTERNAL/PRIVATE IP's, so nothing from outside will be able to use them.

Also, unless you have at least a /24 subnet, pubic PTR records must either be setup by your upstream provider, or delegated in their name server to allow you to host those records (this is somewhat moot since once again, you're only using internal IPs).

[altiris]

You don't have a A record for MAIL

Also ALL of your records point to INTERNAL/PRIVATE IP's, so nothing from outside will be able to use them.

Also, unless you have at least a /24 subnet, pubic PTR records must either be setup by your upstream provider, or delegated in their name server to allow you to host those records (this is somewhat moot since once again, you're only using internal IPs).

I made an A record for mail originally and it still didnt do anything. I will make an A record for mail below, is that correct or rather than my IP should I put mail.mydomain.com ? I will also change the internal IPs to external IPs in forward zone

mail IN A 192.168.12.137

Alright so I try doing nslookups again after the changes above and I still get the same response. One thing I have noticed is that in my zone files I set www to be an A record but when I nslookup http://www.dataglobe.net it returns "Non-authoritative answer: http://www.dataglobe.net canonical name = http://www.dataglobe.net. which is making me wonder now that it is getting the records from my ISPs DNS servers in which I put www as a CNAME record just for testing purposes.

[TrevorH]

Try pointing nslookup directly to your nameserver by running, e.g. `nslookup www.dataglobe.net 127.0.0.1` and see if you get different answers. Without the server address specified it will pick up the nameserver address(es) to be used from /etc/resolv.conf and use those. If that doesn't point to your local nameserver then it won't be used.

Also, when you nslookup, you don't include http:// on the query, just the domain name.

The output from nslookup helpfully includes the address of the server it used so that you can tell which one provided the answer. I suspect your output will be using a different server...

[avij]

Also, when you nslookup, you don't include http:// on the query, just the domain name.

I believe it was phpBB that helpfully added the http:// in there. This 'useful feature' can be disabled by checking the Do not automatically parse URLs checkbox when writing a message.

[TrevorH]

It didn't automatically parse and change my version though.

[altiris]

Try pointing nslookup directly to your nameserver by running, e.g. `nslookup http://www.dataglobe.net 127.0.0.1` and see if you get different answers. Without the server address specified it will pick up the nameserver address(es) to be used from /etc/resolv.conf and use those. If that doesn't point to your local nameserver then it won't be used.

Also, when you nslookup, you don't include http:// on the query, just the domain name.

The output from nslookup helpfully includes the address of the server it used so that you can tell which one provided the answer. I suspect your output will be using a different server...

I did not add http:// it was added automatically. I did a cat of my resolv.conf and it has in it nameserver 127.0.0.1
Here is the output of the command you wanted me to try.

[TrevorH]

Notice how that output does not include "Non-authoritative answer" which means that your nameserver on 127.0.0.1 is authoritative for the domain. When you did this before it queried some other nameserver that was not the owner of your zone so it was not authoritative.

[altiris]

Notice how that output does not include "Non-authoritative answer" which means that your nameserver on 127.0.0.1 is authoritative for the domain. When you did this before it queried some other nameserver that was not the owner of your zone so it was not authoritative.

Hmmm, then it must be my ISPs domain being used infront of or instead of mine, yes? I will try and troubleshoot more and edit settings on the ISPs DNS and report back. Thanks for helping me, I appreciate it.