DNS SERVER WITH ERROR: "Server Can't Find : SERVFAIL"
 

I did a basic installation of Debian, which will be used for a mail server. I Installed the bind9 and did the configuration of the zones and created the files in the directory / etc / bind.
After the process I typed the following command to test my DNS:

nslookup mail.hotelpart.com and presented the following error:


***************************************************************
* mail:/# nslookup mail.hotelpart.com *
* Server: 127.0.0.1 *
* Address: 127.0.0.1#53 *
* *
*** server can't find mail.hotelpart.com: SERVFAIL *
***************************************************************


I would enlist the help of you to resolve this problem that I have some time I'm trying to solve:

Easier to stay I put my files in message: The files named.conf, db.hotelpart.com and db.111.20.11.200.

-------------------------------------------------------------------------

File named.conf


// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};

zone "hotelpart.com"{
notify no;
type master;
file "/etc/bind/db.hotelpart.com";
};

zone "111.20.11.200.in-addr.arpa"{
notify no;
type master;
file "/etc/bind/db.111.20.11.200";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the "root-delegations-only" feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including "MUSEUM" and "DE", and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";


-------------------------------------------------------------------------

File db.hotelpart.com

;
; BIND data file for local loopback interface
;
$TTL 86400
@ IN SOA mail.hotelpart.com. root.hotelpart.com. (
1 ; Serial
3600 ; Refresh
86400 ; Retry
2419200 ; Expire
3600
)
;
@ IN NS localhost
@ IN MX 5 mail.hotelpart.com
localhost IN A 127.0.0.1
www IN A 200.11.20.111
mail IN A 200.11.20.111

-------------------------------------------------------------------------

File db.111.20.11.200

;
; BIND data file for local loopback interface
;
$TTL 86400
@ IN SOA mail.hotelpart.com. root.hotelpart.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN MX mail.hotelpart.com.
@ IN A 200.11.20.111
@ IN PTR mail.hotelpart.com.


Thanks!!!

I count on the help of you!!!

You are looking for mail.hotelpart.com and get a response from your server for mail.hoteldofrade.com!!!! Does mail.hoteldofrade.com looks familiar to you?

Sorry, The domain correct is mail.hotelpart.com. I did commit a mistake. :cry:

mail:~# nslookup mail.hotelpart.com :confused:
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find mail.hotelpart.com: SERVFAIL

That's OK.
Change
to
increase the serial and reload named.
You need to do the same in the reverse zone too, as you don't have any NS record.

I did what you told me to do, but there still remains the problem!!! :tisk:

mail:/etc/bind# nslookup mail.hotelpart.com
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find mail.hotelpart.com: SERVFAIL

Do You have more any tips, for help me ?????

Could you please post the output of the commands
and the relevant lines from /var/log/messages, or /var/log/syslog (whatever file named writes its logs), when you restart named.
Also since I don't use debian, what's in /etc/bind/named.conf.options and /etc/bind/named.conf.local

mail:~# ps -ef|grep named
bind 6082 1 0 08:56 ? 00:00:00 /usr/sbin/named -u bind
root 6184 6178 0 11:00 pts/2 00:00:00 grep named
mail:~# named-checkconf -z
zone localhost/IN: loaded serial 1
zone 127.in-addr.arpa/IN: loaded serial 1
zone 0.in-addr.arpa/IN: loaded serial 1
zone 255.in-addr.arpa/IN: loaded serial 1
/etc/bind/db.hotelpart.com:4: no current owner name
/etc/bind/db.hotelpart.com:5: no current owner name
/etc/bind/db.hotelpart.com:13: no current owner name
/etc/bind/db.hotelpart.com:14: no current owner name
/etc/bind/db.hotelpart.com:15: no current owner name
/etc/bind/db.hotelpart.com:16: no current owner name
/etc/bind/db.hotelpart.com:17: no current owner name
zone hotelpart.com/IN: loading master file /etc/bind/db.hotelpart.com: no owner
_default/hotelpart.com/IN: no owner
/etc/bind/db.111.20.11.200:4: no current owner name
/etc/bind/db.111.20.11.200:5: no current owner name
/etc/bind/db.111.20.11.200:12: no current owner name
/etc/bind/db.111.20.11.200:13: no current owner name
/etc/bind/db.111.20.11.200:14: no current owner name
/etc/bind/db.111.20.11.200:15: no current owner name
zone 111.20.11.200.in-addr.arpa/IN: loading master file /etc/bind/db.111.20.11.200: no owner
_default/111.20.11.200.in-addr.arpa/IN: no owner


File /var/log/syslog

Apr 2 06:25:09 mail syslogd 1.4.1#18: restart.
Apr 2 06:43:00 mail -- MARK --
Apr 2 07:03:00 mail -- MARK --
Apr 2 07:17:01 mail /USR/SBIN/CRON[6026]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Apr 2 07:43:01 mail -- MARK --
Apr 2 08:03:01 mail -- MARK --
Apr 2 08:17:01 mail /USR/SBIN/CRON[6040]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Apr 2 08:43:01 mail -- MARK --
Apr 2 08:56:17 mail named[2490]: shutting down: flushing changes
Apr 2 08:56:17 mail named[2490]: stopping command channel on 127.0.0.1#953
Apr 2 08:56:17 mail named[2490]: stopping command channel on ::1#953
Apr 2 08:56:17 mail named[2490]: no longer listening on ::#53
Apr 2 08:56:17 mail named[2490]: no longer listening on 127.0.0.1#53
Apr 2 08:56:17 mail named[2490]: no longer listening on 10.0.0.250#53
Apr 2 08:56:17 mail named[2490]: no longer listening on 200.11.20.111#53
Apr 2 08:56:17 mail named[2490]: exiting
Apr 2 08:56:19 mail named[6082]: starting BIND 9.3.4-P1.1 -u bind
Apr 2 08:56:19 mail named[6082]: found 1 CPU, using 1 worker thread
Apr 2 08:56:19 mail named[6082]: loading configuration from '/etc/bind/named.conf'
Apr 2 08:56:19 mail named[6082]: listening on IPv6 interfaces, port 53
Apr 2 08:56:19 mail named[6082]: listening on IPv4 interface lo, 127.0.0.1#53
Apr 2 08:56:19 mail named[6082]: listening on IPv4 interface eth1, 10.0.0.250#53
Apr 2 08:56:19 mail named[6082]: listening on IPv4 interface eth0, 200.11.20.111#53
Apr 2 08:56:19 mail named[6082]: command channel listening on 127.0.0.1#953
Apr 2 08:56:19 mail named[6082]: command channel listening on ::1#953
Apr 2 08:56:19 mail named[6082]: zone 0.in-addr.arpa/IN: loaded serial 1
Apr 2 08:56:19 mail named[6082]: zone 127.in-addr.arpa/IN: loaded serial 1
Apr 2 08:56:19 mail named[6082]: /etc/bind/db.111.20.11.200:4: no current owner name
Apr 2 08:56:19 mail named[6082]: zone 111.20.11.200.in-addr.arpa/IN: loading master file /etc/bind/db.111.20.11.200: no owner
Apr 2 08:56:19 mail named[6082]: zone 255.in-addr.arpa/IN: loaded serial 1
Apr 2 08:56:19 mail named[6082]: /etc/bind/db.hotelpart.com:4: no current owner name
Apr 2 08:56:19 mail named[6082]: zone hotelpart.com/IN: loading master file /etc/bind/db.hotelpart.com: no owner
Apr 2 08:56:19 mail named[6082]: zone localhost/IN: loaded serial 1
Apr 2 08:56:19 mail named[6082]: running
Apr 2 09:17:01 mail /USR/SBIN/CRON[6096]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Apr 2 09:43:02 mail -- MARK --
Apr 2 10:03:02 mail -- MARK --
Apr 2 10:11:49 mail named[6082]: lame server resolving 'www.estadosp.com.br' (in 'estadosp.com.br'?): 72.233.50.75#53
Apr 2 10:11:49 mail named[6082]: lame server resolving 'www.estadosp.com.br' (in 'estadosp.com.br'?): 72.233.50.76#53
Apr 2 10:17:01 mail /USR/SBIN/CRON[6133]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Apr 2 10:43:03 mail -- MARK --
Apr 2 11:03:03 mail -- MARK --

--------------------------------------------------------------

/etc/bind/named.conf.options

options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.

// query-source address * port 53;

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

// forwarders {
// 0.0.0.0;
// };

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};

----------------------------------------------------------------

File /etc/bind/named.conf.local

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";


Thanks!!!:cool:

How do you edit the zone files? I guess there are some non printable characters somewhere that are making this mess. Open /etc/bind/db.hotelpart.com with vi and check for special characters, or use (copy/paste) the following in a new file (keep a backup of the original just in case):
Note: I've increased serial to 10. If you have done more that 10 edits, then change it accordingly

:p
I managed to solve one problem, now tell me if this is normal????

mail:~# nslookup mail.hotelpart.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: mail.hotelpart.com
Address: 200.11.20.111

mail:~# nslookup 200.11.20.111
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find 111.20.11.200.in-addr.arpa: SERVFAIL

I still have something wrong with my DNS!!!

I hope I can count on your help!!!

How did you managed to solve the problem?
You should do the same for the reverse zone.

I made some changes in my files: db.hotelpart.com and db.111.20.11.200.
But but the change only works for db.hotelpart.com file.

Below are the current files:

File db.hotelpart.com

$TTL 86400
@ IN SOA mail.hotelpart.com. root.hotelpart.com. (
1 ; Serial
3600 ; Refresh
86400 ; Retry
2419200 ; Expire
3600
)
@ IN NS mail.hotelpart.com.
@ IN MX 5 mail.hotelpart.com.
localhost IN A 127.0.0.1
www IN A 201.11.14.114
mail IN A 200.11.20.111


File db.111.20.11.200

$TTL 86400
@ IN SOA mail.hotelpart.com. root.hotelpart.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS mail.hotelpart.com.
@ IN MX mail.hotelpart.com.
@ IN A 200.11.20.111
@ IN PTR mail.hotelpart.com.


Is probably missing some detail, but I didn't identify... I need your help.

Thanks

Could you be more specific about what changes you've done, because to me both files look the same, apart from the NS record and a missing dot "." at the MX record.
Check syslog to see if you still get the same "no owner" error, so we will know if it's the same problem, or something else.
You should also note, that reverse dns is more tricky. If you have given a chunk of a /24 subnet from your isp, you should contact them to make sure that they have given you the delegation of that chunk. Then you must use in named.conf a zone name that mtches this chunk (something like xx/yy.20.11.200.in-addr.arpa, where xx is the first IP and yy the subnet mask). The reverse zone file you've posted will work only if you own the whole 200.11.20.0/24 subnet. Not to mention that for www you have an IP of 201.11.14.114 (that belongs to a different subnet: 201.11.14.0/24)

In the zone file you should use:
Take a look here for the Classless IN-ADDR.ARPA delegation.

I didn't understand the right information that you spoke.
I made the changes mentioned by you, but I do not know if it was to be done this way because I have never seen any documentation talking about this type of reverse zone.

Here are my new files: db.111.20.11.200 and syslog:

$TTL 86400
$ORIGIN 11/29.20.11.200.in-addr.arpa.
@ IN SOA mail.hotelpart.com. root.hotelpart.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS mail.hotelpart.com.
@ IN MX mail.hotelpart.com.
@ IN A 200.11.20.111
@ IN PTR mail.hotelpart.com.
111 IN PTR mail.hotelpart.com.

mail:~# nslookup 200.11.20.111
Server: 127.0.0.1
Address: 127.0.0.1#53

** server can't find 111.20.11.200.in-addr.arpa: SERVFAIL

Thanks.

My log is very big, I can not to post. Sorry!!!

So you're delegating the 200.11.20.XXX/29 subnet. Please verify with your ISP the last octet of the starting IP, because if my calculations are correct 200.11.20.111 is the broadcast address (that cannot be assigned to a host)
Your IP range is probably 200.11.20.105-200.11.20.111.
If that's correct change the in-addr.arpa zone name to 105/29.20.11.200.in-addr.arpa. in named.conf and then change the db.111.20.11.200 file like this:
Regarding the logs, you should post only those after reloading named.