Dear all,

under SLES 11 SP2 we have set up a DNS zone and here are the contents
of the respective files:

named.conf
=========
options {


directory "/var/lib/named";

dump-file "/var/log/named_dump.db";

statistics-file "/var/log/named.stats";



listen-on port 53 { any; };

listen-on-v6 { any; };



allow-query { any; };



include "/etc/named.d/forwarders.conf";

};



zone "." in {

type hint;

file "root.hint";

};



zone "localhost" in {

type master;

file "localhost.zone";

};



zone "0.0.127.in-addr.arpa" in {

type master;

file "127.0.0.zone";

};




include "/etc/named.conf.include";

zone "example.com" in {

file "master/example.com";

type master;

allow-transfer { any; };

};

logging {

category queries { log_file; };

category default { log_file; };

channel log_file { file "/var/log/DNS_log" versions 2 size 50M; };

};

zone "3.2.1.in-addr.arpa" in {

file "master/3.2.1.in-addr.arpa";

type master;

allow-transfer { any; };

};


forwarders.conf
============
forwarders {

1.2.3.1;

1.2.3.2;

};


example.com
===========
$TTL 2d

@ IN SOA mail-s.example.com. root.mail-s.example.com. (

2012103104 ; serial

3h ; refresh

1h ; retry

1w ; expiry

1d ) ; minimum



example.com. IN MX 5 mail-s.example.com.

example.com. IN NS mail-s.example.com.

mail-s IN A 1.2.3.10

; IN Address (A) records

localhost IN A 127.0.0.1

fw1 IN A 1.2.3.11

dc1 IN A 1.2.3.12

dc2 IN A 1.2.3.13

3.2.1.in-addr.arpa
=============
$TTL 2d

@ IN SOA mail-s.example.com. root.mail-s.example.com. (

2011121405 ; serial

3h ; refresh

1h ; retry

1w ; expiry

1d ) ; minimum



@ IN NS mail-s.example.com.

; IN Reverse Map

10 IN PTR mail-s.example.com.

11 IN PTR fw1.example.com.

12 IN PTR dc1.example.com.

13 IN PTR dc2.example.com.


/etc/resolv.conf
============
search example.com

nameserver 1.2.3.10



For instance when we try to resolve fw1.example.com using
mail-s: nslookup fw1.example.com
we see this ";;Got SERVFAIL reply from 1.2.3.10" message.
mail-s: dig any example.com @mail-s.example.com
tells us
; <<>> DiG 9.6-ESV-R5-P1 <<>> any example.com @mail-s.eixample.com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 47307

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0



;; QUESTION SECTION:

;example.com. IN ANY



;; Query time: 0 msec

;; SERVER: 1.2.3.10#53(1.2.3.10)

;; WHEN: Wed Nov 14 10:04:15 2012

;; MSG SIZE rcvd: 28



Further informations:
1. there is no firewall on mail-s (nameserver)
2. mail-s: netstat -an | grep :53 | grep udp
looks like this:
udp 0 0 1.2.3.10:53 0.0.0.0:*
udp 0 0 127.0.0.2:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*

Any idea what's wrong here?
Many thanks in advance for any hint!

Regards, Rainer














example.com
==========