HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   two-in-one DNS server - problem with views (http://www.howtoforge.com/forums/showthread.php?t=10665)

sPENKMAN 17th February 2007 12:08

two-in-one DNS server - problem with views
 
Hello all,

First of all thank you for reading this topic, I hope together we can find the solution for my problem or at least narrowing it down.

For my DNS server setup I mostly used the "Two-in-one DNS server with BIND9" how-to with some added function. At his moment I am about to run my own DNS servers but I seem to have some trouble with the internal view which doesn't work properly.

Whenever I lookup a zone from my local network I get the results for the external view. A simple 'dig rootdomains.nl' on my primary ns gives my external IP as result, a 'dig rootdomains.nl @localhost' returns my internal IP address.

On any other machine there will only be my external IP as result, my conclusion is that the 'acl internal' does include 127.0.0.0/8; but not 192.168.0.0/24;.


My current setup in machines is:

192.168.0.50 is my server at home with openVZ. Within openVZ there are 2 name servers.
The primary name server providers the internal and external view as shown below. It has 192.168.0.51 as address and transfers his external view zone files with 82.192.80.xxx. The internal view transfers his zone files with 192.168.0.52 which is my secondary internal dns server.


82.192.80.xxx is a server locatated in a data centre and is de secondary name server for my external views.


Beneath are my config files used on the primary NS server:


named.conf.local
Code:

acl internals {
    127.0.0.0/8;
    192.168.0.0/24;
};

view "internal" {
    match-clients { internals; };
    recursion yes;

    zone "rootdomains.nl" {
        type master;
        file "/etc/bind/internal/db.rootdomains.nl";
        allow-transfer { 192.168.0.52; };
    };
};

view "external" {
    match-clients { any; };
    recursion yes;

    zone "rootdomains.nl" {
        type master;
        file "/etc/bind/external/db.rootdomains.nl";
        allow-transfer { 82.192.80.xxx; };
    };

    zone "rootdomains.eu" {
        type master;
        file "/etc/bind/external/db.rootdomains.eu";
        allow-transfer { 82.192.80.xxx; };
    };
};


internal/db.rootdomains.nl
Code:

$ORIGIN .
$TTL 604800    ; 1 week
rootdomains.nl          IN SOA  ns1.rootdomains.nl. root.rootdomains.nl. (
                                2007021503 ; serial
                                86400      ; refresh (1 day)
                                1800      ; retry (30 minutes)
                                2419200    ; expire (4 weeks)
                                604800    ; minimum (1 week)
                                )
                        NS      ns1.rootdomains.nl.
                        NS      ns2.rootdomains.nl.
                        A      192.168.0.17
                        MX      10 mail.rootdomains.nl.
$ORIGIN rootdomains.nl.
ftp                    A      192.168.0.17
localhost              A      127.0.0.1
mail                    A      192.168.0.17
ns1                    A      192.168.0.51
ns2                    A      192.168.0.52
www                    A      192.168.0.17


cat external/db.rootdomains.nl
Code:

$ORIGIN .
$TTL 604800    ; 1 week
rootdomains.nl          IN SOA  ns1.rootdomains.nl. root.rootdomains.nl. (
                                2007021704 ; serial
                                    4H    ; refresh (4 hours)
                                  1800    ; retry (30 minutes)
                                2419200    ; expire (4 weeks)
                                604800    ; minimum (1 week)
                                )
                        NS      ns1.rootdomains.nl.
                        NS      ns2.rootdomains.nl.
                        A      85.223.49.xxx
                        MX      10 mail.rootdomains.nl.
$ORIGIN rootdomains.nl.
ns1                    A      85.223.49.xxx
ns2                    A      82.192.80.xxx
localhost              A      127.0.0.1
mail                    A      85.223.49.xxx
www                    A      85.223.49.xxx
ftp                    A      85.223.49.xxx


If any information is needed I will provide it as soon as I can.

With kind regards,

sPENKMAN

falko 18th February 2007 19:06

Did you tell your client computers to use your own DNS server or do they use your ISP's name servers?

sPENKMAN 18th February 2007 19:45

Quote:

Originally Posted by falko
Did you tell your client computers to use your own DNS server or do they use your ISP's name servers?

Hehe, that would have been quite silly. I am using my own internal nameservers ;)

cat /etc/resolv.conf @ 192.168.0.17
Code:

nameserver 192.168.0.51
nameserver 192.168.0.52

ifconfig /all @ 192.168.0.18
Code:

DNS-servers . . . . . . . . . . . : 192.168.0.51
                                    192.168.0.52


falko 19th February 2007 15:16

Hm, it should work then...
Is named.conf.local included in named.conf?
What's in named.conf?

sPENKMAN 19th February 2007 19:07

Quote:

Originally Posted by falko
Hm, it should work then...
Is named.conf.local included in named.conf?
What's in named.conf?

That's my idea exactly. I had it working some time ago but at a certain point it didn't anymore. I reinstalled bind with apt-get remove --purge but that also didn't solve my problem.

cat named.conf
Code:

include "/etc/bind/named.conf.options";

include "/etc/bind/named.conf.local";


cat named.conf.local
Code:

acl internals {
    127.0.0.0/8;
    192.168.0.0/24;
};

view "internal" {
    match-clients { internals; };
    recursion yes;

    zone "rootdomains.nl" {
        type master;
        file "/etc/bind/internal/db.rootdomains.nl";
        allow-transfer { 192.168.0.52; };
    };

    zone "rootdomains.eu" {
        type master;
        file "/etc/bind/internal/db.rootdomains.eu";
        allow-transfer { 192.168.0.52; };
    };

    // prime the server with knowledge of the root servers
    zone "." {
            type hint;
            file "/etc/bind/db.root";
    };

    zone "localhost" {
            type master;
            file "/etc/bind/db.local";
    };

    zone "127.in-addr.arpa" {
            type master;
            file "/etc/bind/db.127";
    };

    zone "0.in-addr.arpa" {
            type master;
            file "/etc/bind/db.0";
    };

    zone "255.in-addr.arpa" {
            type master;
            file "/etc/bind/db.255";
    };
};

view "external" {
    match-clients { any; };
    recursion yes;

    zone "rootdomains.nl" {
        type master;
        file "/etc/bind/external/db.rootdomains.nl";
        allow-transfer { 82.192.80.188; };
    };

    zone "rootdomains.eu" {
        type master;
        file "/etc/bind/external/db.rootdomains.eu";
        allow-transfer { 82.192.80.188; };
    };

    // prime the server with knowledge of the root servers
    zone "." {
            type hint;
            file "/etc/bind/db.root";
    };

    zone "localhost" {
            type master;
            file "/etc/bind/db.local";
    };

    zone "127.in-addr.arpa" {
            type master;
            file "/etc/bind/db.127";
    };

    zone "0.in-addr.arpa" {
            type master;
            file "/etc/bind/db.0";
    };

    zone "255.in-addr.arpa" {
            type master;
            file "/etc/bind/db.255";
    };
}


/etc/init.d/bind9 restart
Code:

Feb 19 19:06:08 ns1 named[22322]: shutting down: flushing changes
Feb 19 19:06:08 ns1 named[22322]: stopping command channel on 127.0.0.1#953
Feb 19 19:06:08 ns1 named[22322]: no longer listening on 127.0.0.1#53
Feb 19 19:06:08 ns1 named[22322]: no longer listening on 192.168.0.51#53
Feb 19 19:06:08 ns1 named[22322]: exiting
Feb 19 19:06:10 ns1 named[26224]: starting BIND 9.3.2-P1 -u bind
Feb 19 19:06:10 ns1 named[26224]: found 1 CPU, using 1 worker thread
Feb 19 19:06:10 ns1 named[26224]: loading configuration from '/etc/bind/named.conf'
Feb 19 19:06:10 ns1 named[26224]: no IPv6 interfaces found
Feb 19 19:06:10 ns1 named[26224]: listening on IPv4 interface lo, 127.0.0.1#53
Feb 19 19:06:10 ns1 named[26224]: listening on IPv4 interface venet0:0, 192.168.0.51#53
Feb 19 19:06:10 ns1 named[26224]: command channel listening on 127.0.0.1#953
Feb 19 19:06:10 ns1 named[26224]: zone 0.in-addr.arpa/IN/internal: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone 127.in-addr.arpa/IN/internal: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone 255.in-addr.arpa/IN/internal: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/internal: loaded serial 2007021505
Feb 19 19:06:10 ns1 named[26224]: zone localhost/IN/internal: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/internal: loaded serial 2007021503
Feb 19 19:06:10 ns1 named[26224]: zone 0.in-addr.arpa/IN/external: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone 127.in-addr.arpa/IN/external: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone 255.in-addr.arpa/IN/external: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/external: loaded serial 2007021505
Feb 19 19:06:10 ns1 named[26224]: zone localhost/IN/external: loaded serial 1
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/external: loaded serial 2007021704
Feb 19 19:06:10 ns1 named[26224]: running
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/internal: sending notifies (serial 2007021503)
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/internal: sending notifies (serial 2007021505)
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/external: sending notifies (serial 2007021704)
Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/external: sending notifies (serial 2007021505)


falko 20th February 2007 17:32

The files seem to be ok. :confused:


All times are GMT +2. The time now is 14:17.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.