Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th July 2007, 02:11
wildgoosed wildgoosed is offline
Member
 
Join Date: Jul 2007
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default DNS server with views

Hey everyone,

I have a dns server running in a DMZ. before it just handled 1 external zone but today I attemped to follow the howto "Two-in-one DNS server with BIND9" so that it could also serve my internal windows xp clients. I don't think things are working properly and I need some serious help :/

My external zone seems to be resolving fine, I tried flushing my cache and using a different IP but I don't know if the name server I'm using is just looking at its cache:/ My internal clients can't seem to ping any of the internal zones clients or anything externally :/

Here is some info
Fedora Core 4 running Bind9
named.conf = /etc/named.conf
example.local zone file = /var/named/chroot/var/named/data/example.local
example.ca zone file = /var/named/chroot/var/named/data/example.local

/var/log/message output on startup...

starting BIND 9.3.1 -u named -t /var/named/chroot
found 1 CPU, using 1 worker thread
loading configuration from '/etc/named.conf'
listening on IPv4 interface lo, 127.0.0.1#53
listening on IPv4 interface eth0, 192.168.1.4#53
command channel listening on 127.0.0.1#953
command channel listening on ::1#953
zone iainc.ca/IN/external: loaded serial 2007071901
zone iainc.local/IN/internal: loaded serial 2007071902
running
zone iainc.local/IN/internal: sending notifies (serial 2007071902)



named.conf contains...

options {
directory "/var/named";
};
acl internals {
127.0.0.1/8;
192.168.0.0/24;
192.168.1.0/24;
};
view "external" {
match-clients { any; };
recursion no;
zone "example.ca" {
type master;
file "data/example.ca";
};
};
view "internal" {
match-clients { internals; };
recursion yes;
zone "example.local" {
type master;
file "data/example.local";
};
};

Zone files contain...

$TTL 1D
@ IN SOA ns1.example.ca. support.example.ca. (
2007071901; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ); Minimum
;name server
IN NS ns1.example.ca.

;hosts
www IN A ip
ns1 IN A 1.ip
mail IN A ip
@ IN A ip
;mail entry
example.ca. MX 1 mail

$TTL 1D
@ IN SOA ns1.example.local. support.example.ca. (
2007071902; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ); Minimum
;name server
IN NS ns1.example.local

;hosts
bubbles IN A 192.168.0.56
Reply With Quote
Sponsored Links
  #2  
Old 20th July 2007, 16:50
wildgoosed wildgoosed is offline
Member
 
Join Date: Jul 2007
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well as of this morning my external zone seems to be working fine, so I'm starting to think that this is a DMZ issue.

Can anyone help?

I can post more info if needed.
Reply With Quote
  #3  
Old 20th July 2007, 22:05
wildgoosed wildgoosed is offline
Member
 
Join Date: Jul 2007
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well I have found another issue with my setup.

I am unable to do lookups off the machine locally.

Here are my configuration files.

My servers IP is 192.168.1.4
My servers network is 192.168.1.0/24 (DMZ network)

named.conf
Code:
options {
        directory "/var/named";
        };
acl internals {
        127.0.0.1/8;
        192.168.0.0/24;
        192.168.1.0/24;
        172.168.0.0/24;
};
view "external" {
        match-clients { any; };
        zone "iainc.ca" {
        type master;
        file "data/zone.iainc.ca";
        };
};
view "internal" {
        match-clients { internals; };
        zone "iainc.local" {
        type master;
        file "data/zone.iainc.local";
        };
        zone "." {
        type hint;
        file "named.ca";
        };
};
resolve.conf
Code:
nameserver 127.0.0.1
Reply With Quote
  #4  
Old 21st July 2007, 18:02
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

I'm not sure if this helps, but I think you should use
Code:
127.0.0.0/8;
instead of
Code:
127.0.0.1/8;
in named.conf.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 23rd July 2007, 19:18
wildgoosed wildgoosed is offline
Member
 
Join Date: Jul 2007
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I got lookups running correctly thanks. My localhost IP was wrong and I had to take my recursion statements out of my views and do the following in named.conf...

Code:
allow-recursion { localhost; internals;};
allow-query { any;};
The only thing that isn't working for me is my internal zone. I am unable to resolve any hosts within that zone :/

I will post my named.conf file again and my internal zone file. I'm pretty sure my named.conf is working properly now.

A copy of the error when I try to ping.
Code:
[root@localhost ~]# ping bubbles
ping: unknown host bubbles
[root@localhost ~]# ping bubbles.iainc.local
ping: unknown host bubbles.iainc.local
Internal Zone File
Code:
$TTL 1D
@ IN SOA  ns1.iainc.local. support.iainc.ca. (
                                                2007072001; Serial
                                                604800  ; Refresh
                                                86400   ; Retry
                                                2419200 ; Expire
                                                604800 ); Minimum
;name server
        IN NS ns1.iainc.local

;hosts
bubbles IN A 192.168.0.56
toshiba IN A 192.168.0.57
Named.conf
Code:
// Default named.conf generated by install of bind-9.3.1-14_FC4
options {
        directory "/var/named";
        allow-recursion { localhost; internals;};
        allow-query { any;};
        };
acl internals {
        127.0.0.0/8;
        192.168.0.0/24;
        192.168.1.0/24;
        172.168.0.0/24;
};
view "external" {
        match-clients { any; };
        zone "iainc.ca" {
        type master;
        file "data/zone.iainc.ca";
        };
};
view "internal" {
        match-clients { internals; };
        zone "iainc.local" {
        type master;
        file "data/zone.iainc.local";
        };
        zone "." {
        type hint;
        file "named.ca";
        };
};

Last edited by wildgoosed; 23rd July 2007 at 20:25.
Reply With Quote
  #6  
Old 24th July 2007, 14:23
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

You forgot a dot in your zone file:

Code:
;name server
        IN NS ns1.iainc.local.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 24th July 2007, 16:55
wildgoosed wildgoosed is offline
Member
 
Join Date: Jul 2007
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks for your help so far Falko.

I corrected this and reloaded named. Still same problem. Can't seem to resolve any hosts on my internal zone.

This box is in a DMZ, however I should be able to resolve these hosts :/

Do you see any other issues? I'll post what named is spitting out in /var/log/messages...

Code:
starting BIND 9.3.1 -u named -t /var/named/chroot
found 1 CPU, using 1 worker thread
loading configuration from '/etc/named.conf'
listening on IPv4 interface lo, 127.0.0.1#53
listening on IPv4 interface eth0, 192.168.1.4#53
command channel listening on 127.0.0.1#953
command channel listening on ::1#953
zone iainc.ca/IN/external: loaded serial 2007071901
zone iainc.local/IN/internal: loaded serial 2007072001
running
[root@localhost ~]#
Reply With Quote
  #8  
Old 25th July 2007, 16:27
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

I think you should also create an A record for ns1.iainc.local.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 26th July 2007, 16:29
wildgoosed wildgoosed is offline
Member
 
Join Date: Jul 2007
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I added an A record for ns1.iainc.local but still getting...

Code:
[root@localhost data]# ping bigal.iainc.local
ping: unknown host bigal.iainc.local
This box is located in a DMZ behind an IPCOP box. I don't see how this could be affecting resolving as the machine I'm pinging from is the DNS server who is authoritative for that zone :/
Reply With Quote
  #10  
Old 27th July 2007, 18:45
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
 
Default

What does the internal zone file look like now?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
Unable send receive emails vassilis3 Installation/Configuration 15 19th May 2007 14:34
Problems with Postfix Mysql Courier PatrickAdrichem Installation/Configuration 3 13th April 2007 15:44
two-in-one DNS server - problem with views sPENKMAN HOWTO-Related Questions 5 20th February 2007 17:32
How set DNS entry for different server? SupuS Installation/Configuration 1 12th June 2006 09:48


All times are GMT +2. The time now is 16:56.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.