[SOLVED] Authoritative DNS servers not resolving query

Toushi · 12-25-2012, 03:27 AM

Hello Everybody,

I am new in DNS and I am trying configure authoritative servers’ internal use (home). After doing RND reached half road of my destination but facing a problem in remain configurations.
I have installed rhel5 on VMware workstation with NAT configuration and no internet for these virtual systems (DNS).

DNS configuration is:

Quote:

Server name: test.example.com
IP: 192.168.62.5

/etc/named.conf configuration is:

Quote:

options
{
listen-on port 53 { any; };
};

view "localhost_resolver"
{
match-clients { localhost; };
recursion yes;
include "/etc/named.root.hints";
};
view "internal"
{
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
include "/etc/named.root.hints";
zone "example.com" {
type master;
# allow-update { key ddns_key; };
file "test.example.internal.db";
};
view "external"
{
====Not Configuard====================

The file test.example.internal.db contains:

Quote:

$TTL 600
@ IN SOA test.example.com. root.test.example.com. (
20121 ; Serial
3H ; Refresh
15M ; Retry
1W ; Expire
10 ) ; Minimum
IN NS test.example.com.
IN MX 10 test.example.com.

test.example.com IN A 192.168.62.5
vxvm.example.com IN A 192.168.62.6

DNS resolve.conf file is:

Quote:

search localdomain
#nameserver 127.0.0.1

Client resolve.conf file is:

Quote:

search test.example.com
nameserver 192.168.62.5

PROBLEM
The dns server itself not able to resolve the query.
Error:

Quote:

# dig test.example.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> test.example.com
;; global options: printcmd
;; connection timed out; no servers could be reached

Client resolving the query but not giving any answer on it.
Output:

Quote:

# dig vxvm.example.com

; <<>> DiG 9.2.4 <<>> vxvm.example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63963
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;vxvm.example.com. IN A

;; AUTHORITY SECTION:
example.com. 10 IN SOA test.example.com. root.test.example.com. 20121 10800 900 604800 10

;; Query time: 20 msec
;; SERVER: 192.168.62.5#53(192.168.62.5)
;; WHEN: Wed Dec 12 20:30:08 2012
;; MSG SIZE rcvd: 80

I tried to solve this issue by myself but no success

. Even tried search and read many articles and solution suggested on similar issue but doesn't helped me more.

Finally I decided to get help from you guys and Expert advice in that.

Please! Please! Help me in this..

Thanks in Advance…..

bathory · 12-25-2012, 08:46 AM

Hi,

You miss the trailing dots in both the hostnames in the A RRs,

Code:

$TTL 600
@ IN SOA test.example.com. root.test.example.com. (
20121 ; Serial
3H ; Refresh
15M ; Retry
1W ; Expire
10 ) ; Minimum
IN NS test.example.com.
IN MX 10 test.example.com.

test.example.com. IN A 192.168.62.5
vxvm.example.com. IN A 192.168.62.6

Increase the serial and reload bind

Merry Christmas

Toushi · 12-25-2012, 10:56 PM

Hello Sir. bathory,

Thank you very much for help!

These single dots make me .... Thanks for help..
It's working from client servers..

One more help please.

Still I am facing a problem on DNS server. My dns server itself not resolving my query.
Request you to please help me in this.

DNS server /etc/resolv.conf setting. I tried both the entry one by one and together.

Quote:

search localdomain
nameserver 127.0.0.1
nameserver 192.168.62.5

Dig command output run on DNS server and my DNS server is(test.example.com).

Quote:

# dig test.example.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> test.example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 13341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;test.example.com. IN A

;; Query time: 4200 msec
;; SERVER: 192.168.62.5#53(192.168.62.5)
;; WHEN: Sat Nov 3 03:14:58 2012
;; MSG SIZE rcvd: 34

Following log from /var/log/messages while requesting a query.

Quote:

Nov 3 03:14:40 test named[4364]: client 127.0.0.1#57668: view localhost_resolver: query: test.example.com IN A +
Nov 3 03:14:41 test named[4364]: client 192.168.62.5#41914: view localhost_resolver: query: test.example.com IN A +
Nov 3 03:14:46 test named[4364]: client 127.0.0.1#57668: view localhost_resolver: query: test.example.com IN A +
Nov 3 03:14:47 test named[4364]: client 192.168.62.5#41914: view localhost_resolver: query: test.example.com IN A +
Nov 3 03:14:52 test named[4364]: client 127.0.0.1#57668: view localhost_resolver: query: test.example.com IN A +
Nov 3 03:14:53 test named[4364]: client 192.168.62.5#41914: view localhost_resolver: query: test.example.com IN A +

bathory · 12-26-2012, 03:02 AM

Quote:

# dig test.example.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5 <<>> test.example.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 13341
<-snip->

You get a SERVFAIL, because you don't have that zone defined specifically for the localhost_resolver view. Delete that view, as localhost is already included in localnets, so it can use the internal view.
BTW the match-destinations is superfluous, so you can omit it too.

Regards

Toushi · 12-26-2012, 10:18 PM

Hello Sir. bathory,

Thank you very much for helping..

It's working for me....

Quote:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7734
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0