BIND - Locally OK, LAN cleints unable to resolve?
Hi,
I have followed countless tutorials about bind and I have never actually gotten it to work the way it should. It has always just worked enough to get me by. Here it is: I setup BIND on a machine and for that machine, the DNS names are resolved with no problem. I used dig to see where the information was comming from and it cam from the local server. I opend iptables port 53 and did an nmap to scan udp ports and it was open so I am sure that part of it is ok. It seems funny that the local machine can resolve anything it wants, including specified localnet hostnames, but when I try to have another machine on the network use the server as its DNS resolver, it just won't go through. I have been stuck on this for a long time. Please help. Thanks in advance. Here is some output that may help: durance bind # dig google.com ; <<>> DiG 9.2.5 <<>> google.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14608 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 300 IN A 216.239.39.99 google.com. 300 IN A 216.239.57.99 google.com. 300 IN A 216.239.37.99 ;; AUTHORITY SECTION: google.com. 345600 IN NS ns1.google.com. google.com. 345600 IN NS ns2.google.com. google.com. 345600 IN NS ns3.google.com. google.com. 345600 IN NS ns4.google.com. ;; Query time: 471 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Aug 7 23:15:49 2005 ;; MSG SIZE rcvd: 148 #1st cache 471 ms durance bind # iptables -L | grep domain ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:domain |
Hi!
to me it looks as a firewall problem. have you allowed your Server's firewall to accept new connections. else none would be able to use your DNS. regrads |
Here is the full tables, thanks for the reply. Is there a better way to accept new connections?
durance home # iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- localhost localhost ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT udp -- 192.168.0.0/24 anywhere udp dpt:domain ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:sunrpc ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:nfs ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:2219 ACCEPT tcp -- 192.168.0.0/24 anywhere tcp dpt:4045 LOG all -- anywhere anywhere limit: avg 40/min burst 5 LOG level warning DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination |
All times are GMT -5. The time now is 11:08 PM. |