LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 06-26-2011, 08:31 AM   #1
DarkSlayer
Member
 
Registered: Apr 2008
Location: Tbilisi , Georgia
Distribution: Fedora, CentOS
Posts: 65

Rep: Reputation: 19
Exclamation Bind problem. ** server can't find example.com: NXDOMAIN


hello
I'm trying to setup DNS server. But i'm getting this strange problem.
normally nslookup and workin for other sites.
problem only with my local setup. can't see what i'm doing wrong.
i've had setted up DNS server before but had no problems.
can't see any solution on google.

So...
centos 5.6
bind 9.7 (from repository)

named.conf
Code:
include "/etc/rndc.key";

 controls {
       inet 127.0.0.1 port 953
               allow { 127.0.0.1; localnets; } keys { "rndc-key"; };
 };


options
{
	directory 		"/var/named";
	dump-file 		"data/cache_dump.db";
        statistics-file 	"data/named_stats.txt";
        memstatistics-file 	"data/named_mem_stats.txt";
	listen-on port 53	{ any; };
	version "home.dev DNS server";
	allow-query		{ localhost; 192.168.0.0/16; };
	allow-query-cache	{ localhost; 192.168.0.0/16; };
	forwarders {87.253.32.130; 87.253.32.131; };
	recursion no;
};

view "localhost_resolver"
{
	match-clients 		{ localhost; };
	recursion yes;

	zone "." IN {
	        type hint;
	        file "/var/named/named.ca";
	};

	include "/etc/named.rfc1912.zones";
};

view "internal"
{
	match-clients		{ localnets; };
	recursion yes;

	zone "." IN {
	        type hint;
	        file "/var/named/named.ca";
	};

	include "/etc/named.rfc1912.zones";

	zone "home.dev." IN {
		type master;
		file "home.dev.zone";
	};
	
	zone "1.168.192.in-addr.arpa" {
        	type master;
        	notify no;
        	file "192.168.1.reverse";
	};		
};
in zone declaration i've tried to use both home.dev and home.dev., still no luck

home.dev.zone
Code:
$TTL	1d
$ORIGIN home.dev.
@  1D  IN	 SOA test56.home.dev.	hostmaster.home.dev. (
			      2011062602 ; serial
			      3H ; refresh
			      15 ; retry
			      1w ; expire
			      3h ; minimum
			     )
;
	TXT     "home.dev DNS server"
        IN  NS     ns.home.dev. 	; in the domain
	IN  NS     ns1.home.dev. 	; in the domain
        IN  MX  10 mail.home.dev. 	; external mail provider


; server host definitions
@		IN	A	192.168.1.253
ns		IN	A	192.168.1.253
ns1		IN	A	192.168.1.253
test56    	IN	A      192.168.1.253  	;name server definition     
mail    	IN	CNAME  test56.home.dev.  	;mail server definition
www    	        IN	CNAME  test56.home.dev.  	;www server definition
192.168.1.reverse
Code:
$TTL	1d
@    IN	 SOA test56.home.dev.	hostmaster.home.dev. (
			      2011062601 ; serial
			      3H ; refresh
			      15 ; retry
			      1w ; expire
			      3h ; minimum
			     )
       NS     ns.home.dev. 	; in the domain
	NS     ns1.home.dev. 	; in the domain
       MX  10 mail.home.dev. 	; external mail provider

253               PTR     test56.home.dev.
253               PTR     ns.home.dev.
253               PTR     ns1.home.dev.
253               PTR     msil.home.dev.
253               PTR     www.home.dev.
/etc/hosts
Code:
127.0.0.1       test56.home.dev test56 localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
192.168.1.253   test56.home.dev test56 localhost.localdomain localhost
/etc/resolv.conf
Code:
search home.dev
nameserver 192.168.1.253

Code:
nslookup home.dev
Server:         192.168.1.253
Address:        192.168.1.253#53

** server can't find home.dev: NXDOMAIN
Code:
dig home.dev any

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_6.2 <<>> home.dev any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52542
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;home.dev.                      IN      ANY

;; AUTHORITY SECTION:
.                       2352    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2011062600 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Sun Jun 26 17:22:53 2011
;; MSG SIZE  rcvd: 101
 
Old 06-26-2011, 09:18 AM   #2
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125

Rep: Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781
When you restart bind, look in your syslog to see if you are getting any warnings or errors. It has been my experience that Bind is really particular about the syntax and it can appear to restart without error, but there will be warnings listed that keep things from working properly. In your case, it looks like something is wrong that is keeping it from recognizing the zone as authoritative since with the dig command it is trying to go to the root servers for an RFC1918 zone, which it shouldn't.

In your configuration, there is one thing that looks a little odd to me. I am not an expert in Bind so it may be syntactically correct, but it is different than I am used to writing. The lines:
Quote:
$TTL 1d
$ORIGIN home.dev.
@ 1D IN SOA test56.home.dev. hostmaster.home.dev. (
The $origin and @ 1D seem odd. I would rephrase it as follows - BE sure to note where I have a . and where I don't:
Code:
$ORIGIN .
$TTL	1d;
home.dev  IN SOA test56.home.dev.	hostmaster.home.dev. (
and then below:
Code:
$ORIGIN home.dev.
ns		IN	A	192.168.1.253
ns1		IN	A	192.168.1.253
test56    	IN	A      192.168.1.253  	;name server definition     
mail    	IN	CNAME  test56.home.dev.  	;mail server definition
www    	        IN	CNAME  test56.home.dev.  	;www server definition
 
Old 06-26-2011, 10:41 AM   #3
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,159
Blog Entries: 1

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
Quote:
;; AUTHORITY SECTION:
. 2352 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011062600 1800 900 604800 86400
Looks like your dns thinks that it's not authoritative for that zone and tries to resolve it through the root servers.
My guess is, that this happens because it cannot match the internal view with your ip. You can remove the view "localhost_resolver" and in the internal zone add:
Code:
...
view "internal"
{
	match-clients		{ localnets; 127.0.0.1; 192.168.1.0/24;};
...
Reload bind and run:
Code:
dig home.dev any
dig home.dev any @192.168.1.253
BTW the reverse zone is wrong. You need only one PTR record for each IP

Regards
 
  


Reply

Tags
bind, centos, nxdomain


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
what does it mean auth-nxdomain yes; at named.conf by BIND 9 cccc Linux - Networking 1 11-21-2011 11:02 PM
I have a problem to setup bind dns server dr-php Linux - Server 9 03-18-2011 04:15 PM
Bind server problem soumalya Linux - Server 1 09-02-2009 05:28 AM
Problem on DNS server using Bind r_balest Linux - Server 9 11-02-2006 02:06 AM
Nxdomain jayakrishnan Linux - General 2 05-16-2002 04:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 05:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration