LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Bind problem. ** server can't find example.com: NXDOMAIN (http://www.linuxquestions.org/questions/linux-server-73/bind-problem-%2A%2A-server-cant-find-example-com-nxdomain-888422/)

DarkSlayer 06-26-2011 08:31 AM

Bind problem. ** server can't find example.com: NXDOMAIN
 
hello
I'm trying to setup DNS server. But i'm getting this strange problem.
normally nslookup and workin for other sites.
problem only with my local setup. can't see what i'm doing wrong.
i've had setted up DNS server before but had no problems.
can't see any solution on google.

So...
centos 5.6
bind 9.7 (from repository)

named.conf
Code:

include "/etc/rndc.key";

 controls {
      inet 127.0.0.1 port 953
              allow { 127.0.0.1; localnets; } keys { "rndc-key"; };
 };


options
{
        directory                "/var/named";
        dump-file                "data/cache_dump.db";
        statistics-file        "data/named_stats.txt";
        memstatistics-file        "data/named_mem_stats.txt";
        listen-on port 53        { any; };
        version "home.dev DNS server";
        allow-query                { localhost; 192.168.0.0/16; };
        allow-query-cache        { localhost; 192.168.0.0/16; };
        forwarders {87.253.32.130; 87.253.32.131; };
        recursion no;
};

view "localhost_resolver"
{
        match-clients                { localhost; };
        recursion yes;

        zone "." IN {
                type hint;
                file "/var/named/named.ca";
        };

        include "/etc/named.rfc1912.zones";
};

view "internal"
{
        match-clients                { localnets; };
        recursion yes;

        zone "." IN {
                type hint;
                file "/var/named/named.ca";
        };

        include "/etc/named.rfc1912.zones";

        zone "home.dev." IN {
                type master;
                file "home.dev.zone";
        };
       
        zone "1.168.192.in-addr.arpa" {
                type master;
                notify no;
                file "192.168.1.reverse";
        };               
};

in zone declaration i've tried to use both home.dev and home.dev., still no luck

home.dev.zone
Code:

$TTL        1d
$ORIGIN home.dev.
@  1D  IN        SOA test56.home.dev.        hostmaster.home.dev. (
                              2011062602 ; serial
                              3H ; refresh
                              15 ; retry
                              1w ; expire
                              3h ; minimum
                            )
;
        TXT    "home.dev DNS server"
        IN  NS    ns.home.dev.        ; in the domain
        IN  NS    ns1.home.dev.        ; in the domain
        IN  MX  10 mail.home.dev.        ; external mail provider


; server host definitions
@                IN        A        192.168.1.253
ns                IN        A        192.168.1.253
ns1                IN        A        192.168.1.253
test56            IN        A      192.168.1.253          ;name server definition   
mail            IN        CNAME  test56.home.dev.          ;mail server definition
www                    IN        CNAME  test56.home.dev.          ;www server definition

192.168.1.reverse
Code:

$TTL        1d
@    IN        SOA test56.home.dev.        hostmaster.home.dev. (
                              2011062601 ; serial
                              3H ; refresh
                              15 ; retry
                              1w ; expire
                              3h ; minimum
                            )
      NS    ns.home.dev.        ; in the domain
        NS    ns1.home.dev.        ; in the domain
      MX  10 mail.home.dev.        ; external mail provider

253              PTR    test56.home.dev.
253              PTR    ns.home.dev.
253              PTR    ns1.home.dev.
253              PTR    msil.home.dev.
253              PTR    www.home.dev.

/etc/hosts
Code:

127.0.0.1      test56.home.dev test56 localhost.localdomain localhost
::1            localhost6.localdomain6 localhost6
192.168.1.253  test56.home.dev test56 localhost.localdomain localhost

/etc/resolv.conf
Code:

search home.dev
nameserver 192.168.1.253


Code:

nslookup home.dev
Server:        192.168.1.253
Address:        192.168.1.253#53

** server can't find home.dev: NXDOMAIN

Code:

dig home.dev any

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_6.2 <<>> home.dev any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52542
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;home.dev.                      IN      ANY

;; AUTHORITY SECTION:
.                      2352    IN      SOA    a.root-servers.net. nstld.verisign-grs.com. 2011062600 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Sun Jun 26 17:22:53 2011
;; MSG SIZE  rcvd: 101


Noway2 06-26-2011 09:18 AM

When you restart bind, look in your syslog to see if you are getting any warnings or errors. It has been my experience that Bind is really particular about the syntax and it can appear to restart without error, but there will be warnings listed that keep things from working properly. In your case, it looks like something is wrong that is keeping it from recognizing the zone as authoritative since with the dig command it is trying to go to the root servers for an RFC1918 zone, which it shouldn't.

In your configuration, there is one thing that looks a little odd to me. I am not an expert in Bind so it may be syntactically correct, but it is different than I am used to writing. The lines:
Quote:

$TTL 1d
$ORIGIN home.dev.
@ 1D IN SOA test56.home.dev. hostmaster.home.dev. (
The $origin and @ 1D seem odd. I would rephrase it as follows - BE sure to note where I have a . and where I don't:
Code:

$ORIGIN .
$TTL        1d;
home.dev  IN SOA test56.home.dev.        hostmaster.home.dev. (

and then below:
Code:

$ORIGIN home.dev.
ns                IN        A        192.168.1.253
ns1                IN        A        192.168.1.253
test56            IN        A      192.168.1.253          ;name server definition   
mail            IN        CNAME  test56.home.dev.          ;mail server definition
www                    IN        CNAME  test56.home.dev.          ;www server definition


bathory 06-26-2011 10:41 AM

Quote:

;; AUTHORITY SECTION:
. 2352 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011062600 1800 900 604800 86400
Looks like your dns thinks that it's not authoritative for that zone and tries to resolve it through the root servers.
My guess is, that this happens because it cannot match the internal view with your ip. You can remove the view "localhost_resolver" and in the internal zone add:
Code:

...
view "internal"
{
        match-clients                { localnets; 127.0.0.1; 192.168.1.0/24;};
...

Reload bind and run:
Code:

dig home.dev any
dig home.dev any @192.168.1.253

BTW the reverse zone is wrong. You need only one PTR record for each IP

Regards


All times are GMT -5. The time now is 12:56 PM.