LinuxQuestions.org - Bind problem. ** server can't find example.com: NXDOMAIN

- Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)

- - Bind problem. ** server can't find example.com: NXDOMAIN (http://www.linuxquestions.org/questions/linux-server-73/bind-problem-%2A%2A-server-cant-find-example-com-nxdomain-888422/)

Bind problem. ** server can't find example.com: NXDOMAIN

hello
I'm trying to setup DNS server. But i'm getting this strange problem.
normally nslookup and workin for other sites.
problem only with my local setup. can't see what i'm doing wrong.
i've had setted up DNS server before but had no problems.
can't see any solution on google.

So...
centos 5.6
bind 9.7 (from repository)

named.conf

Code:

include "/etc/rndc.key";



 controls {

       inet 127.0.0.1 port 953

               allow { 127.0.0.1; localnets; } keys { "rndc-key"; };

 };





options

{

        directory                 "/var/named";

        dump-file                 "data/cache_dump.db";

        statistics-file         "data/named_stats.txt";

        memstatistics-file         "data/named_mem_stats.txt";

        listen-on port 53        { any; };

        version "home.dev DNS server";

        allow-query                { localhost; 192.168.0.0/16; };

        allow-query-cache        { localhost; 192.168.0.0/16; };

        forwarders {87.253.32.130; 87.253.32.131; };

        recursion no;

};



view "localhost_resolver"

{

        match-clients                 { localhost; };

        recursion yes;



        zone "." IN {

                type hint;

                file "/var/named/named.ca";

        };



        include "/etc/named.rfc1912.zones";

};



view "internal"

{

        match-clients                { localnets; };

        recursion yes;



        zone "." IN {

                type hint;

                file "/var/named/named.ca";

        };



        include "/etc/named.rfc1912.zones";



        zone "home.dev." IN {

                type master;

                file "home.dev.zone";

        };

        

        zone "1.168.192.in-addr.arpa" {

                type master;

                notify no;

                file "192.168.1.reverse";

        };                

};

in zone declaration i've tried to use both home.dev and home.dev., still no luck

home.dev.zone

Code:

$TTL        1d

$ORIGIN home.dev.

@  1D  IN         SOA test56.home.dev.        hostmaster.home.dev. (

                              2011062602 ; serial

                              3H ; refresh

                              15 ; retry

                              1w ; expire

                              3h ; minimum

                             )

;

        TXT     "home.dev DNS server"

        IN  NS     ns.home.dev.         ; in the domain

        IN  NS     ns1.home.dev.         ; in the domain

        IN  MX  10 mail.home.dev.         ; external mail provider





; server host definitions

@                IN        A        192.168.1.253

ns                IN        A        192.168.1.253

ns1                IN        A        192.168.1.253

test56            IN        A      192.168.1.253          ;name server definition     

mail            IN        CNAME  test56.home.dev.          ;mail server definition

www                    IN        CNAME  test56.home.dev.          ;www server definition

192.168.1.reverse

Code:

$TTL        1d

@    IN         SOA test56.home.dev.        hostmaster.home.dev. (

                              2011062601 ; serial

                              3H ; refresh

                              15 ; retry

                              1w ; expire

                              3h ; minimum

                             )

       NS     ns.home.dev.         ; in the domain

        NS     ns1.home.dev.         ; in the domain

       MX  10 mail.home.dev.         ; external mail provider



253               PTR     test56.home.dev.

253               PTR     ns.home.dev.

253               PTR     ns1.home.dev.

253               PTR     msil.home.dev.

253               PTR     www.home.dev.

/etc/hosts

Code:

127.0.0.1       test56.home.dev test56 localhost.localdomain localhost

::1             localhost6.localdomain6 localhost6

192.168.1.253   test56.home.dev test56 localhost.localdomain localhost

/etc/resolv.conf

Code:

search home.dev

nameserver 192.168.1.253

Code:

nslookup home.dev

Server:         192.168.1.253

Address:        192.168.1.253#53



** server can't find home.dev: NXDOMAIN

Code:

dig home.dev any



; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_6.2 <<>> home.dev any

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52542

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0



;; QUESTION SECTION:

;home.dev.                      IN      ANY



;; AUTHORITY SECTION:

.                       2352    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2011062600 1800 900 604800 86400



;; Query time: 56 msec

;; SERVER: 192.168.1.253#53(192.168.1.253)

;; WHEN: Sun Jun 26 17:22:53 2011

;; MSG SIZE  rcvd: 101

When you restart bind, look in your syslog to see if you are getting any warnings or errors. It has been my experience that Bind is really particular about the syntax and it can appear to restart without error, but there will be warnings listed that keep things from working properly. In your case, it looks like something is wrong that is keeping it from recognizing the zone as authoritative since with the dig command it is trying to go to the root servers for an RFC1918 zone, which it shouldn't.

In your configuration, there is one thing that looks a little odd to me. I am not an expert in Bind so it may be syntactically correct, but it is different than I am used to writing. The lines:

Quote:

$TTL 1d
$ORIGIN home.dev.
@ 1D IN SOA test56.home.dev. hostmaster.home.dev. (

The $origin and @ 1D seem odd. I would rephrase it as follows - BE sure to note where I have a . and where I don't:

Code:

$ORIGIN .

$TTL        1d;

home.dev  IN SOA test56.home.dev.        hostmaster.home.dev. (

and then below:

Code:

$ORIGIN home.dev.

ns                IN        A        192.168.1.253

ns1                IN        A        192.168.1.253

test56            IN        A      192.168.1.253          ;name server definition     

mail            IN        CNAME  test56.home.dev.          ;mail server definition

www                    IN        CNAME  test56.home.dev.          ;www server definition

Quote:

;; AUTHORITY SECTION:
. 2352 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2011062600 1800 900 604800 86400

Looks like your dns thinks that it's not authoritative for that zone and tries to resolve it through the root servers.
My guess is, that this happens because it cannot match the internal view with your ip. You can remove the view "localhost_resolver" and in the internal zone add:

Code:

...

view "internal"

{

        match-clients                { localnets; 127.0.0.1; 192.168.1.0/24;};

...

Reload bind and run:

Code:

dig home.dev any

dig home.dev any @192.168.1.253

BTW the reverse zone is wrong. You need only one PTR record for each IP

Regards