LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 02-10-2012, 04:44 PM   #1
theclem35
LQ Newbie
 
Registered: Feb 2012
Posts: 3

Rep: Reputation: Disabled
Exclamation Bind9 DNS Server : requests timed-out


Hello,

I've installed Bind9 as LAN DNS Server, but I have a problem to resolve names !
LAN is 192.168.112.0/24.
Server IP (where Bind9 installed) is 192.168.112.1
DNS suffix is wifi.univ-nantes.prive

Client (192.168.112.2) is able to ping server (192.168.112.1).
But when I try a nslookup, I have a timeout error : no name-server at 192.168.112.1 address.
I've tried to modify many times config, but same problem.

When I start bind9 all seems to be OK.

Here is my configuration :
/etc/bind/named.conf.local :
Code:
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
// include "/etc/bind/zones.rfc1918";


zone "wifi.univ-nantes.prive" {
        type master;
        file "/etc/bind/db.wifi.univ-nantes.prive";
};

zone "112.168.192.in-addr.arpa" {
        type master;
        notify no;
        file "/etc/bind/db.112.168.192";
};
/etc/bind/db.wifi.univ-nantes.prive :
Code:
;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     localhost.wifi.univ-nantes.prive. root.wifi-univ-nantes.prive. (
                              6         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
                IN      NS      localhost
localhost       IN      A       127.0.0.1
portail1        IN      A       192.168.112.1
wpad            IN      CNAME   portail1
routeur         IN      A       192.168.112.254
postewin        IN      A       192.168.112.2
/etc/bind/db.112.168.192 :
Code:
;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     localhost.wifi.univ-nantes.prive. root.wifi.univ-nantes.prive. (
                              6         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
        IN      NS      localhost.
1       IN      PTR     portail1.
2       IN      PTR     postewin.
254     IN      PTR     routeur.
Here are results :
/var/log/syslog :
Code:
Feb 10 23:29:10 TutWifi named[7296]: received control channel command 'stop -p'
Feb 10 23:29:10 TutWifi named[7296]: shutting down: flushing changes
Feb 10 23:29:10 TutWifi named[7296]: stopping command channel on 127.0.0.1#953
Feb 10 23:29:10 TutWifi named[7296]: no longer listening on ::#53
Feb 10 23:29:10 TutWifi named[7296]: no longer listening on 127.0.0.1#53
Feb 10 23:29:10 TutWifi named[7296]: no longer listening on 192.168.1.6#53
Feb 10 23:29:10 TutWifi named[7296]: no longer listening on 192.168.112.1#53
Feb 10 23:29:10 TutWifi named[7296]: exiting
Feb 10 23:29:10 TutWifi named[7977]: starting BIND 9.7.0-P1 -u bind
Feb 10 23:29:10 TutWifi named[7977]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=-Wl,-Bsymbolic-functions' 'CPPFLAGS='
Feb 10 23:29:10 TutWifi named[7977]: adjusted limit on open files from 1024 to 1048576
Feb 10 23:29:10 TutWifi named[7977]: found 1 CPU, using 1 worker thread
Feb 10 23:29:10 TutWifi named[7977]: using up to 4096 sockets
Feb 10 23:29:10 TutWifi named[7977]: loading configuration from '/etc/bind/named.conf'
Feb 10 23:29:10 TutWifi named[7977]: reading built-in trusted keys from file '/etc/bind/bind.keys'
Feb 10 23:29:10 TutWifi named[7977]: using default UDP/IPv4 port range: [1024, 65535]
Feb 10 23:29:10 TutWifi named[7977]: using default UDP/IPv6 port range: [1024, 65535]
Feb 10 23:29:10 TutWifi named[7977]: listening on IPv6 interfaces, port 53
Feb 10 23:29:10 TutWifi named[7977]: listening on IPv4 interface lo, 127.0.0.1#53
Feb 10 23:29:10 TutWifi named[7977]: listening on IPv4 interface wlan0, 192.168.1.6#53
Feb 10 23:29:10 TutWifi named[7977]: listening on IPv4 interface tun0, 192.168.112.1#53
Feb 10 23:29:10 TutWifi named[7977]: generating session key for dynamic DNS
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 254.169.IN-ADDR.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: D.F.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 8.E.F.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: 9.E.F.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: A.E.F.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: automatic empty zone: B.E.F.IP6.ARPA
Feb 10 23:29:10 TutWifi named[7977]: command channel listening on 127.0.0.1#953
Feb 10 23:29:10 TutWifi named[7977]: couldn't add command channel ::1#953: address not available
Feb 10 23:29:10 TutWifi named[7977]: zone 0.in-addr.arpa/IN: loaded serial 1
Feb 10 23:29:10 TutWifi named[7977]: zone 127.in-addr.arpa/IN: loaded serial 1
Feb 10 23:29:10 TutWifi named[7977]: zone 112.168.192.in-addr.arpa/IN: loaded serial 6
Feb 10 23:29:10 TutWifi named[7977]: zone 255.in-addr.arpa/IN: loaded serial 1
Feb 10 23:29:10 TutWifi named[7977]: zone localhost/IN: loaded serial 2
Feb 10 23:29:10 TutWifi named[7977]: zone wifi.univ-nantes.prive/IN: loaded serial 6
Feb 10 23:29:10 TutWifi named[7977]: running
dig result 1 :
Code:
root@TutWifi:/etc/bind# dig portail1.wifi.univ-nantes.prive

; <<>> DiG 9.7.0-P1 <<>> portail1.wifi.univ-nantes.prive
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64551
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;portail1.wifi.univ-nantes.prive. IN	A

;; AUTHORITY SECTION:
.			86400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2012021001 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 212.27.40.240#53(212.27.40.240)
;; WHEN: Fri Feb 10 23:30:37 2012
;; MSG SIZE  rcvd: 124
dig result 2 :
Code:
root@TutWifi:/etc/bind# dig portail1.wifi.univ-nantes.prive @127.0.0.1

; <<>> DiG 9.7.0-P1 <<>> portail1.wifi.univ-nantes.prive @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5645
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;portail1.wifi.univ-nantes.prive. IN	A

;; ANSWER SECTION:
portail1.wifi.univ-nantes.prive. 604800	IN A	192.168.112.1

;; AUTHORITY SECTION:
wifi.univ-nantes.prive.	604800	IN	NS	localhost.wifi.univ-nantes.prive.

;; ADDITIONAL SECTION:
localhost.wifi.univ-nantes.prive. 604800 IN A	127.0.0.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 10 23:30:59 2012
;; MSG SIZE  rcvd: 105
I don't know where is the problem, can you help me ?
 
Old 02-11-2012, 10:19 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,910

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Hi,

From this:
Quote:
/etc/bind/db.wifi.univ-nantes.prive :
<-snip->
IN NS localhost
and this:
Quote:
dig result 2 :
<-snip->
;; AUTHORITY SECTION:
wifi.univ-nantes.prive. 604800 IN NS localhost.wifi.univ-nantes.prive.
You must add the trailing dot (after localhost) in the NS record in the zone file /etc/bind/db.wifi.univ-nantes.prive (line you do in the reverse zone file)

And of course you have to put
Code:
nameserver 127.0.0.1
first in /etc/resolv.conf

Regards
 
Old 02-12-2012, 12:51 PM   #3
theclem35
LQ Newbie
 
Registered: Feb 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thank you so much it works !!

I have a last problem with a strange comportment with my hotspot.

I use Chillispot as Captive Portal and Bind9 as DNS on the same server, behind a Wifi router. My WLAN is 192.168.14.0/24 and my router is wired to my eth0 interface.

When I start Chillispot, it creates a tun0 interface (192.168.14.1) and keep my eth0 without IP (it's normal). Chillispot gives correct IP config to my client (by DHCP):
Suffix : wifi.univ-nantes.fr
IP : 192.168.14.2
Gateway : 192.168.14.1
DNS : 192.168.14.1

I restart bind9 to make it listen on new tun0 IP (192.168.14.1).

When I try a dig, all is right :
Code:
root@TutWifi:~# dig portail1.wifi.univ-nantes.fr @192.168.14.1
; <<>> DiG 9.7.0-P1 <<>> portail1.wifi.univ-nantes.fr @192.168.14.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63708
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
 
;; QUESTION SECTION:
;portail1.wifi.univ-nantes.fr.    IN    A
 
;; ANSWER SECTION:
portail1.wifi.univ-nantes.fr. 604800 IN    A    192.168.14.1
 
;; AUTHORITY SECTION:
wifi.univ-nantes.fr.    604800    IN    NS    ns.wifi.univ-nantes.fr.
 
;; ADDITIONAL SECTION:
ns.wifi.univ-nantes.fr.    604800    IN    A    192.168.14.1
 
;; Query time: 0 msec
;; SERVER: 192.168.15.1#53(192.168.15.1)
;; WHEN: Sat Feb 11 11:47:47 2012
;; MSG SIZE  rcvd: 95
Client can successfully ping the DNS (which is the gateway).
But when he tries to do a nslookup, he have a timeout error.


Some issues :
I config a public DNS2 in chillispot config file.
Client have my 192.168.14.1 as primary and public as secondary.
When I launch Wireshark on tun0 interface, and try a nslookup on my client :
- No request at all for my 192.168.14.1 (but I can see it on eth0)
- I have all requests and responses for my secondary public DNS !! (on tun0 and eth0 for sure)

- If I try to ping my 192.168.14.1, I can see it on tun0, so it seems to be DNS request not relayed.

I've found a temporary solution :
- Create a virtual interface : ifconfig eth0:0 192.168.15.1 netmask 255.255.255.0 up
- Restart bind9 to listen on this new interface
- Add 192.168.15.1 as primary DNS into chilli config file
And now I can see DNS requests on my tun0 interface...

I think this is not a good solution, so I will be very happy if someone can tell me which is the problem !!!

Thank you so much,
Clement

Last edited by theclem35; 02-12-2012 at 12:52 PM.
 
Old 02-12-2012, 01:30 PM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,910

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Quote:
root@TutWifi:~# dig portail1.wifi.univ-nantes.fr @192.168.14.1

<--snip-->

;; Query time: 0 msec
;; SERVER: 192.168.15.1#53(192.168.15.1)
;; WHEN: Sat Feb 11 11:47:47 2012
;; MSG SIZE rcvd: 95
Huh? How can you query the dns at 192.168.14.1 and get a response from 192.168.15.1?
I guess this is done because of the captive portal you're using, so you have to configure it so that it uses the correct dns IP address.
 
Old 02-12-2012, 05:25 PM   #5
theclem35
LQ Newbie
 
Registered: Feb 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
Hi,

Bind9 listens on all interfaces (192.168.14.1 = tun0, 192.168.15.1 = eth0:0, 192.168.1.6 = wlan0, 127.0.0.1 of course)
I've created eth0:0 because bind9 generates timeout if I try to ask on tun0 (which is incredible I'm agree)

Iptables rules are all flushed and all chains are ACCEPT (no any rules, only masquerade for wlan0 output)

If I stop my hotspot software, and wire my client with fixed IP direclty on my eth0 (without eth0:0) bind9 answers correctly on 192.168.14.1

Hummmmm
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Bind9 DNS server - configuration issues BEaSTFX Linux - Networking 10 10-30-2011 09:49 AM
Help needed - Bind9 dns server Altinci Linux - Server 0 08-12-2010 03:27 AM
DNS Server (BIND9) mpgram Linux - Server 1 02-22-2008 10:36 AM
BIND9 not forwarding DNS requests lordbressers Linux - Server 8 05-19-2007 12:06 AM
DNS Server for 2 domains - Bind9 bence8810 Linux - Server 17 12-19-2006 01:58 AM


All times are GMT -5. The time now is 12:12 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration