LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   few question about configure bind9 on Ubuntu. (http://www.linuxquestions.org/questions/linux-server-73/few-question-about-configure-bind9-on-ubuntu-913907/)

yy885 11-16-2011 03:18 PM

few question about configure bind9 on Ubuntu.
 
Hello I have a few question about configure bind9 on Ubuntu 11.10.

This is my config so far but seems to be not working, I dont know do I need to do more config or here already have lots of error? Ive tried to config them in the past few days but still no luck.:scratch: so I wonder anyone here can give me a hand?


thanks


=======================================================
jtest.info
68.xxx.2xx.100

NS67.DOMAINCONTROL.COM
216.xx.xxx.47

NS68.DOMAINCONTROL.COM
208.xxx.255.47;

=======================================================

/etc/bind/named.conf
Code:

include "/etc/bind/named.conf.options";
zone "jtest.info" {
    type master;
    file "/etc/bind/db.jtest";
};
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

=======================================================

/etc/bind/named.conf.options
Code:

options {
        directory "/var/cache/bind";
        query-source address * port 53;
        recursion yes;
        allow-recursion { 127.0.0.1; };
        forwarders { 216.xx.xxx.47; 208.xxx.255.47; };
        allow-query { any; };
        allow-transfer { none; };
        auth-nxdomain no;
        listen-on-v6 { any; };
};


=======================================================

/etc/bind/db.jtest
Code:

;
; BIND data file for jtest.info
;
$TTL 604800
@      IN      SOA      jtest.INFO. root.jtest.INFO. (
201111163        ; Serial
172800        ; Refresh
900        ; Retry
1209600        ; Expire
3600 )      ; Negative Cache TTL
;
IN      NS      NS67.DOMAINCONTROL.COM.
IN      NS      NS68.DOMAINCONTROL.COM.
*                      CNAME  jtest.INFO.


bathory 11-16-2011 04:43 PM

Hi,

You didn't say the exact problem you face, but there is no A record for jtest.info. You need to add it, in the zone file
Code:

$TTL 604800
@      IN      SOA      jtest.INFO. root.jtest.INFO. (
201111164        ; Serial Need to be increased
172800        ; Refresh
900        ; Retry
1209600        ; Expire
3600 )      ; Negative Cache TTL
;
                  IN      NS      NS67.DOMAINCONTROL.COM.
                  IN      NS      NS68.DOMAINCONTROL.COM.
jtest.info. IN      A        68.xxx.2xx.100
*                CNAME  jtest.INFO.

The blank space(s) in front of the NS RRs are important.
Increase the serial and reload bind

yy885 11-16-2011 05:03 PM

thank you for your reply. The problem I face is while I am doing

named-checkzone jtest.info /etc/bind/db.jtest

I got an error and so nothing loaded.
Code:

zone jtest.info/IN: has no NS records
zone jtest.info/IN: not loaded due to errors.

=============================================

so I just did what you suggest and this is the result.

Code:

root@ubuntu:~# named-checkzone jtest.info /etc/bind/db.jtest
zone jtest.info/IN: loaded serial 201111164
OK

So the dns server is running ok now?

because the next step I have to do is setting up/adding iodine server.

I cannot process until this server is actually functional.

Thank you for your help.

bathory 11-16-2011 05:15 PM

Quote:

Quote:

I got an error and so nothing loaded.
Code:

zone jtest.info/IN: has no NS records
zone jtest.info/IN: not loaded due to errors.

This is because you didn't have at least one blank space in front of the NS RRs.

Quote:

So the dns server is running ok now?
If it's one of NS67.DOMAINCONTROL.COM or NS68.DOMAINCONTROL.COM it should.
You can test it by running:
Code:

dig jtest.info @NS67.DOMAINCONTROL.COM
dig whatever.jtest.info @NS67.DOMAINCONTROL.COM

Also omit the @NS... and see what you get

Regards

yy885 11-16-2011 05:34 PM

Code:

root@ubuntu:~# dig jtest.info @NS67.DOMAINCONTROL.COM

; <<>> DiG 9.7.3 <<>> jtest.info @NS67.DOMAINCONTROL.COM
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65143
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;; QUESTION SECTION:
;jtest.info.                IN        A

;; ANSWER SECTION:
jtest.info.        3600        IN        A        68.178.xxx.100

;; AUTHORITY SECTION:
jtest.info.        3600        IN        NS        ns67.domaincontrol.com.
jtest.info.        3600        IN        NS        ns68.domaincontrol.com.

;; Query time: 35 msec
;; SERVER: 216.69.185.47#53(216.69.xxx.47)
;; WHEN: Wed Nov 16 15:21:38 2011
;; MSG SIZE  rcvd: 105

Code:

root@ubuntu:~# dig whatever.jtest.info @NS67.DOMAINCONTROL.COM

; <<>> DiG 9.7.3 <<>> whatever.jtest.info @NS67.DOMAINCONTROL.COM
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14486
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;whatever.jtest.info.        IN        A

;; ANSWER SECTION:
whatever.jtest.info. 3600        IN        A        68.178.xxx.99

;; AUTHORITY SECTION:
jtest.info.        3600        IN        NS        ns67.domaincontrol.com.
jtest.info.        3600        IN        NS        ns68.domaincontrol.com.

;; Query time: 36 msec
;; SERVER: 216.69.185.47#53(216.69.xxx.47)
;; WHEN: Wed Nov 16 15:22:33 2011
;; MSG SIZE  rcvd: 114

Code:

root@ubuntu:~# dig root.jtest.info @NS67.DOMAINCONTROL.COM

; <<>> DiG 9.7.3 <<>> root.jtest.info @NS67.DOMAINCONTROL.COM
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11748
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;root.jtest.info.                IN        A

;; ANSWER SECTION:
root.jtest.info.        3600        IN        A        68.178.xxx.99

;; AUTHORITY SECTION:
jtest.info.        3600        IN        NS        ns67.domaincontrol.com.
jtest.info.        3600        IN        NS        ns68.domaincontrol.com.

;; Query time: 38 msec
;; SERVER: 216.69.185.47#53(216.69.xxx.47)
;; WHEN: Wed Nov 16 15:22:45 2011
;; MSG SIZE  rcvd: 110

thank for the reply. everything looks fine now.

Do you know iodine by chance?
I want to set the iodine server on this machine.

Code:

root@ubuntu:~# iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT-to :5353

root@ubuntu:~# iodined -f -p 5353 10.0.0.1 jtest.info
ALERT! Other dns servers expect you to run on port 53.
You must manually forward port 53 to port 5353 for things to work.
Enter password:
Opened dns0
Setting IP of dns0 to 10.0.0.1
Setting MTU of dns0 to 1130
Opened UDP socket
Listening to dns for domain jtest.info

I suppose to use this command on another machine right?

Code:

iodine -f -P password server_ip jtest.info
I am query about the server_ip. is 10.0.0.1 my server's ip or this inet addr:192.168.116.136?

thank you for your help

bathory 11-17-2011 12:25 AM

Quote:

Do you know iodine by chance?
No, I'm sorry
You may mark this thread "Solved' and start a new one about iodine.

Cheers


All times are GMT -5. The time now is 10:01 AM.