Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm attempting to configure a DNS server using google as my FQDN forwarder. (8.8.8.8 or 8.8.4.4) I believe I've configured everything correctly but since this is my first time attempting this via linux I'm not entirely certain everything is working properly.
My primary concern is whether the server is resolving queries through google or not. I've read that the dig command could be used to determine this, but I cant figure out exactly how.
Would someone be able to tell me how I can be certain that my server is checking name resolution queries with google by using dig or any other command please?
Thank you Bathory, this is exactly what I needed, but now I have a new problem. My server is definitely not using google to resolve queries.
I originally believed that configuring the forwarders, in the etc/bind/named.conf.options, to 8.8.8.8 and/or 8.8.4.4 file would allow resolution through goole, but apparently not.
I've experimented a little, and now wonder if changing the nameserver line in the etc/resolv.conf to google's address would get everything working. Any ideas?
Would it just be easier for me to upload my code and let you dissect it at this point?
I've experimented a little, and now wonder if changing the nameserver line in the etc/resolv.conf to google's address would get everything working. Any ideas?
We are talking for 2 different things:
In my post above I assumed that you want to use google as a resolver, i.e. use its namerver(s) in /etc/resolv.conf
If you want to use google as a forwarder for your nameserver, you need to add its namerver(s) in the forwarders option in named.conf and also use
Code:
forward only;
Note that in this case the answer will come from your dns. You can achieve the same without forwarders, if you configure your server as a caching dns (using the hint zone).
Quote:
Would it just be easier for me to upload my code and let you dissect it at this point?
Feel free to do so if you want, but you have to explain what exactly are you trying to do with your nameserver.
I'm so sorry, you're right. I was confusing terminology. I did a little more research, and what I'm trying to do is configure my DNS server to forward to google. Eventually I would like to host my zone, but that's a project for another day. At the moment what I really want to know is how do I find proof that queries are being forwarded?
I may have messed something else up for all I know, so here are my configurations.
(db.192.168.0)
;
$TTL 604800
0.168.192.in-addr.arpa. IN SOA ns1.myzone.org. admin.myzone.org. (
1;
3h;
1h;
1w;
1h );
;
0.168.192.in-addr.arpa. IN NS ns1.myzone.org.
10.0.168.192.in-addr.arpa. IN PTR myzone.org.
(db.myzone.org)
;
$TTL 3h
@ IN SOA ns1.myzone.org. admin.myzone.org. (
1;
3h;
1h;
1w;
1h );
;
@ IN NS ns1.myzone.org.
myzone.org. IN MX 10 mail.myzone.org.
myzone.org. IN A 192.168.0.10
ns1 IN A 192.168.0.10
www IN CNAME myzone.org.
mail IN A 192.168.0.10
ftp IN CNAME myzone.org.
option if you want to run your own authoritative server along with forwarding queries.
Quote:
At the moment what I really want to know is how do I find proof that queries are being forwarded?
You can use tcpdump.
First run:
Code:
tcpdump -w dns.pcap -i eth0 port 53
and do some queries to your dns (e.g. dig linuxquestions.org, dig google.com etc) to capture some packets, stop the command above and read the captured packets:
Code:
tcpdump -n -r dns.pcap
You'll see something like the following proving that your dns forwards queries to 8.8.8.8
Quote:
reading from file dns.pcap, link-type EN10MB (Ethernet)
01:20:30.390190 IP 192.168.254.1.2528 > 8.8.8.8.53: 52735+ [1au] A? linuxquestions.org. (47)
01:20:30.473711 IP 8.8.8.8.53 > 192.168.254.1.2528: 52735 1/0/1 A 75.126.162.205 (63)
01:20:35.926546 IP 192.168.254.1.40859 > 8.8.8.8.53: 7108+ [1au] A? google.com. (39)
01:20:36.015160 IP 8.8.8.8.53 > 192.168.254.1.40859: 7108 6/0/1 A 209.85.148.106, A 209.85.148.99, A 209.85.148.147, A 209.85.148.103, A 209.85.148.105, A 209.85.148.104 (135)
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.