LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   "dig mx" and "ping google" do not work when bind9 runs.. why? (http://www.linuxquestions.org/questions/linux-software-2/dig-mx-and-ping-google-do-not-work-when-bind9-runs-why-516606/)

alexxxis 01-05-2007 11:23 AM

"dig mx" and "ping google" do not work when bind9 runs.. why?
 
Hi all,

I am running a Debian 3.1 server remotely and i have
set up Bind9 successfully for my domains.

But "dig mx hotmail.com" or "ping google" on my local server does not work. e.g.
Code:

xyz:~# ping google.com
ping: unknown host google.com

I cannot edit the resolv.conf file
not even using resolvconf.. if i do it by hand
it changes itself back to original..

# vi /etc/resolv.conf (sym link to /etc/resolvconf/run/resolv.conf)
Code:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#    DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
nameserver 206.251.228.22
nameserver 209.216.206.167
nameserver 206.251.228.24
search org

saman007uk has suggested adding forwarders in my
/etc/bind/named.conf.options and so i did.. bad
with no luck (it just worked initially while my
syntax was wrong and the bind server was broken
.. so all works fine when bind9 is stopped)

my config files follow
Any help would be appreciated,
Alex




-----------------------------------------------------



/etc/bind/named.conf.options:

Code:

options {
        directory "/var/cache/bind";

        forwarders {
                206.251.228.22;
                206.251.228.24;
                209.216.206.167;
        };
        forward first;
        transfers-in 150;
       
        auth-nxdomain no;

        recursion no;
};



/etc/bind/named.conf:

Code:

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

include "/etc/bind/named.conf.local";


bitva 01-05-2007 02:10 PM

Have you tried removing the /etc/resolv.conf symlink and making it a static file?

alexxxis 01-06-2007 02:24 PM

Thanks bitva,

yes it does work if i make /etc/resolv.conf
a static file and remove the local address!

ping and dig worked fine :-)

but then if i do:

Code:

# resolvconf -u
/etc/resolvconf/update.d/libc: Error: /etc/resolv.conf is not a symbolic link to /etc/resolvconf/run/resolv.conf

couldn't this create other problems in the future?
(there must be a better way no?)

Alex

alexxxis 01-06-2007 03:46 PM

i added:

//recursion no;
allow-recursion { 127.0.0.1; };

and it works perfect
no need to edit resolv.conf

Thanks bitva,
Alex

chort 01-07-2007 04:16 AM

Quote:

Originally Posted by alexxxis
i added:

//recursion no;
allow-recursion { 127.0.0.1; };

and it works perfect
no need to edit resolv.conf

Thanks bitva,
Alex

Just to confirm, this is the right thing to do (and do not just blanket enable recursion). This allows your local host make recursive DNS queries via BIND, but will only allow remote hosts to lookup information about your zones, not anyone else's zones (which is correct!).


All times are GMT -5. The time now is 05:26 AM.