LinuxQuestions.org - BIND 9 configuration in Debian

- Debian (https://www.linuxquestions.org/questions/debian-26/)

- - BIND 9 configuration in Debian (https://www.linuxquestions.org/questions/debian-26/bind-9-configuration-in-debian-415354/)

BIND 9 configuration in Debian

I am looking for some guidance on verifying the BIND 9configuration on my Debian Web Server.

I have a MS SBS 2003 and have the Debian Web Server set-up to act as the DNS for the network. But, for some reason my MS Exchange Server will not send or receive email. I believe it has something to do with the DNS designation of my MX information.

I have been searching and reading but have not found the instructions for BIND 9 in Debian. I have read the Debian/GNU/Linux Network Administrator's Manual, Chapter 8 - DNS/BIND. Even though Ivan E. Moore says he is going to just focus on BIND 9.x what he has written isn't even close to what I find loaded on my Debian machine.

Under 8.3.1 named.conf he shows the first lines of named.conf as:

// generated by named-bootconf.pl

options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
****************************************************

On my machine the named.conf file starts with:

// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
****************************************************

Plus, when I click on the Links located in 8.7 Obtaining Help With BIND all I get is a "The web site you have requested doesn't exist.
The associated domain name has been reserved by a GANDI customer and parked as unused." message.

Any assistance in getting my MX working with BIND 9 will be greatly appreciated.

Have you looked at what is in /etc/bind/named.conf.options? I am running bind9 myself, and in that file are the exact same things as are in the bind8 configuration files that you list.

Debian likes to split configuration up into multiple files, it seems. This is the same with apache2 and the addition of virtual hosts.

BIND 9 Multiple .conf files

I looked in all of the .conf files and they looked fine to me. The named.conf.options file lists the Forwarders and access to Port 53. Here it is:

***************************************************
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.

query-source address * port 53;

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

forwarders {
4.2.2.1;
4.2.2.2;
4.2.2.3;
};
**************************************************

I have tried it with the Port 53 commented out and active with no difference.

Are the Forwarder IPs the Internal or External IPs? We were originally set-up to do all website, with Debian and Apache2, and email, via MS Exchange Server, in house. All the ISP provided was an Internet connection and a block of IP Addresses. Everything worked fine until they turned off our DSL Service 3 months earlier than scheduled. That left us hanging so I quickly set-up an external hosting for the website and had to establish POP3 accounts just to keep us operational.

Now, that we have the DSL back, I am unable to find out why the MS Exchange Server is not working like it did before. I know it there must be a problem with the DNS because the in-house website comes up fine. But, I do not remember what I had set-up before the DSL crash.

Those forwarder IP's are the IP's that bind is trying to use to find names that it doesn't know about.

From http://cryptio.net/~ferlatte/blog/config/bind9/ :

Quote:

Found out yesterday that if you configure BIND9’s named to use forwarders, it will timeout and fail if it can’t reach any of the forwarders. I guess if you’re behind a firewall this may be what you want, but in general I’d imagine that you’d want your local named to try the lookup if it can’t get to the forwarders as a last resort. Adding a forward first; clause to your options stanza causes named to try the forwarders first, but if they don’t respond in time it will perform the DNS lookup itself.

If you simply comment those forwarding lines out, any DNS request that comes to the server that is not known locally will be looked up using the root servers instead.

Also, make sure that your root servers are up-to-date. They should be, but just in case they aren't you may want to check anyway.

Bind error for connection of localhost refuse

bind9rndc: connect failed: 127.0.0.1#953: connection refused
I use debian 6 squeezy
after the config all of bind9 is done and I restart the bind9 service, I met the error above I shown. Help me please!