I followed a tutorial to configure bind for my own purposes internally on my LAN to resolve names. I've looked over the configuration and followed a few troubleshooting steps but can't seem to figure out where I went wrong.
Here is the output I get when issuing the named-checkzone cmd:
Code:
root@server1:/etc/bind# named-checkzone ns1.link.home /etc/bind/zones/link.home.db
/etc/bind/zones/link.home.db:3: ignoring out-of-zone data (link.home)
/etc/bind/zones/link.home.db:14: ignoring out-of-zone data (buffalo.link.home)
zone ns1.link.home/IN: has 0 SOA records
zone ns1.link.home/IN: has no NS records
zone ns1.link.home/IN: not loaded due to errors.
This is what I get when I attempt to dig my ns server:
root@server1:/etc/bind# dig ns1.link.home
Code:
; <<>> DiG 9.9.2-P1 <<>> ns1.link.home
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17270
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ns1.link.home. IN A
;; AUTHORITY SECTION:
. 1800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2013091501 1800 900 604800 86400
;; Query time: 77 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Sep 15 18:44:01 2013
;; MSG SIZE rcvd: 117
My configuration files
named.conf.local
Code:
root@server1:/etc/bind# cat named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "link.home" {
type master;
file "/etc/bind/zones/link.home.db";
};
zone "1.1.10.in-addr.arpa"{
type master;
file "/etc/bind/zones/rev.1.1.10.inaddr.arpa";
};
named.conf.options
Code:
root@server1:/etc/bind# cat named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
##These are Public Google DNS Servers
forwarders {
8.8.8.8; 8.8.4.4;
};
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
Zone Files:
link.home.db
Code:
root@server1:/etc/bind/zones# cat link.home.db
$TTL 86400 ; 24 hours could have been written as 24h or 1d
$ORIGIN link.home.
@ 1D IN SOA ns1.link.home. hostmaster.link.home. (
2013091501 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
IN NS ns1.link.home ; in the domain
; server host definitions
ns1 IN A 192.168.10.250 ;name server definition
; non server domain hosts
buffalo IN A 192.168.10.1 ;buffalo router
rev.1.1.10.inaddr.arpa
Code:
root@server1:/etc/bind/zones# cat rev.1.1.10.inaddr.arpa
$TTL 86400 ; 24 hours could have been written as 24h or 1d
$ORIGIN 1.1.10.IN-ADDR.ARPA.
@ 1D IN SOA ns1.link.home. admin.link.home. (
2013091501 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
; server host definitions
250 IN PTR ns1.link.home.
; non server domain hosts
1 IN PTR buffalo.link.home.
One thing I noticed from the named.conf.options file is that the google dns server IPs I placed in the config appear to be what is responding to my dig requests which doesn't look right. The other thing I read briefly about was the need to chroot some of the files/directories but I'm lost at this point.
Any help would be much appreciated.