Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-29-2014, 10:58 AM
|
#1
|
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190
Rep:
|
DNS Server Setup Centos 6.5 Issues
I am having a bit of trouble getting my CENTOS 6.5 DNS server to work correctly in our testlab environment. Lab network is 10.8.0.0/24 in which we all access from 10.7.0.0.0/24 && 10.0.0.0/24. Here are my configs:
Code:
options {
listen-on port 53 { 127.0.0.1; 10.8.0.19;};
#listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
// forwarders { 10.8.0.150; };
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 10.0.0.0/24; 10.8.0.0/24; 10.7.0.0/24; };
allow-transfer { localhost; 10.0.0.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
zone "labtest.local" IN {
type master;
file "labtest.local.zone";
allow-update { none; };
};
zone "0.8.10.in-addr.arpa" IN {
type master;
file "0.8.10.in-addr.arpa";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
forward look stuff:
Code:
$ORIGIN labtest.local.
$TTL 1d
@ IN SOA test-nameserver.labtest.local. root.labtest.local. (
12 ; se = serial number
3h ; ref = refresh
15m ; ret = update retry
3w ; ex = expiry
3h ; min = minimum
)
@ IN NS test-nameserver.labtest.local.
@ IN A 10.8.0.19
test-nameserver IN A 10.8.0.19
dojo1 IN A 10.8.0.186
redhat.5.5.32Bit IN A 10.8.0.149
redhat.6.2.64Bit IN A 10.8.0.147
mandriva.9.2.32Bit IN A 10.8.0.153
RELEASE-WIN2003 IN A 10.8.0.17
reverse stuff
Code:
$TTL 1d
@ IN SOA test-nameserver.labtest.local. root.labtest.local. (
2013112100 ; se = serial number
3h ; ref = refresh
15m ; ret = update retry
3w ; ex = expiry
3h ; min = minimum
)
@ IN NS test-nameserver.labtest.local.
@ IN A 10.8.0.19
@ IN PTR labtest.local
test-nameserver IN A 10.8.0.19
19 IN PTR test-nameserver.labtest.local.
186 IN PTR dojo1.labtest.local.
149 IN PTR redhat.5.5.32Bit.labtest.local.
147 IN PTR redhat.6.2.64Bit.labtest.local.
153 IN PTR mandriva.9.2.32Bit.labtest.local.
17 IN PTR RELEASE-WIN2003.labtest.local.
When running my tests against it, I can ping a target but oddly digs response shows that the DNS server is not anwsering:
Code:
[root@test-nameserver]# dig @test-nameserver.labtest.local dojo1
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @test-nameserver.labtest.local dojo1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38262
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;dojo1. IN A
;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2014052900 1800 900 604800 86400
;; Query time: 3040 msec
;; SERVER: 10.8.0.19#53(10.8.0.19)
;; WHEN: Thu May 29 11:56:11 2014
;; MSG SIZE rcvd: 98
[root@test-nameserver]# ping dojo1
PING dojo1.labtest.local (10.8.0.186) 56(84) bytes of data.
64 bytes from dojo1.labtest.local (10.8.0.186): icmp_seq=1 ttl=64 time=1.91 ms
64 bytes from dojo1.labtest.local (10.8.0.186): icmp_seq=2 ttl=64 time=0.573 ms
^C
--- dojo1.labtest.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1214ms
rtt min/avg/max/mdev = 0.573/1.244/1.915/0.671 ms
[root@test-nameserver]# nslookup dojo1
Server: 10.8.0.19
Address: 10.8.0.19#53
Name: dojo1.labtest.local
Address: 10.8.0.186
[root@test-nameserver]# host dojo1
dojo1.labtest.local has address 10.8.0.186
[root@test-nameserver]#
[root@test-nameserver]# nslookup labtest.local
Server: 10.8.0.19
Address: 10.8.0.19#53
Name: labtest.local
Address: 10.8.0.19
Last edited by metallica1973; 05-29-2014 at 11:02 AM.
|
|
|
05-29-2014, 11:36 AM
|
#2
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,204
|
Quote:
When running my tests against it, I can ping a target but oddly digs response shows that the DNS server is not anwsering:
|
From the response you get (NXDOMAIN), it's obvious that dns is running but cannot find the host in the zone file
This is because you used the hostname and not the FQDN Try again with
Code:
dig @test-nameserver.labtest.local dojo1.labtest.local
If you have a line
Code:
search labtest.local
in /etc/resolv.conf, you can omit the domain part and use:
Code:
dig @test-nameserver.labtest.local dojo1 +search
Regards
Last edited by bathory; 05-29-2014 at 12:33 PM.
|
|
1 members found this post helpful.
|
05-29-2014, 12:10 PM
|
#3
|
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190
Original Poster
Rep:
|
simply awesome. what about :
Code:
nslookup labtest.local
Server: 10.8.0.19
Address: 10.8.0.19#53
why doesnt it display all the machines of the domain?
Last edited by metallica1973; 05-29-2014 at 12:13 PM.
|
|
|
05-29-2014, 12:33 PM
|
#4
|
LQ Guru
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,204
|
Quote:
Originally Posted by metallica1973
simply awesome. what about :
Code:
nslookup labtest.local
Server: 10.8.0.19
Address: 10.8.0.19#53
why doesnt it display all the machines of the domain?
|
nslookup responds correctly with the IP of the domain. Hosts listing (ls option) is not implemented anymore for security reasons.
If you want to list all hosts, you can do domain transfer on screen:
Code:
nslookup -q=axfr abtest.local
|
|
1 members found this post helpful.
|
05-29-2014, 01:32 PM
|
#5
|
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190
Original Poster
Rep:
|
You are the man!!!! Many thanks.
|
|
|
05-29-2014, 04:02 PM
|
#6
|
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190
Original Poster
Rep:
|
Actually I ran the test on my laptop and it doesnt work
dig @test-nameserver.labtest.local dojo1.labtest.local +search
dig: couldn't get address for 'test-nameserver.labtest.local': not found
but if I do it via the ip address:
Code:
dig @10.8.0.19 dojo1.labtest.local
; <<>> DiG 9.9.5-3-Ubuntu <<>> @10.8.0.19 dojo1.labtest.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54507
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dojo1.labtest.local. IN A
;; ANSWER SECTION:
dojo1.labtest.local. 86400 IN A 10.8.0.186
;; AUTHORITY SECTION:
testlabtest.local. 86400 IN NS test-nameserver.labtest.local.
;; ADDITIONAL SECTION:
test-nameserver.labtest.local. 86400 IN A 10.8.0.19
;; Query time: 3 msec
;; SERVER: 10.8.0.19#53(10.8.0.19)
;; WHEN: Thu May 29 16:59:30 EDT 2014
;; MSG SIZE rcvd: 112
|
|
|
05-29-2014, 04:12 PM
|
#7
|
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190
Original Poster
Rep:
|
nevermind
|
|
|
All times are GMT -5. The time now is 07:16 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|