LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-29-2014, 10:58 AM   #1
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190

Rep: Reputation: 60
DNS Server Setup Centos 6.5 Issues


I am having a bit of trouble getting my CENTOS 6.5 DNS server to work correctly in our testlab environment. Lab network is 10.8.0.0/24 in which we all access from 10.7.0.0.0/24 && 10.0.0.0/24. Here are my configs:
Code:
options {
	listen-on port 53 { 127.0.0.1; 10.8.0.19;};
	#listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        // forwarders { 10.8.0.150; };
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	allow-query     { localhost; 10.0.0.0/24; 10.8.0.0/24; 10.7.0.0/24; };
	allow-transfer  { localhost; 10.0.0.0/24; };
        recursion yes;

	dnssec-enable yes;
	dnssec-validation yes;
	dnssec-lookaside auto;

	/* Path to ISC DLV key */
	bindkeys-file "/etc/named.iscdlv.key";

	managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "labtest.local" IN {
type master;
file "labtest.local.zone";
allow-update { none; };
};

zone "0.8.10.in-addr.arpa" IN {
type master;
file "0.8.10.in-addr.arpa";
allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
forward look stuff:
Code:
$ORIGIN labtest.local.

$TTL   1d
@               IN SOA  test-nameserver.labtest.local. root.labtest.local.     (

                12 ; se = serial number
                3h         ; ref = refresh
                15m        ; ret = update retry
                3w         ; ex = expiry
                3h         ; min = minimum
                                        )

@                IN   NS   test-nameserver.labtest.local.
@		 IN   A    10.8.0.19


test-nameserver         IN    A   10.8.0.19

dojo1                   IN    A   10.8.0.186
redhat.5.5.32Bit        IN    A   10.8.0.149
redhat.6.2.64Bit        IN    A   10.8.0.147
mandriva.9.2.32Bit      IN    A   10.8.0.153
RELEASE-WIN2003         IN    A   10.8.0.17
reverse stuff
Code:
$TTL    1d
@   IN    SOA   test-nameserver.labtest.local. root.labtest.local. (
    2013112100 ; se = serial number
    3h         ; ref = refresh
    15m        ; ret = update retry
    3w         ; ex = expiry
    3h         ; min = minimum
    )

@                       IN   NS   test-nameserver.labtest.local.
@                       IN   A    10.8.0.19
@			IN PTR    labtest.local

test-nameserver         IN    A   10.8.0.19

19     IN   PTR  test-nameserver.labtest.local.
186    IN   PTR  dojo1.labtest.local.
149    IN   PTR  redhat.5.5.32Bit.labtest.local.
147    IN   PTR  redhat.6.2.64Bit.labtest.local.
153    IN   PTR  mandriva.9.2.32Bit.labtest.local.
17     IN   PTR  RELEASE-WIN2003.labtest.local.
When running my tests against it, I can ping a target but oddly digs response shows that the DNS server is not anwsering:
Code:
[root@test-nameserver]# dig @test-nameserver.labtest.local dojo1

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> @test-nameserver.labtest.local dojo1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38262
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dojo1.				IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2014052900 1800 900 604800 86400

;; Query time: 3040 msec
;; SERVER: 10.8.0.19#53(10.8.0.19)
;; WHEN: Thu May 29 11:56:11 2014
;; MSG SIZE  rcvd: 98

[root@test-nameserver]# ping dojo1
PING dojo1.labtest.local (10.8.0.186) 56(84) bytes of data.
64 bytes from dojo1.labtest.local (10.8.0.186): icmp_seq=1 ttl=64 time=1.91 ms
64 bytes from dojo1.labtest.local (10.8.0.186): icmp_seq=2 ttl=64 time=0.573 ms
^C
--- dojo1.labtest.local ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1214ms
rtt min/avg/max/mdev = 0.573/1.244/1.915/0.671 ms
[root@test-nameserver]# nslookup dojo1
Server:		10.8.0.19
Address:	10.8.0.19#53

Name:	dojo1.labtest.local
Address: 10.8.0.186

[root@test-nameserver]# host dojo1
dojo1.labtest.local has address 10.8.0.186
[root@test-nameserver]# 
[root@test-nameserver]# nslookup labtest.local
Server:		10.8.0.19
Address:	10.8.0.19#53

Name:	labtest.local
Address: 10.8.0.19

Last edited by metallica1973; 05-29-2014 at 11:02 AM.
 
Old 05-29-2014, 11:36 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,204
Blog Entries: 1

Rep: Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059
Quote:
When running my tests against it, I can ping a target but oddly digs response shows that the DNS server is not anwsering:
From the response you get (NXDOMAIN), it's obvious that dns is running but cannot find the host in the zone file
This is because you used the hostname and not the FQDN Try again with
Code:
dig @test-nameserver.labtest.local dojo1.labtest.local
If you have a line
Code:
search labtest.local
in /etc/resolv.conf, you can omit the domain part and use:
Code:
dig @test-nameserver.labtest.local dojo1 +search
Regards

Last edited by bathory; 05-29-2014 at 12:33 PM.
 
1 members found this post helpful.
Old 05-29-2014, 12:10 PM   #3
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190

Original Poster
Rep: Reputation: 60
simply awesome. what about:
Code:
nslookup labtest.local
Server:		10.8.0.19
Address:	10.8.0.19#53
why doesnt it display all the machines of the domain?

Last edited by metallica1973; 05-29-2014 at 12:13 PM.
 
Old 05-29-2014, 12:33 PM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,204
Blog Entries: 1

Rep: Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059Reputation: 2059
Quote:
Originally Posted by metallica1973 View Post
simply awesome. what about:
Code:
nslookup labtest.local
Server:		10.8.0.19
Address:	10.8.0.19#53
why doesnt it display all the machines of the domain?
nslookup responds correctly with the IP of the domain. Hosts listing (ls option) is not implemented anymore for security reasons.
If you want to list all hosts, you can do domain transfer on screen:
Code:
nslookup -q=axfr abtest.local
 
1 members found this post helpful.
Old 05-29-2014, 01:32 PM   #5
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190

Original Poster
Rep: Reputation: 60
You are the man!!!! Many thanks.
 
Old 05-29-2014, 04:02 PM   #6
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190

Original Poster
Rep: Reputation: 60
Actually I ran the test on my laptop and it doesnt work

dig @test-nameserver.labtest.local dojo1.labtest.local +search
dig: couldn't get address for 'test-nameserver.labtest.local': not found

but if I do it via the ip address:
Code:
dig @10.8.0.19 dojo1.labtest.local 

; <<>> DiG 9.9.5-3-Ubuntu <<>> @10.8.0.19 dojo1.labtest.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54507
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dojo1.labtest.local.		IN	A

;; ANSWER SECTION:
dojo1.labtest.local.	86400	IN	A	10.8.0.186

;; AUTHORITY SECTION:
testlabtest.local.	86400	IN	NS	test-nameserver.labtest.local.

;; ADDITIONAL SECTION:
test-nameserver.labtest.local. 86400 IN A	10.8.0.19

;; Query time: 3 msec
;; SERVER: 10.8.0.19#53(10.8.0.19)
;; WHEN: Thu May 29 16:59:30 EDT 2014
;; MSG SIZE  rcvd: 112
 
Old 05-29-2014, 04:12 PM   #7
metallica1973
Senior Member
 
Registered: Feb 2003
Location: Washington D.C
Posts: 2,190

Original Poster
Rep: Reputation: 60
nevermind
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Setup internal DNS server in CENTOS michibahn Linux - Server 29 09-17-2012 04:03 PM
CentOS 6 + DNS Bind issues..please help mkind Linux - Newbie 1 08-06-2011 03:30 AM
Please help complete setup DNS in centos 5.6 splinux Linux - Server 7 07-09-2011 02:40 PM
LXer: CentOS 4.6 Server Setup: LAMP, Email, DNS, FTP, ISPConfig LXer Syndicated Linux News 0 01-10-2008 03:40 PM
LXer: CentOS 5.1 Server Setup: LAMP, Email, DNS, FTP, ISPConfig LXer Syndicated Linux News 0 12-06-2007 03:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration