[SOLVED] Bind Server

mangya · 08-28-2016, 08:24 AM

Hi all

I've just installed bind server, but the problem is, I cannot resolve localhost, the box where bind server itself is installed. I can resolve all other machines in lan. Why?

Here are the file details:

Code:

[root@srv ~]# ip addr show enp3s0
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether d0:50:99:6a:a2:40 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.7/24 brd 192.168.1.255 scope global enp3s0
       valid_lft forever preferred_lft forever
    inet6 fe80::d250:99ff:fe6a:a240/64 scope link 
       valid_lft forever preferred_lft forever

Code:

[root@srv ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

[root@srv ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search nixquery.lan
nameserver 192.168.1.7
nameserver 8.8.8.8
nameserver fe80::1%enp3s0

Code:

[root@srv ~]# cat /etc/named.conf
options {
	listen-on port 53 { localhost; 127.0.0.1; 192.168.1.7; };
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
	statistics-file "/var/named/data/named_stats.txt";
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	allow-query     { localhost; 127.0.0.1; 192.168.1.0/24; };
	recursion yes;
	dnssec-enable yes;
	dnssec-validation yes;
	bindkeys-file "/etc/named.iscdlv.key";
	managed-keys-directory "/var/named/dynamic";
	pid-file "/run/named/named.pid";
	session-keyfile "/run/named/session.key";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "nixquery.lan" IN {
  type master;
  file "nixquery.fwd";
  allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
  type master;
  file "nixquery.rev";
  allow-update { none; };
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

Code:

[root@srv ~]# cat /var/named/nixquery.fwd
$TTL 3d
$ORIGIN nixquery.lan.

nixquery.lan. IN SOA srv.nixquery.lan. root.nixquery.lan. ( 16082501 12h 15m 3w 3h )
nixquery.lan. IN NS srv.nixquery.lan.

rtr IN A 192.168.1.1
srv IN A 192.168.1.7
mob IN A 192.168.1.8
w10 IN A 192.168.1.100
c66 IN A 192.168.1.101
c72 IN A 192.168.1.102
u16 IN A 192.168.1.103

srv IN TXT "CentOS 7.2 Server Lab"
srv IN RP  root.nixquery.lan. nixquery.lan.

[root@srv ~]# cat /var/named/nixquery.rev
$TTL 3d
$ORIGIN 1.168.192.in-addr.arpa.

@ IN SOA srv.nixquery.lan. root.nixquery.lan. ( 16082501 12h 15m 3w 3h )

@ IN NS srv.nixquery.lan.
1 IN PTR rtr.nixquery.lan.
7 IN PTR srv.nixquery.lan.
8 IN PTR mob.nixquery.lan.
100 IN PTR w10.nixquery.lan.
101 IN PTR c66.nixquery.lan.
102 IN PTR c72.nixquery.lan.
103 In PTR u16.nixquery.lan.

[root@srv ~]# cat ~/.digrc
+search +noall +answer

Code:

[root@srv ~]# netstat -tulnp | grep ':53'
tcp        0      0 192.168.1.7:53          0.0.0.0:*               LISTEN      16560/named         
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      16560/named         
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      2329/dnsmasq        
tcp6       0      0 ::1:53                  :::*                    LISTEN      16560/named         
udp        0      0 192.168.122.1:53        0.0.0.0:*                           16560/named         
udp        0      0 192.168.1.7:53          0.0.0.0:*                           16560/named         
udp        0      0 127.0.0.1:53            0.0.0.0:*                           16560/named         
udp        0      0 192.168.122.1:53        0.0.0.0:*                           2329/dnsmasq        
udp6       0      0 ::1:53                  :::*                                16560/named         
udp6       0      0 :::5353                 :::*                                13167/chrome        

[root@srv ~]# dig c72
c72.nixquery.lan.	259200	IN	A	192.168.1.102

[root@srv ~]# dig w10
w10.nixquery.lan.	259200	IN	A	192.168.1.100

[root@srv ~]# dig rtr
rtr.nixquery.lan.	259200	IN	A	192.168.1.1

But if I dig srv, i.e., localhost, It wont resolve. It resolves if I give FQDN though.

Code:

[root@srv ~]# dig srv
.			516347	IN	NS	f.root-servers.net.
.			516347	IN	NS	i.root-servers.net.
.			516347	IN	NS	j.root-servers.net.
.			516347	IN	NS	l.root-servers.net.
.			516347	IN	NS	e.root-servers.net.
.			516347	IN	NS	k.root-servers.net.
.			516347	IN	NS	m.root-servers.net.
.			516347	IN	NS	b.root-servers.net.
.			516347	IN	NS	d.root-servers.net.
.			516347	IN	NS	h.root-servers.net.
.			516347	IN	NS	c.root-servers.net.
.			516347	IN	NS	g.root-servers.net.
.			516347	IN	NS	a.root-servers.net.

[root@srv ~]# dig srv.nixquery.lan
srv.nixquery.lan.	259200	IN	A	192.168.1.7

Thanks.

bathory · 08-28-2016, 01:25 PM

Quote:

But if I dig srv, i.e., localhost, It wont resolve. It resolves if I give FQDN though.

My guess is that this happens because srv happens to be the name of a RR (it's let's say a reserved word for bind).
So when you're digging without providing the FQDN, bind thinks you're asking for an SRV RR and it goes out to ask the root servers for it!!!
Change srv to srv1 (or whatever you like), increase the serial, reload the zone and see what happens

mangya · 08-28-2016, 02:28 PM

Quote:

Originally Posted by bathory

My guess is that this happens because srv happens to be the name of a RR (it's let's say a reserved word for bind).
So when you're digging without providing the FQDN, bind thinks you're asking for an SRV RR and it goes out to ask the root servers for it!!!
Change srv to srv1 (or whatever you like), increase the serial, reload the zone and see what happens

You are spot on. I changed srv to svr, and now it resolves. Cool.

Code:

# dig svr
svr.nixquery.lan.	259200	IN	A	192.168.1.7

Thanks.