Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to setup a DNS server; where any names that can't be resolved would be forwarded to another server. In my local server, in the named.conf file, under options; I added the forwarders address as follows:
forwarders {
1.1.1.1;
};
The 1.1.1.1 above should have resolution for any outside addresses like yahoo.com and google.com ...etc
However, when I tried to ping yahoo.com from one of my internal machines, I couldn't get to yahoo.com.
I am trying to setup a DNS server; where any names that can't be resolved would be forwarded to another server. In my local server, in the named.conf file, under options; I added the forwarders address as follows:
forwarders {
1.1.1.1;
};
The 1.1.1.1 above should have resolution for any outside addresses like yahoo.com and google.com ...etc
However, when I tried to ping yahoo.com from one of my internal machines, I couldn't get to yahoo.com.
What am I doing wrong? Please help.
give me output of following commands :
i suppose your dns server ip addr is 10.10.10.11/24
at ur DNS server
#dig @4.2.2.4 google.com
at one of your lan computer except dns server :
#ping 10.10.10.11
#dog @10.10.10.11 google.com
You should give more details about those A and B servers.
I guess that 2.2.2.2 is (a local dns) authoritative for your domain and 1.1.1.1 is a forwarder (your ISP dns or a caching dns).
If that's the case you can add the hint zone (aka ".") in 2.2.2.2 and remove the forward stuff. E.g in named.conf use:
Code:
zone "." {
type hint;
file "root.cache";
};
zone "mydomain.com" {
type master;
file "mydomain.db";
};
You can also have a look here, for the various types of name servers to see how you can combine them for your case.
Regards
Last edited by bathory; 10-30-2010 at 01:35 PM.
Reason: missining link
Bathory; You understood correctly. The 1.1.1.1 forwards all the ISP requests, and 2.2.2.2 is my local dns, which forwards all ISP requests to 1.1.1.1.
If I remove the forward declaration in 2.2.2.2, how does it know to forward my ISP requests to 1.1.1.1? This is all new to me, so please help me understand a little more.
Here is my named.conf file.
================
//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
That is what the hint zone does. It has a list of root servers, that your server can ask to resolve domain it's not authoritative for.
Did you try to resolve external domains using your dns as the resolver?
No, all I did was change my resolv.conf in the host to directly point to my external server (server B), and I was able to reach external domains, such as yahoo and google.
for example:
nameserver 1.1.1.1
What I really want to do change resolv.conf in my host to point to 2.2.2.2 (server A), and have it forward my request to 1.1.1.1 (server B)
for example:
nameserver 2.2.2.2
Then in my named.conf file on server A, I want to add a directive, such that any requests it can't resolve, it sends it to 1.1.1.1 (my external server)
I hope this helps to clarify what I am trying to do?
Use 2.2.2.2 in client's /etc/resolv.conf and use the /etc/named.conf from post #7 for the nameserver configuration.
This way the nameserver can resolve your domain and ask the upsteram nameservers for the external domains it can't resolve using the hint zone.
If you, for some reason, cannot use the hint zone and need to use only 1.1.1.1 then you have to add a null forwarders for your zone(s). E.g.
Code:
zone "my-web.com" {
type master;
notify no;
allow-query { any; 127.0.0.1; };
file "my-web.com";
forwarders {};
};
Some other things you need to change:
I don't think you need the allow-query options.
Also you should remove the "recursion yes" from the global options and use:
Code:
allow-recursion {
127.0.0.1;
192.168.1.0/24;
};
The reverse zone name is wrong. It should be zone "1.168.192.in-addr.arpa"
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.