forwarding DNS query to another DNS server

pedenski · 05-14-2013, 11:36 PM

How to effectively forward DNS query to another DNS server in BIND?

can you look onto this config that i have? as ive been having errors on my /var/log/message

/etc/named.conf

Code:

options {
        directory "/var/named"; // path of the zone files
        forwarders {10.124.1.23;8.8.8.8;}; // DNS forwarders
        listen-on {127.0.0.1; 192.168.8.10; 10.167.95.24;};
        allow-query {127.0.0.1; 192.168.8.0/24; 10.0.0.0/8;};
};

zone "test.com" IN {
        type forward;
        forwarders{10.124.1.23;};
};

What i wanted to achieve is to direct all my query to another corporate DNS when resolving test.com

/var/log/messages

Code:

ns named[30915]: error (host unreachable) resolving 'test.com/A/IN': 10.124.1.23#53

chrism01 · 05-14-2013, 11:42 PM

It says 'host unreachable' for that ip 10.124.1.23. Its also unusual to have only a 2 level FQDN (Fully Qualified Domain Name). Normally you'd see machine.subdomain.domain.
You need to check the zone file content for the record indicated.
Eg http://www.linuxtopia.org/online_boo...-zone-examples

RobertEachus · 05-15-2013, 01:46 AM

Unreachable is unreachable try running from the DNS server;
dig test.com @10.124.1.23 -b 192.168.8.10
dig test.com @10.124.1.23 -b 10.167.95.24

You may need to set "query-source" in named.conf

pedenski · 05-15-2013, 04:30 AM

Quote:

It says 'host unreachable' for that ip 10.124.1.23. Its also unusual to have only a 2 level FQDN (Fully Qualified Domain Name). Normally you'd see machine.subdomain.domain.
You need to check the zone file content for the record indicated.
Eg http://www.linuxtopia.org/online_boo...-zone-examples

i know the FQDN, its actually like test.smart.local

which is actually defined in my named.conf

Code:

zone "test.smart.local" IN {
      type forward;
      forwarders {x.x.x.x;};
};

im really not sure if theres anything lacking. i can access the site (test.smart.local) by using its IP, but not its domain name

Quote:

Originally Posted by RobertEachus

Unreachable is unreachable try running from the DNS server;
dig test.com @10.124.1.23 -b 192.168.8.10
dig test.com @10.124.1.23 -b 10.167.95.24

You may need to set "query-source" in named.conf

im not sure if im getting you right,i tried adding "query-source" on my zone but im getting "unknown option query-source" when i restart

i can ping the DNS 10.124.1.23 but i cannot resolve any domains from it.
forwarders is already set.

do i have to create specific zone file for this? i have only defined the zone in the named.conf

chrism01 · 05-15-2013, 07:47 AM

Of course you have to define a zone file; see my previous link.
Note that in named.conf, you only name the domain or subdomain.domain; the zone file contains the machine recs for that domain.

pedenski · 05-16-2013, 12:53 AM

hi, im still struggling to make this work..

i changed the config based on the knowledge that i got from your link

my /etc/named.con

Code:

zone "test" IN {
        type master;
        file "test-fz";
        allow-update{none;};
};

my forward zone file

Code:

@       IN NS   test.corp.local. //this is the corp internal DNS
@       IN A    10.124.6.125
www     IN A    10.124.6.125

#nslookup test

Code:

Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	test
Address: 10.124.6.125

Address: 10.124.6.125 is the correct address.

i run a wireshark and when i try to resolve the `test` domain on my browser i get a reply `no such name`

jackstevens · 05-16-2013, 08:56 AM

Quote:

Originally Posted by pedenski

hi, im still struggling to make this work..

i changed the config based on the knowledge that i got from your link

Address: 10.124.6.125 is the correct address.

i run a wireshark and when i try to resolve the `test` domain on my browser i get a reply `no such name`

You may be looking in the wrong place. What do you have in your /etc/resolv.conf file?

That file will append a domain name to your lookup of "test"

Format is like this, and my instance of CentOS has a man entry for resolv.conf.

Code:

[jstevens@gig etc]$ cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain public.net jackstevens.net
nameserver 127.0.0.1
nameserver 205.171.3.65