Some help with bind

kbnuts · 08-10-2014, 06:47 AM

Hi guys... I've got bind running on a secondary internal network for the domain "demon.local" on a debian box. Works great.
However on my ubuntu laptop which also has bind running I'm trying to set it so any queries for demon.local go to this server.
If I do a dig from my laptop it works.

Code:

root@happytop:/etc/bind# dig @192.168.122.71 gitserver.demon.local

; <<>> DiG 9.9.5-3-Ubuntu <<>> @192.168.122.71 gitserver.demon.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30097
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;gitserver.demon.local.		IN	A

;; ANSWER SECTION:
gitserver.demon.local.	10800	IN	A	192.168.122.72

;; AUTHORITY SECTION:
demon.local.		10800	IN	NS	ns1.demon.local.

;; ADDITIONAL SECTION:
ns1.demon.local.	10800	IN	A	192.168.122.71

;; Query time: 1 msec
;; SERVER: 192.168.122.71#53(192.168.122.71)
;; WHEN: Sun Aug 10 12:41:04 BST 2014
;; MSG SIZE  rcvd: 100

I've put the following in /etc/bind/named.conf.local

Code:

zone "demon.local." { type forward; forward only; forwarders { 192.168.122.71; }; };

and my named.conf.options (with comments removed) looks like so..

Code:

options {
	directory "/var/cache/bind";



 forwarders {
 	192.168.76.249;
 };

	dnssec-validation auto;

	auth-nxdomain no;    # conform to RFC1035
	listen-on-v6 { any; };
	listen-on { any; };
};

So basically my router is 192.168.76.249 so that's where it'll get the main DNS from for the caching side but any demon.local queries I want to go off to 192.168.122.71.
Here's what happens when I do a dig on my config on my laptop:

Code:

root@happytop:/etc/bind# dig @127.0.0.1 gitserver.demon.local

; <<>> DiG 9.9.5-3-Ubuntu <<>> @127.0.0.1 gitserver.demon.local
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 31032
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;gitserver.demon.local.		IN	A

;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Aug 10 12:46:22 BST 2014
;; MSG SIZE  rcvd: 50

ie: nowt.

What have I missed out / done wrong?

zer0python · 08-10-2014, 07:40 PM

Hmm? Out of curiosity why are you running bind on your laptop? is there a reason you couldn't have just used /etc/resolv.conf and /etc/hosts to do whatever it is you were trying to do? (for your laptop that is.)

I'm no bind expert (I usually use dnsmasq/tinydns); However, your forwarding configuration appears to be correct.

Perhaps a log on what bind is doing when it receives the request might provide some assistance. The other question is, do you have demon.local configured as a domain within bind on your laptop somewhere? (That is, did you configure it at some point, then decide nvm, and just leave the stuff in there. I'm not sure, but that could cause an issue within in the bind configuration system and confuse it on what it's suppose to do. It may also just yell at you if it detects this, not sure.)

What happens if you just do `ping myhost.demon.local`? Does it work properly? What is your /etc/resolv.conf look like?

I know this doesn't really solve your problem, but hopefully it gets you one step closer.

kbnuts · 08-11-2014, 08:34 AM

In all honesty I absolutely could use resolv.conf and have a second dns server in there, but in all honesty the reason I'm using bind is to learn bind better.

demon.local isn't configured on this box but I'm not on it right now so I need to have a look.