DEAR All,

i configured bind 9 on centos 6.3 and restart the named service its successfully restarted .than i enter the dig command to check its working .is successfully resolve the cnn.com the output is here
<<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56796
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 2

;; QUESTION SECTION:
;cnn.com. IN A

;; ANSWER SECTION:
cnn.com. 300 IN A 157.166.226.25
cnn.com. 300 IN A 157.166.226.26

;; AUTHORITY SECTION:
cnn.com. 170300 IN NS ns2.p42.dynect.net.
cnn.com. 170300 IN NS ns1.p42.dynect.net.
cnn.com. 170300 IN NS ns3.timewarner.net.
cnn.com. 170300 IN NS ns1.timewarner.net.

;; ADDITIONAL SECTION:
ns1.timewarner.net. 170301 IN A 204.74.108.238
ns3.timewarner.net. 170301 IN A 199.7.68.238

;; Query time: 5948 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Sep 9 16:25:24 2013
;; MSG SIZE rcvd: 186
when i give this dns to the window machine and go to the cmd and try to resolve cnn.com but here it can not resolve please help me in this regard thanks in advance .the out put of window cmd command is here

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.x.x.x ( dns server ip)

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Make sure there is no firewall on your server blocking port 53 udp/tcp

Thanks for reply my firewall is in off state and not blocking port 53

So check if named is listening on its public interface (192.x.x.x)

Thanks for reply once again i use only one private ip on bind server . i need public ip on it or not .

By public IP I mean the 192.x.x.x that is used by your LAN. Check if named is listening on that IP, as you said it's not a firewall issue

the out put of command netstat -tunalp|grep named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 13487/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 13487/named
tcp 0 0 ::1:53 :::* LISTEN 13487/named
tcp 0 0 ::1:953 :::* LISTEN 13487/named
udp 0 0 0.0.0.0:49554 0.0.0.0:* 13487/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 13487/named
udp 0 0 ::1:53 :::* 13487/named
for your info plz its show its listing on ip

From the above it's obvious that bind is listening only on the local loopback interface
Open named.conf and comment out the "Listen-on..." directive and restart the service

after comment out the listen on the output of netstat -tunalp| grep named command is as under
tcp 0 0 10.3.20.225:53 0.0.0.0:* LISTEN 15914/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 15914/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 15914/named
tcp 0 0 ::1:53 :::* LISTEN 15914/named
tcp 0 0 ::1:953 :::* LISTEN 15914/named
udp 0 0 10.3.20.225:53 0.0.0.0:* 15914/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 15914/named
udp 0 0 ::1:53 :::* 15914/named
but it still not resolving on window machine

Your server listens on 10.3.20.225 and not on 192.x.x.x, so it's normal that the windows cannot contact it. Use that IP in the windows networking settings and it should work.

Actually we used 20 subnet for server and our cliets where window pc's lies use 50 subnet and natting already be done there is no 192 subnet there i just post for your info the out put of window machine is
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 10.3.20.225

DNS request timed out.
timeout was 2 seconds.

Apparently the windows client cannot connect to the dns server. If there is no firewall in between (as you said), then routing from 50 to 20 subnet is not correct.
Check if you can access this or other servers on the 20 subnet, using ping, traceroute or telnet to known open ports

I check on server which on same network means on 20 network and our dns server also on 20 network . i stop the iptables also on dns server .and dig command output is below
dig cnn.com

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6 <<>> cnn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 11384
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;cnn.com. IN A

;; Query time: 0 msec
;; SERVER: 10.3.20.225#53(10.3.20.225)
;; WHEN: Tue Sep 10 14:09:33 2013
;; MSG SIZE rcvd: 25
this is also centos server .i enter dns in reslove.conf file of this server

You get recursion refused.
Specif the subnets that can use your dns like follows:

1 members found this post helpful.

Thanks a lot its working now . and Thanks once again for your precious time . can you give your email address .if i face any problem i contact you directly on your email address.


Bundle of Thanks