LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   How to configure bind server (https://www.linuxquestions.org/questions/linux-server-73/how-to-configure-bind-server-635571/)

diegom31 04-15-2008 03:19 PM
How to configure bind server
 
Hey,

first I'm very sorry for my bad english.

I just install my new bind server at home for testing and learning.
nslookup on the server linux machine looks good but when I tried nslookup from windows machine I got error ... I think that problem is PTR and I don't know where I wrong?

Linux Machine:

Code:
nslookup mydomain.loc
Server:        192.168.10.31
Address:        192.168.10.31#53

Name:  mydomain.loc
Address: 192.168.10.31
Windows XP:
Code:
C:\Documents and Settings\xp>nslookup mydomain.loc
*** Can't find server name for address 192.168.10.31: No response from server
*** Default servers are not available
Server:  UnKnown
Address:  192.168.10.31

*** UnKnown can't find mydomain.loc: No response from server

My configuration files

named.conf :

Code:
// Red Hat BIND Configuration Tool
//
// Default initial "Caching Only" name server configuration
//

acl my_lan { 192.168.10.0/24; 127.0/8; };
options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        forwarders { dc1; dc2; };
        allow-query { my_lan; };
        /*
        * If there is a firewall between you and nameservers you want
        * to talk to, you might need to uncomment the query-source
        * directive below.  Previous versions of BIND always asked
        * questions using port 53, but BIND 8.1 uses an unprivileged
        * port by default.
        */
        // query-source address * port 53;
};

zone "." IN {
        type hint;
        file "named.root";
};

zone "localdomain." IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost." IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa." IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa." IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa." IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa." IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

# Forward Zone for mydomain.loc domain
zone "mydomain.loc" IN {
        type master;
        file "mydomain.loc.zone";
};

# Reverse Zone for mydomain.loc domain
zone "10.168.192.in-addr.arpa" IN {
        type master;
        file "10.168.192.in-addr.arpa";
};

include "/etc/rndc.key";
mydomain.loc.zone

Code:
$TTL 86400

@      IN      SOA  linux.mydomain.loc. root.localhost. (
                42      ; serial
                3H      ; refresh slaves
                15M      ; retry
                1W      ; expire
                1D )    ; Negative TTL


                        IN      NS      linux.mydomain.loc.
linux.mydomain.loc.    IN      A      192.168.10.31    ; RHEL server
;my.firewall.            IN      A      192.168.10.1      ; router
@                      IN      A      192.168.10.31    ; Allow nslookup mydomain.loc
Code:
$TTL 86400

@        IN      SOA  linux.mydomain.loc. root.localhost. (
                43      ; serial
                3H      ; refresh slaves
                15M      ; retry
                1W      ; expire
                1D )    ; Negative TTL

        IN    NS      linux.mydomain.loc.loc.
1        IN    PTR    linux.mydomain.loc.
Also I want to configure bind as master server, caching and forwarding server.
I installed caching-nameserver do I need to configure named.caching-nameserver.conf file ?

The default file for named.caching-nameserver.conf :
Code:
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory      "/var/named";
        dump-file      "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query    { localhost; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};
Thanks all

twantrd 04-15-2008 07:10 PM
Quick question,

Is your linux firewall enabling blocking DNS requests?

-twantrd

diegom31 04-16-2008 12:19 AM
Quote:
Originally Posted by twantrd (Post 3122452)
Quick question,

Is your linux firewall enabling blocking DNS requests?

-twantrd
Hey Thx for replay

The answer is no ..you can see for your self ( :
Code:
ACCEPT    udp  --  anywhere            anywhere            state NEW udp dpt:domain
Also disable the iptables not help ...
Thx

eaglek96 04-16-2008 09:03 PM
I'm wondering, what does the output of netstat -atun show? Is it showing the named daemon listening on port 53, or just on localhost? Sometimes named will only bind to the 127.0.0.1 address unless told to bind on another IP.

Also, I'm curious:

From the windows machine, instead of looking up the way you do, try doing:

c:\> nslookup
> server 192.168.10.31

>mydomain.loc

billymayday 04-16-2008 09:48 PM
Also try telnetting from Windows

>telnet 192.168.10.31 53

diegom31 04-17-2008 12:41 AM
Hey ,

Code:
netstat -atun
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address              Foreign Address            State
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                  LISTEN
tcp        0      0 0.0.0.0:111                0.0.0.0:*                  LISTEN
tcp        0      0 0.0.0.0:946                0.0.0.0:*                  LISTEN
tcp        0      0 192.168.10.31:53            0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:53                0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:631              0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:953              0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:6010              0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:6011              0.0.0.0:*                  LISTEN
tcp        0      0 127.0.0.1:2207              0.0.0.0:*                  LISTEN
tcp        1      0 192.168.10.31:42389        137.226.33.58:80            CLOSE_WAIT
tcp        1      0 192.168.10.31:42881        134.109.132.16:80          CLOSE_WAIT
tcp        1      0 192.168.10.31:49873        129.143.116.10:80          CLOSE_WAIT
tcp        1      0 192.168.10.31:59170        204.15.73.243:80            CLOSE_WAIT
tcp        1      0 192.168.10.31:59168        204.15.73.243:80            CLOSE_WAIT
tcp        1      0 192.168.10.31:59174        204.15.73.243:80            CLOSE_WAIT
tcp        1      0 192.168.10.31:59172        204.15.73.243:80            CLOSE_WAIT
tcp        0      0 :::22                      :::*                        LISTEN
tcp        0      0 ::1:953                    :::*                        LISTEN
tcp        0      0 ::1:6010                    :::*                        LISTEN
tcp        0      0 ::1:6011                    :::*                        LISTEN
tcp        0    132 ::ffff:192.168.10.31:22    ::ffff:192.168.10.2:8725    ESTABLISHED
tcp        0      0 ::ffff:192.168.10.31:22    ::ffff:192.168.10.2:8493    ESTABLISHED
udp        0      0 0.0.0.0:32768              0.0.0.0:*
udp        0      0 0.0.0.0:940                0.0.0.0:*
udp        0      0 0.0.0.0:943                0.0.0.0:*
udp        0      0 192.168.10.31:53            0.0.0.0:*
udp        0      0 127.0.0.1:53                0.0.0.0:*
udp        0      0 0.0.0.0:32839              0.0.0.0:*
udp        0      0 0.0.0.0:5353                0.0.0.0:*
udp        0      0 0.0.0.0:111                0.0.0.0:*
udp        0      0 0.0.0.0:631                0.0.0.0:*
udp        0      0 192.168.10.31:123          0.0.0.0:*
udp        0      0 127.0.0.1:123              0.0.0.0:*
udp        0      0 0.0.0.0:123                0.0.0.0:*
udp        0      0 :::32769                    :::*
udp        0      0 :::32840                    :::*
udp        0      0 :::5353                    :::*
udp        0      0 fe80::202:b3ff:fe31:123    :::*
udp        0      0 ::1:123                    :::*
udp        0      0 :::123                      :::*
I try telnet and its work ...but now the error change ( :

Code:
C:\Documents and Settings\xp>nslookup
*** Can't find server name for address 192.168.10.31: Query refused
*** Default servers are not available
Default Server:  UnKnown
Address:  192.168.10.31

> set type=any
> mydomain.loc
Server:  UnKnown
Address:  192.168.10.31

*** UnKnown can't find mydomain.loc: Query refused
Thx all

billymayday 04-17-2008 12:47 AM
My head hurts, but please tell me where the entry for mydomain.loc is? Try a lookup on linux.mydomain.loc, I can see that one has an entry in the zone file.

sunn8085 04-08-2011 02:12 AM
Dns query refused
 
hi,

My DNS in server is respoding well but if i look in windows client it is giving error same as the above post .Please help me out .

Thx

Noway2 04-08-2011 04:19 AM
Welcome to Linux Questions.

I am glad that the LQ search engine was helpful to you in addressing your problem. While it may seem like a good idea to help provide background information, it would be best if you would please start a new thread instead of appending to one that is several years old. This allows us to better focus on helping you without being distracted by other, older, information. If you would like to point to the information in older posts, please include a link referencing them.

I would like to suggest that you use the report button on your post and ask a moderator to please move it to its own thread.


All times are GMT -5. The time now is 08:56 PM.