No internet after installing DNS server and also can't able to dig

suresh.k · 04-23-2012, 08:27 AM

Hi,
I installed DNS server in my centos box. after installing DNS server there is no internet and iam not able to dig to my domain. It gives error like this
[root@suresh named]# dig suresh.tech.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> suresh.tech.com
;; global options: printcmd
;; connection timed out; no servers could be reached

#########
where the resolve.conf is like this
#vim /etc/resolv.conf
nameserver 192.168.10.7
##########
#vim /etc/hosts
192.168.10.7 suresh
##########
vim /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=suresh
###########
vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
HWADDR=00:19:21:f3:18:4a
NETMASK=255.255.255.0
IPADDR=192.168.10.7
GATEWAY=192.168.10.4
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
##########
AND
this is my procedure and config files on dns server.
#yum install dns* cachi*
#cp /etc/named.caching-name.server.conf /etc/named.conf
#vim /etc/named.conf

options {
listen-on port 53 { 192.168.10.0/24; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;

allow-query { localhost; 192.168.10.0/24};
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; 192.168.10.0/24; };
match-destinations { localhost; 192.168.10.0/24; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
########################

Then
#vim /etc/named.rfc1912.zones
zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "tech.com" IN {
type master;
file "forward.zone";
allow-update { none; };
};

zone "10.168.192.in-addr.arpa" IN {
type master;
file "reverse.zone";
allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};

zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
###############################
then
#cd /var/named
#cp localhost.zone forward.zone
#cp named.local reverse.zone
#chgrp named forward.zone
#chgrp named reverse.zone
#vim forward.zone
$TTL 86400
@ IN SOA tech.com. root.tech.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

IN NS tech.com.
tech.com IN A 192.168.10.7
################################
#vim reverse.zone
$TTL 86400
@ IN SOA tech.com root.tech.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS tech.com.
7 IN PTR tech.com.
#################################
please help to solve this issue, iam new to this dns server configuration so that's way i posted all my config files.

thanks
suresh

listerthrawn · 04-23-2012, 08:34 AM

Hi,

Code:

allow-query { localhost; 192.168.10.0/24};
allow-query-cache { localhost; };

Take a look at these 2 lines. When you're querying for things on the internet you're using the cache. Try changing the second line to be the same as the first one.

Secondly, you're digging for suresh.tech.com, but you have no A record for suresh.tech.com. Try dig tech.com and see if you get a response.

Chris

suresh.k · 04-24-2012, 02:40 AM

Quote:

Originally Posted by listerthrawn

Hi,

Code:

allow-query { localhost; 192.168.10.0/24};
allow-query-cache { localhost; };

Take a look at these 2 lines. When you're querying for things on the internet you're using the cache. Try changing the second line to be the same as the first one.

Secondly, you're digging for suresh.tech.com, but you have no A record for suresh.tech.com. Try dig tech.com and see if you get a response.

Chris

Hello chris,

I did what u suggested and i dig with tech.com, but still same problem no internet. and
#dig tech.com

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> tech.com
;; global options: printcmd
;; connection timed out; no servers could be reached

Is my all configuration for dns server is correct,

Suresh

listerthrawn · 04-24-2012, 03:08 AM

The config *looks* ok, but I'm not able to check all the brackets and semicolons are in the right place.

Try dig www.google.co.uk @8.8.8.8 (This proves you have internet connectivity to DNS
dig www.google.co.uk @192.168.10.7 (Makes sure dig is querying your DNS server)

Did you change the allow-query-cache line?

I think it is best if instead of you asking this question, say what it is you are trying to do with BIND here and people can help you to achieve your aims.

Chris

suresh.k · 04-24-2012, 04:05 AM

Quote:

Originally Posted by listerthrawn

The config *looks* ok, but I'm not able to check all the brackets and semicolons are in the right place.

Try dig www.google.co.uk @8.8.8.8 (This proves you have internet connectivity to DNS
dig www.google.co.uk @192.168.10.7 (Makes sure dig is querying your DNS server)

Did you change the allow-query-cache line?

I think it is best if instead of you asking this question, say what it is you are trying to do with BIND here and people can help you to achieve your aims.

Chris

[root@suresh named]# dig www.google.co.uk@8.8.8.8

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> www.google.co.uk@8.8.8.8
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@suresh named]# dig www.google.co.uk@192.168.10.7

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> www.google.co.uk@192.168.10.7
;; global options: printcmd
;; connection timed out; no servers could be reached

I changed allow-query-cache line.

Actually iam new to linux so that iam practising to configure DNS Server in centos.

listerthrawn · 04-24-2012, 04:13 AM

You need to leave a space between the www.google.co.uk and the @ sign so it reads

Code:

dig www.google.co.uk @8.8.8.8
dig www.google.co.uk @192.168.10.7

suresh.k · 04-24-2012, 04:16 AM

Quote:

Originally Posted by listerthrawn

You need to leave a space between the www.google.co.uk and the @ sign so it reads

Code:

dig www.google.co.uk @8.8.8.8
dig www.google.co.uk @192.168.10.7

[root@suresh ~]# dig www.google.co.uk @8.8.8.8

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> www.google.co.uk @8.8.8.8
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38049
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.co.uk. IN A

;; ANSWER SECTION:
www.google.co.uk. 86173 IN CNAME www-cctld.l.google.com.
www-cctld.l.google.com. 73 IN A 74.125.236.87
www-cctld.l.google.com. 73 IN A 74.125.236.95
www-cctld.l.google.com. 73 IN A 74.125.236.88

;; Query time: 56 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Apr 24 14:42:21 2012
;; MSG SIZE rcvd: 118

[root@suresh ~]# dig www.google.co.uk @192.168.10.7

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> www.google.co.uk @192.168.10.7
;; global options: printcmd
;; connection timed out; no servers could be reached

suresh.k · 04-24-2012, 04:28 AM

Quote:

Originally Posted by suresh.k

[root@suresh ~]# dig www.google.co.uk @8.8.8.8

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> www.google.co.uk @8.8.8.8
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38049
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.co.uk. IN A

;; ANSWER SECTION:
www.google.co.uk. 86173 IN CNAME www-cctld.l.google.com.
www-cctld.l.google.com. 73 IN A 74.125.236.87
www-cctld.l.google.com. 73 IN A 74.125.236.95
www-cctld.l.google.com. 73 IN A 74.125.236.88

;; Query time: 56 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Apr 24 14:42:21 2012
;; MSG SIZE rcvd: 118

[root@suresh ~]# dig www.google.co.uk @192.168.10.7

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5 <<>> www.google.co.uk @192.168.10.7
;; global options: printcmd
;; connection timed out; no servers could be reached

Chris

Some times internet is coming and going at present internet is there in my system,
but i am not able to get answer from dig command.

listerthrawn · 04-24-2012, 04:37 AM

Can you post the output of the below please? Run as root.

Code:

netstat -antlp

suresh.k · 04-24-2012, 04:44 AM

Quote:

Originally Posted by listerthrawn

Can you post the output of the below please? Run as root.

Code:

netstat -antlp

[root@suresh ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 2286/hpiod
tcp 0 0 0.0.0.0:992 0.0.0.0:* LISTEN 2082/rpc.statd
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2471/mysqld
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2558/smbd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2047/portmap
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 24976/named
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 2339/vsftpd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2313/cupsd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 24976/named
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN 2558/smbd
tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 2291/python
tcp 0 0 127.0.0.1:46227 127.0.0.1:953 TIME_WAIT -
tcp 0 0 192.168.10.7:47064 209.85.175.147:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:45974 173.241.250.2:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:45981 173.241.250.2:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:47128 75.126.162.205:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:42611 74.125.236.65:443 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:41268 74.125.236.67:443 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:48040 74.125.236.79:443 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:51958 209.85.175.99:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:40075 74.125.236.73:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:34790 74.125.236.89:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:34791 74.125.236.89:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:34792 74.125.236.89:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:55092 209.85.175.103:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:60065 74.125.236.67:80 ESTABLISHED 3156/firefox
tcp 0 0 192.168.10.7:59033 74.125.236.88:80 TIME_WAIT -
tcp 0 0 192.168.10.7:59034 74.125.236.88:80 TIME_WAIT -
tcp 0 0 192.168.10.7:59035 74.125.236.88:80 TIME_WAIT -
tcp 0 0 192.168.10.7:59036 74.125.236.88:80 TIME_WAIT -
tcp 0 0 192.168.10.7:40943 209.85.175.104:80 ESTABLISHED 3156/firefox
tcp 0 0 :::8001 :::* LISTEN 2511/httpd
tcp 0 0 :::8002 :::* LISTEN 2511/httpd
tcp 0 0 :::80 :::* LISTEN 2511/httpd
tcp 0 0 ::1:53 :::* LISTEN 24976/named
tcp 0 0 :::22 :::* LISTEN 2304/sshd
tcp 0 0 ::1:953 :::* LISTEN 24976/named
tcp 0 0 :::443 :::* LISTEN 2511/httpd
[root@suresh ~]#

listerthrawn · 04-24-2012, 04:48 AM

Have you restarted BIND since changing the configuration files?

I believe this should do it in Centos

Code:

service named restart

If you do this and retry your tests

suresh.k · 04-24-2012, 04:57 AM

Quote:

Originally Posted by listerthrawn

Have you restarted BIND since changing the configuration files?

I believe this should do it in Centos

Code:

service named restart

If you do this and retry your tests

yes i restarted bind after configuring and after ur suggestions also