LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-21-2008, 10:00 AM   #1
slvjerome
LQ Newbie
 
Registered: May 2008
Posts: 3

Rep: Reputation: 0
private DNS confusion


Hello,

The external DNS server for our domain "example.com" is provided by our ISP. We have mail, www, ftp machines hosted by another hosting company.

Now we have a machine on our LAN that is available on the internet (hostname is "members.example.com"). We have the external DNS setup correctly for "members.example.com" at our ISP.

However for internal users to get to "members.example.com" we now are running a private internal DNS server. It is on CentOS 5.1 (it is actually the same box as "members.example.com").

How do I configure the internal DNS server to:
1. resolve "members.example.com" to it's LAN address.
2. forward ALL other "example.com" requests to our ISP's DNS server.
3. forward ALL other DNS requests to our ISP's DNS server.

So the internal DNS server's sole purpose is to handle name requests for "members.example.com" and forward all other requests to the ISP nameserver.

Any ideas on how to configure this using BIND 9?
 
Old 05-21-2008, 07:53 PM   #2
dkm999
Member
 
Registered: Nov 2006
Location: Seattle, WA
Distribution: Fedora
Posts: 407

Rep: Reputation: 35
I believe that if you have a cacheing nameserver already set up on your CentOS machine, all you need to do is to make it authoritative for the subdomain members.example.com, by providing a zone file to it which contains a SOA record for that subdomain (and an A record to specify the address).

For extra credit, you might be able to add your ISP's nameserver to the hints file that all cacheing nameservers load, so that they have a clue about how to begin resolving a name.
 
Old 05-21-2008, 10:04 PM   #3
robrecc
Member
 
Registered: Feb 2002
Posts: 50

Rep: Reputation: 15
in your named.conf something like this would help


options {
directory "/var/named";
allow-query { example-domain.com; };
forwarders { xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; };
zone-statistics yes;
};

Put your ISP DNS servers in the forwarders section
 
Old 05-22-2008, 08:42 AM   #4
slvjerome
LQ Newbie
 
Registered: May 2008
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks guys. It works now. That is actually the first setup I tried and it didn't work. Queries for "members.example.com" would time out. Queries for "www.example.com" and the others would work fine.

So I went with a setup for a zone file of "example.com" but then I had to duplicate the information for the other "example.com" hosts (www, ftp, mail). And that worked but I didn't like it because of the duplication.

After reading your posts I tried doing the setup for a zone of "members.example.com" again to avoid the duplication problem. It works now! I'm not sure why it didn't work the first time, but I think it may be because I had this line in the configuration that didn't work:

IN A 192.168.0.7

I excluded that line this time and it worked. So my final zone file looks like this:

$TTL 3h
@ IN SOA members.example.com. myemail.example.com. (
200805204 ; serial
2H ; refresh slaves
5M ; retry
1W ; expire
1M ; Negative TTL
)

@ IN NS members.example.com.

members.example.com. IN A 192.168.0.7

And my final named.conf looks like this:

zone "members.example.com" IN {
type master;
zone-statistics no;
file "example.com.zone";
};
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
allow-query { acl_all; };
forwarders { xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx; };
};
logging {
channel default_debug {
file "/var/named/data/named.run";
severity dynamic;
print-time yes;
print-severity yes;
print-category yes;
};
};

Thanks for the help!
Jerome
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS not resolving private ip tsaravan Linux - Networking 1 10-04-2007 02:13 PM
DNS/BIND and file confusion ACDII Linux - General 2 07-27-2007 07:38 AM
dns confusion cope Linux - Server 7 04-18-2007 11:08 AM
Mysterious DNS Lookups on private host neiljt Linux - Security 3 08-31-2004 07:31 PM
Newbie DNS confusion thomas.nichols Linux - Networking 3 07-19-2001 09:04 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 07:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration