Problems with the DNS server

stevefs123 · 04-24-2009, 12:01 PM

I'm new to setting up a server and just set up a DNS server on my test network of VM machines. I have 3 machines running, and the DNS server is talking with all of them and they are all able to ping and do dig's on the other hosts by putting in the host names. I am using the DNS server as the DNS server on all three to get out and browse the Internet also, I am able to browse the Internet while on the DNS server, but I'm not able to browse using the other hosts. Does anyone have any ideas?

Thanks,

Steve

kentyler · 04-24-2009, 12:23 PM

It sounds like the dns server is not allowing the other servers to make queries.

What is the output of the logfile on the dns server? You could post the config for the dns server and that may help get you an answer.

I'm guessing the /etc/resolv.conf has the nameserver you setup as the 1st nameserver entry on each of the servers.

stevefs123 · 04-24-2009, 12:45 PM

Thanks, sorry about that...here are the configuration files

options
{
listen-on port 53 { 127.0.0.1; 192.168.0.160; };
directory "/var/named/";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
allow-query { localhost; 192.168.0.0/24; };
};

zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};

zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};

zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};

zone "example.org" IN {
type master;
file "example.org.zone";
allow-update { none; };
};

zone "0.168.192.in-addr.arpa" IN {
type master;
file "example.org.rr.zone";
allow-update { none; };
};

include "/etc/rndc.key";
------------example.org.zone---------------------------

$TTL 86400
@ IN SOA Enterprise5vm.example.org. root.Enterprise5vm.example.org. (
2003060919 ; serial (d. adams)
21600 ; refresh
3600 ; retry
604800 ; expiry
86400 ) ; minimum

IN NS Enterprise5vm
VM2 IN A 192.168.0.101
VM1 IN A 192.168.0.163
Enterprise5vm IN A 192.168.0.160
www1 IN CNAME Enterprise5vm
---------------------------example.org.rr.zone
$TTL 86400
@ IN SOA Enterprise5vm.example.org. root.Enterprise5vm.example.org. (
42 ; serial (d. adams)
3D ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

IN NS enterprise5vm.example.org.
101 IN PTR VM2.example.org.
160 IN PTR enterprise5vm.example.org.
163 IN PTR VM1.example.org.

----------------------------------------------------

it seems like the only information that the server isn't sharing with the hosts is the addresses returned that the server gets back when querying servers from the named.ca file I'm going to run wireshark and see if I can get any troubleshooting info from that...I'll post if I find anything

stevefs123 · 04-24-2009, 01:00 PM

When I started using Wireshark on the DNS servers interface, I could tell that it was sending out the requests for addresses, some were returned and some weren't, the ones that were I was able to bring up on my hosts. Maybe its got something to do with the fact that the DNS server is a VM machine. Thanks

Steve

kentyler · 04-27-2009, 01:38 PM

Ahh well then you need to add the following to your options:

recursion yes;

You may want to limit it to hosts within your network by adding this also in options:

allow-recursion {192.168.0.0/24;};