LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-13-2015, 04:38 AM   #1
clpu
LQ Newbie
 
Registered: Mar 2015
Posts: 3

Rep: Reputation: Disabled
Bind9 is not fordwarding


Hi, I've been trying to configure the bind9 service as a forwarder and it's not working as intended.

The file /etc/bind/named.conf.options is configured as follows:

Code:
options {
directory "/var/cache/bind";
forwarders {
8.8.8.8;
};
dnssec-validations auto;
auth-nxdomanin no;
listen-on-v6 { any; };
};
And this is what I get with nslookup:
Code:
Server: 192.168.1.45
Address: 192.168.1.45#53

** server can't find www.google.com: SERVFAIL
Do you know why is it throwing this error?

Last edited by clpu; 03-13-2015 at 04:42 AM.
 
Old 03-14-2015, 03:39 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,175
Blog Entries: 1

Rep: Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042
Hi,

You have a couple of typos in your config file. It's
Code:
dnssec-validation auto;
auth-nxdomain no;
So correct them, restart named and see if it's working

Regards
 
Old 03-16-2015, 03:39 AM   #3
clpu
LQ Newbie
 
Registered: Mar 2015
Posts: 3

Original Poster
Rep: Reputation: Disabled
Those typos are not in the file, so that can't be it.
 
Old 03-16-2015, 04:47 AM   #4
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,278

Rep: Reputation: 148Reputation: 148
Can you post the whole configuration here?
 
Old 03-16-2015, 05:18 AM   #5
clpu
LQ Newbie
 
Registered: Mar 2015
Posts: 3

Original Poster
Rep: Reputation: Disabled
named.conf.options
Quote:
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

forwarders {
8.8.8.8;208.67.222.222
};

//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
named.conf.local
Quote:
//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

zone "seas-linux.es" {
type master;
file "db.seas-linux.es";
};

zone "1.168.192.in-addr.arpa" {
type master;
file "db.192.168.1";
};
db.seas-linux.es
Quote:
$ORIGIN seas-linux.es.
$TTL 86400 ; 1 dia
@ IN SOA seas-linux.es. root.seas-linux.es.(
1 ; serie
6H ; refresco (6 horas)
1H ; reintentos (1 hora)
2W ; expira (2 semanas)
3H ; minimo (3 horas)
)
NS ns.seas-linux.es.
servidor1 A 192.168.0.250
servidor2 A 192.168.0.251
www CNAME servidor1
mail A 192.168.0.252
MX 10 mail.seas-linux.es.
ns A 127.0.0.1
db.192.168.1
Quote:
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA seas-linux.es. root.seas-linux.es. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS seas.seas-linux.es.
4 IN PTR seas.seas-linux.es.
seas IN A 127.0.0.1
;@ IN AAAA ::1
 
Old 03-17-2015, 07:44 AM   #6
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 13,175
Blog Entries: 1

Rep: Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042Reputation: 2042
Quote:
Server: 192.168.1.45
Address: 192.168.1.45#53

** server can't find www.google.com: SERVFAIL
Is 192.168.1.45 the IP of the name server you're trying to setup? Because the IPs in your zone file are from a different network (192.168.0.x)


Quote:
NS ns.seas-linux.es.
You don't have an A record for ns.seas-linux.es


Quote:
forwarders {
8.8.8.8;208.67.222.222
};
Another typo? You miss the trailing ";" after 208.67.222.222


P.S. You can use the named-checkconf utility to test your config files
Code:
named-checkconf -z
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
bind9 lamou23 Linux - Server 1 08-08-2010 10:09 AM
dns fordwarding ciberrust Linux - Networking 1 02-20-2006 02:12 PM
fordwarding remote desktop through iptables dlm4444 Linux - Security 4 01-04-2005 09:30 PM
fordwarding jperez Linux - Networking 0 04-26-2004 10:05 PM
bind9 unixkid Linux - Networking 3 08-30-2002 02:43 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration