SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi
I've got some strange problem with my dns,everything works (www, dns for local hosts) except it doesn't resolve names for my server, I'm not sure what might be wrong, I checked my zones, and everything is OK.
my-domain.org
Quote:
$TTL 86400
$ORIGIN my-domain.org.
@ 1D IN SOA ns1.my-domain.org. hostmaster.my-domain.org. (
2007031100 ; serial
3H ; refresh
15 ; retry
1w ; expire
3h ; minimum
)
IN NS ns1.my-domain.org. ; internal
IN NS 1.external.net. ; external
IN NS 2.external.net. ; external
IN NS external.net. ; external
IN MX 10 mail.my-domain.org. ; internal mail provider
; server host definitions
ns1 IN A 333.333.333.1 ;name server definition
mail IN A 333.333.333.1 ;mail server definition
www IN A 333.333.333.1 ;web server definition
ftp IN CNAME www.my-domain.org. ;ftp server definition
localhost.zone
Quote:
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1
localhost.rev
Quote:
$TTL 86400
@ IN SOA localhost. root.localhost. (
2007031100 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
ns1 IN A 333.333.333.1 ;name server definition
mail IN A 333.333.333.1 ;mail server definition
www IN A 333.333.333.1 ;web server definition
ftp IN CNAME www.my-domain.org. ;ftp server definition
It's better if you keep only on A record per host and use CNAME for any other names. Like this:
Code:
ns1 IN A 333.333.333.1 ;name server definition
mail IN CNAME ns1.mydomain.org. ;mail server definition
www IN CNAME ns1.mydomain.org. ;web server definition
ftp IN CNAME ns1.my-domain.org. ;ftp server definition
As for the server resolving names for itself, this will work if the server is configured to listen (and accept queries) on the loopback interface 127.0.0.1 and at the same time the /etc/resolve.conf references 127.0.0.1 as the name server.
Could you post /etc/resolve.conf and /etc/bind/named.conf?
(Make sure to hide any rndc keys secrets before posting).
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
// version statement for security to avoid hacking known weaknesses
version "not currently available";
// optional - disables all transfers - slaves allowed in zone clauses
allow-transfer {"none";};
// Closed DNS - permits only local IPs to issue recursive queries
// remove if an Open DNS required to support all users
// or add additional ranges
allow-recursion {192.168.1.0/24;};
//allow-query {192.168.1.0/24;};
};
logging{
channel my_log{
file "/var/log/named/my.log" versions 3 size 2m;
severity info;
print-severity yes;
print-time yes;
print-category yes;
};
category default{
my_log;
};
};
// required zone for recursive queries
zone "." {
type hint;
file "caching/named.ca";
};
zone "my-domain.org" IN {
type master;
file "master/my-domain.org";
// enable slaves only
allow-transfer { 1.2.3.4;5.6.7.8;9.10.11.12; };
};
// required local host domain
zone "localhost" IN {
type master;
file "caching/localhost.zone";
allow-update { none; };
};
// localhost reverse map
zone "0.0.127.in-addr.arpa" IN {
type master;
file "caching/localhost.rev";
allow-update { none; };
};
// reverse map for class C 192.168.0.0
zone "1.168.192.IN-ADDR.ARPA" IN {
type master;
file "master/192.168.1.rev";
};
options {
directory "/var/named";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
// version statement for security to avoid hacking known weaknesses
version "not currently available";
// optional - disables all transfers - slaves allowed in zone clauses
allow-transfer {"none";};
// Closed DNS - permits only local IPs to issue recursive queries
// remove if an Open DNS required to support all users
// or add additional ranges
allow-recursion {192.168.1.0/24;};
//allow-query {192.168.1.0/24;};
allow-query {192.168.1.0/24; 127.0.0.1;};
listen-on {192.168.1.xxx; 127.0.0.1;};
};
This allows the server to talk to itself over the loopback interface 127.0.0.1
(Make sure to put your servers IP address instead of 192.168.1.xxx)
Then modify /etc/resolv.conf to include 127.0.0.1 like so:
Actually all those IPs looks suspicious. I doubt 1.2.3.4 is your actual nameserver either. You should probably check with your ISP (if this is your home machine) to get the actual name servers after the loopback one and then list them in order (primary, secondary, tertiary).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.