Find the answer to your Linux question:
Results 1 to 7 of 7
Let me first start by saying this is my first endeavor into linux networking, and I have been experiencing issues with BIND. I have configured two CentOS servers with BIND ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2008
    Posts
    4

    BIND resolving issues


    Let me first start by saying this is my first endeavor into linux networking, and I have been experiencing issues with BIND. I have configured two CentOS servers with BIND (one master, one slave) and both appear to be working fine. I have another CentOS machine configured to use dhcp (even static config does not work). All parameters are passing through dhcp fine to the client and the proper nameserver entries are input into my resolv.conf file. However i cannot resolve anything on the client machine (internal/external), but can ping IPs (internal/external). I am thinking there is some sort of authentication/security issue with my BIND installation. I have tried imputing the "allow-query { any;};" statement into my zones on my named.conf with no luck. Am i missing something here?

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    What does your DNS config file look like?
    What does your DHCP config file look like for DNS?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined!
    Join Date
    Jan 2008
    Posts
    4
    Quote Originally Posted by Lazydog View Post
    What does your DNS config file look like?
    What does your DHCP config file look like for DNS?
    here is my named.conf

    Code:
    //
    // named.conf
    //
    // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
    // server as a caching only nameserver (as a localhost DNS resolver only).
    //
    // See /usr/share/doc/bind*/sample/ for example named configuration files.
    //
    
    options {
            listen-on port 53 { 127.0.0.1; };
            listen-on-v6 port 53 { ::1; };
            directory       "/var/named";
            dump-file       "/var/named/data/cache_dump.db";
            statistics-file "/var/named/data/named_stats.txt";
            memstatistics-file "/var/named/data/named_mem_stats.txt";
            allow-query     { any; };
            recursion yes;
    
            dnssec-enable yes;
            dnssec-validation yes;
            dnssec-lookaside auto;
    
            /* Path to ISC DLV key */
            bindkeys-file "/etc/named.iscdlv.key";
    
            managed-keys-directory "/var/named/dynamic";
    };
    
    logging {
            channel default_debug {
                    file "data/named.run";
                    severity dynamic;
            };
    };
    
    zone "edd.protegga.net" IN {
            type master;
            file "edd.protegga.net.zone";
            allow-update { any; };
            allow-transfer { any; };
    };
    
    zone "1.168.192.in-addr.arpa" IN {
            type master;
            file "edd.protegga.net.rr.zone";
            allow-update { any; };
            allow-transfer { any; };
    };
    
    zone "." IN {
            type hint;
            file "named.ca";
    };
    
    include "/etc/named.rfc1912.zones";
    include "/etc/named.root.key";
    and here is my dhcpd.conf

    Code:
    # dhcpd.conf
    #
    # Sample configuration file for ISC dhcpd
    #
    
    # option definitions common to all supported networks...
    option domain-name "edd.protegga.net";
    option domain-name-servers 192.168.1.10, 192.168.1.11;
    
    default-lease-time 21600;
    max-lease-time 43200;
    
    # Use this to enble / disable dynamic dns updates globally.
    ddns-update-style interim;
    
    # If this DHCP server is the official DHCP server for the local
    # network, the authoritative directive should be uncommented.
    authoritative; # PXE Server Side
    allow booting;
    allow bootp;
    
    # Use this to send dhcp log messages to a different log file (you also
    # have to hack syslog.conf to complete the redirection).
    log-facility local7;
    
    # No service will be given on this subnet, but declaring it helps the
    # DHCP server to understand the network topology.
    
    # subnet 10.152.187.0 netmask 255.255.255.0 {
    # }
    
    # This is a very basic subnet declaration.
    
    # subnet 10.254.239.0 netmask 255.255.255.224 {
    #  range 10.254.239.10 10.254.239.20;
    #  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
    # }
    
    # This declaration allows BOOTP clients to get dynamic addresses,
    # which we don't really recommend.
    
    # subnet 10.254.239.32 netmask 255.255.255.224 {
    #  range dynamic-bootp 10.254.239.40 10.254.239.60;
    #  option broadcast-address 10.254.239.31;
    #  option routers rtr-239-32-1.example.org;
    # }
    
    # A slightly different configuration for an internal subnet.
    subnet 192.168.1.0 netmask 255.255.255.0 {
      range 192.168.1.100 192.168.1.200;
      option subnet-mask 255.255.255.0;
      option broadcast-address 192.168.1.255;
      option routers 192.168.1.1;
    }
    
    # Hosts which require special configuration options can be listed in
    # host statements.   If no address is specified, the address will be
    # allocated dynamically (if possible), but the host-specific information
    # will still come from the host declaration.
    
    #host passacaglia {
    #  hardware ethernet 0:0:c0:5d:bd:95;
    #  filename "vmunix.passacaglia";
    #  server-name "toccata.fugue.com";
    #}
    
    # Fixed IP addresses can also be specified for hosts.   These addresses
    # should not also be listed as being available for dynamic assignment.
    # Hosts for which fixed IP addresses have been specified can boot using
    # BOOTP or DHCP.   Hosts for which no fixed address is specified can only
    # be booted with DHCP, unless there is an address range on the subnet
    # to which a BOOTP client is connected which has the dynamic-bootp flag
    # set.
    #host fantasia {
    #  hardware ethernet 08:00:07:26:c0:a5;
    #  fixed-address fantasia.fugue.com;
    # }
    
    # You can declare a class of clients and then do address allocation
    # based on that.   The example below shows a case where all clients
    # in a certain class get addresses on the 10.17.224/24 subnet, and all
    # other clients get addresses on the 10.0.29/24 subnet.
    
    #class "foo" {
    #  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
    #}
    
    #shared-network 224-29 {
    #  subnet 10.17.224.0 netmask 255.255.255.0 {
    #    option routers rtr-224.example.org;
    #  }
    #  subnet 10.0.29.0 netmask 255.255.255.0 {
    #    option routers rtr-29.example.org;
    #  }
    #  pool {
    #    allow members of "foo";
    #    range 10.17.224.10 10.17.224.250;
    #  }
    #  pool {
    #    deny members of "foo";
    #    range 10.0.29.10 10.0.29.230;
    #  }
    #}

  4. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Your DNS server is only listing on the LO interface (127.0.0.1) Need to add the public ip address also to the line.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  5. #5
    Just Joined!
    Join Date
    Jan 2008
    Posts
    4
    Quote Originally Posted by Lazydog View Post
    Your DNS server is only listing on the LO interface (127.0.0.1) Need to add the public ip address also to the line.
    Ahh... that makes sense. Everything appears to be functioning properly now.

    The public IP would only be necessary if im expecting to run web services on these servers which are accessible to WAN. Correct? "localnets" would work for a local use?

    I appreciate the help!

  6. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by ThirdLeft152 View Post
    Ahh... that makes sense. Everything appears to be functioning properly now.
    Glad to hear it is working now.

    The public IP would only be necessary if im expecting to run web services on these servers which are accessible to WAN. Correct? "localnets" would work for a local use?
    No. Localhost is just that machine (127.0.0.1). You need an ip address on the machine for any other host to be able to use the DNS services. Doesn't matter is it is LAN or WAN.

    I appreciate the help!
    You are welcome.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  7. #7
    Just Joined!
    Join Date
    Jan 2008
    Posts
    4
    Gotcha, Issue solved!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •