Results 1 to 1 of 1
Hi all,
I am semi-new to Linux, but very new to setting up a server. I have a test environment using VMware with 3 virtual machines - 2 Fedora 7 ...
- 07-19-2007 #1Just Joined!
- Join Date
- Jul 2007
- Posts
- 1
BIND trouble
Hi all,
I am semi-new to Linux, but very new to setting up a server. I have a test environment using VMware with 3 virtual machines - 2 Fedora 7 machines and an SLES 10 machine. I am using the one Fedora 7 machine as a server/router/firewall/gateway for the other F7 and SLES machines, simulating a small private network.
I have NAT working, but now I am trying to configure my F7 server as a DNS server. What I have done is I have taken the named.caching-nameserver.conf file, copied it as named.conf, and am using that. Here is the code from that:
nslookup runs successfully from the server machine, but when I change the nameserver to my server's IP in my client machine, nslookup is not successful from the client machine. I am able to ping my server from my client.Code:options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones";
I did run tcpdump from both machines during an nslookup from client to server.
From server:
eth0 is my Internet-facing adapter, and a tcpdump with eth0 shows no activity during an nslookup from one of my clients.Code:02:33:17.379031 IP 192.168.50.51.filenet-pa > 192.168.50.1.domain: 2225+ A? www.google.com. (32) 02:33:22.379588 IP 192.168.50.51.filenet-pa > 192.168.50.1.domain: 2225+ A? www.google.com. (32) 02:33:27.381808 IP 192.168.50.51.filenet-pa > 192.168.50.1.domain: 2225+ A? www.google.com. (32)
Could iptables be incorrectly configured?
I'd appreciate any troubleshooting tips, because I am stuck!Code:iptables --flush iptables -t nat --flush iptables -t mangle --flush iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -j LOG iptables -t nat -A POSTROUTING -o eth0 -s 192.168.50.2 -j MASQUERADE #--------------------------------------------------------------- # Allow outbound DNS queries from the FW and the replies too # # - Interface eth0 is the internet interface # # Zone transfers use TCP and not UDP. Most home networks # / websites using a single DNS server won't require TCP statements # #--------------------------------------------------------------- iptables -A OUTPUT -p udp -o eth0 --dport 53 --sport 1024:65535 \ -j ACCEPT iptables -A INPUT -p udp -i eth0 --sport 53 --dport 1024:65535 \ -j ACCEPT iptables -A OUTPUT -p udp -o eth1 --dport 53 --sport 1024:65535 \ -j ACCEPT iptables -A INPUT -p udp -i eth1 --sport 53 --dport 1024:65535 \ -j ACCEPT
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts