Questions

Joseph S D Yao jsdy at center.osis.gov
Tue Aug 20 14:56:27 UTC 2002 

On Mon, Aug 19, 2002 at 02:32:47PM -0500, Eric Gregory wrote:
> Got a question for anyone willing to help.
> 
> I'm running a bind 9.1 server on FreeBSD 4.5, The server will be both a
> cacheing and authoritative name server.
> 
> I have setup multiple domains on the server as well as reverse DNS zones for
> the IP's that will be necessary.
> 
> Now when I set my other machines to use this machine for DNS I do not appear
> to be getting DNS resolution.
> 
> For instance if I try to ping ns.gatewayconnections.com from another machine
> which is using the machine in question I get
> 
> ping: cannot resolve ns.gatewayconnections.com: Unknown host
> 
> If I try to use nslookup on one of the host machines I get
> *** Can't find server name for address 192.168.0.136: Timed out
> *** Default servers are not available
> 
> ns.gatewayconnections.com is a forward A record for 192.168.0.136 and
> 192.168.0.136 has a reverse record pointing to ns.gatewayconnections.com .
> 
> I do get DNS resolution if I try to resolve from the machine running bind.
> I can resolve domains which are held on the local machine as well as other
> machines,
> for instance I can ping both ns.gatewayconnections.com and www.yahoo.com
> from the bind machine.  I still get
> *** Can't find server name for address 192.168.0.136: Timed out
> *** Default servers are not available
> 
> When trying to use NSlookup even on the bind machine.  I'm sure that this is
> something to do with the reverse DNS for the IP address but how can I make
> it work, is it the fact that I'm using the reserved IP address that's
> causing the problem, Any help would be greatly appreciated.

First, get a copy of DNS and BIND 4th ed. and read it.

Many here will tell you that 'nslookup' is not fit to tread the same
earth on which they walk, but this is of course untrue.  It is merely
not a great tool with which to test an untried DNS setup.  The error
you are getting is one such reason - it is purely a quirk of
'nslookup'.  You can get around it by going into 'nslookup' and then
saying 'server 192.168.0.136'.  Work from there.

Better yet, make yourself a "0.168.192.in-addr.arpa" zone on the same
machine.  That will not only cover 'nslookup's anti-social behaviour
[and it is merely anti-social, not deserving of the death penalty], and
be the Right Thing To Do(tm) besides.  Oh, wait, I missed the sentence
that suggested but did not say that you had such a zone.  Then you need
to look in your 'syslog' logs to see what error you have in the zone
file that makes the server reject it.

As for how to make this name server visible from other machines, I'm
afraid there isn't enough information to tell.  Obviously, no machine
on the public Internet will be able to connect to a machine with a
private internet address, so you must be talking about machines on the
same, private, internet.  If they have the correct IP address in their
/etc/resolv.conf files, then they should go directly to that server for
resolution.  If not, then you must have some kind of central name
server [or possibly a root] which either refers or forwards queries to
that server.  If that machine can resolve the names, and the users'
machines can resolve other queries via the central name server, then
you will have to look at the glue between these pieces.

-- 
Joe Yao				jsdy at center.osis.gov - Joseph S. D. Yao
OSIS Center Systems Support					EMT-B
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.

More information about the bind-users mailing list