no servers could be reached

Chris Buxton chris.p.buxton at gmail.com
Mon Aug 1 06:31:25 UTC 2011 

On Jul 28, 2011, at 8:27 AM, uifiddle at gmail.com wrote:

> I'm trying to config a bind server which could answering queries (at
> least from 127.0.0.1 and 192.168.18.128) like "dig kia.czj" but I
> failed to. perhaps my ignorance about  match-clients and
> match-destinations statements failed my attempt, or more likely, "SOA
> and NS of localhost. seems wrong".  

Your SOA and NS records are fine for a testing or other small private environment.

> It should be
> localhost.localdomain.And I used to think the $origin statement is not
> necessary, the idea about the zone name could be got from named.conf.

Your understanding was correct.

The problem is that the ACL "localhost" in named.conf does not mean what it means pretty much everywhere else. It is not a synonym for 127.0.0.1. Instead, it means the local system, including all available network interfaces.

It's evident that you're testing on your name server directly. The server's address is 192.168.18.128. So your query is getting filed into the first view, and thus never gets to the second.

To fix this, you could either remove the localhost_resolver view that Red Hat provides, or else change "localhost" in the first view to "127.0.0.1". I recommend removing the extraneous view, since you're obviously not intending to use it.

Chris Buxton
BlueCat Networks

> 2011/7/28 Alan Clegg <aclegg at isc.org>:
>> On 7/28/2011 4:16 AM, uifiddle at gmail.com wrote:
>> 
>>> view localhost_resolver {
>>>       match-clients      { localhost; };
>>>       match-destinations { localhost; };
>>>       recursion yes;
>>>       include "/etc/named.rfc1912.zones";
>>> };
>>> view czj {
>>>       match-clients   { 192.168.18.128; localhost; };
>>>       match-destinations { 192.168.18.128; localhost; };
>>>       recursion yes;
>>>       zone "czj" {
>>>       type master;
>>>       file "czj.zone";
>>> };
>>> };
>> 
>>> named-checkzone named-checkconf passed
>> 
>> These check syntax but not semantics.  As someone else pointed out, it
>> looks like your zone file is messed up a bit.  Additionally, the views
>> above have both match-clients and match-destinations which I doubt you
>> want, and you have localhost listed in both...
>> 
>> What is it that you are trying to do and we might be able to help you
>> out some...
>> 
>> AlanC
>> 
>> 
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>> 
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list