DNS-BIND8 problem: client doesn't ping
Kevin Darcy
kcd at daimlerchrysler.com
Wed Aug 16 00:16:23 UTC 2000
The allow-query in named.conf looks like it has a syntax error.
- Kevin
iond wrote:
> Hi,
> In my small-office intranet ive configured a linux box as a caching-name
> server (chroot jail)
> with two nics. One of them, through a dsl cisco router, goes to the NET
> (Isp provides a static IP).
>
> Everything, on the server side(Redhat 6.2), works fine. I can use
> nslookup, ping, Netscape, etc.
>
> Clients [all linux boxes, obviously );-) ] don't. They can use
> nslookup and make
> name resolving; ping and Netscape seem to go out (router gets line), but
> stay hang on.
>
> I do not figure what's the matter.
> Sorry for the long message. I trust in your patient.
> Thanks,
> Luke
>
> Here's my intranet :
>
> THE NET
> |
> dsl router(192.83.46.254)
> |
> |
> eth0(192.83.46.1)
> :
> server box(server.privnet.com)
> :
>
> :
> (Private Extranet)
> eth1(192.168.1.103) ------------- isdn router(192.168.1.254)
>
> |
> |
> | (domain:
> privnet.com) |
>
> |
> |
> client boxes(192.168.1.101,etc) ---------------|
>
> =========================================================
> SERVER'S CONFIG FILES
>
> /etc/sysconfig/network
> ----------------------------------------------------
> NETWORKING=yes
> HOSTNAME="server.privnet.com"
> FORWARD_IPV4="yes"
> GATEWAY="192.83.46.254"
> GATEWAYDEV="eth0"
>
> /etc/sysconfig/static-routes
> ----------------------------------------------------
> eth1 net 192.27.10.1 netmask 255.255.255.255 gw 192.168.1.254
> eth1 net 10.4.1.1 netmask 255.255.255.255 gw 192.168.1.254
> eth1 net 192.200.1.101 netmask 255.255.255.255 gw 192.168.1.254
>
> /etc/sysconfig/network-scripts/ifcfg-eth0
> ----------------------------------------------------
> DEVICE="eth0"
> BOOTPROTO="none"
> BROADCAST="192.83.46.255"
> IPADDR="192.83.46.1"
> NETMASK="255.255.255.0"
> NETWORK="192.83.46.0"
> ONBOOT="yes"
>
> /etc/sysconfig/network-scripts/ifcfg-eth1
> ----------------------------------------------------
> DEVICE="eth1"
> BOOTPROTO="none"
> BROADCAST="192.168.1.255"
> IPADDR="192.168.1.103"
> NETMASK="255.255.255.0"
> NETWORK="192.168.1.0"
> GATEWAY="192.83.46.1"
> ONBOOT="yes"
>
> /etc/sysctl.conf
> ----------------------------------------------------
> net.ipv4.ip_forward = 1
> net.ipv4.icmp_echo_ignore_all = 1
> net.ipv4.icmp_echo_ignore_broadcasts = 1
> net.ipv4.conf.all.accept_source_route = 0
> net.ipv4.tcp_syncookies = 1
> net.ipv4.conf.all.accept_redirects = 0
> net.ipv4.ip_always_defrag = 1
> net.ipv4.icmp_ignore_bogus_error_responses = 1
> net.ipv4.conf.all.rp_filter = 1
> net.ipv4.conf.all.log_martians = 1
> net.ipv4.ip_local_port_range = 32768 61000
> net.ipv4.tcp_fin_timeout = 30
> net.ipv4.tcp_keepalive_time = 1800
> net.ipv4.tcp_window_scaling = 0
> net.ipv4.tcp_sack = 0
> net.ipv4.tcp_timestamps = 0
> vm.bdflush = 100 1200 128 512 15 5000 500 1884 2
> vm.buffermem = 80 10 60
> fs.file-max = 8192
> fs.inode-max = 32768
> kernel.sysrq = 0
>
> /etc/host.conf
> ----------------------------------------------------
> order bind,hosts
> multi on
> nospoof on
>
> /etc/nsswitch.conf
> ----------------------------------------------------
> ....
> hosts: dns files
> ....
>
> /etc/resolv.conf
> ----------------------------------------------------
> domain privnet.com
> search privnet.com isp-domain.com
> nameserver 127.0.0.1
> nameserver 195.110.96.66
> nameserver 195.110.96.67
>
> /etc/named.conf
> ----------------------------------------------------
> options {
> directory "/var/named";
> forward only;
> // ISP DNS
> forwarders { 195.110.96.66; 195.110.96.67; };
> allow-query { 192.168.1/24; 127.0.0.1/32 };
> };
>
> zone "." in {
> type hint;
> file "named.cache";
> };
>
> zone "0.0.127.in-addr.arpa" in {
> type master;
> file "named.local";
> };
>
> zone "1.168.192.in-addr.arpa" in {
> type master;
> file "named.192.168.1";
> };
>
> zone "privnet.com" in {
> type master;
> file "named.privnet.com";
> };
>
> /var/named/named.local
> ----------------------------------------------------
> $TTL 345600
> @ IN SOA localhost. root.localhost. (
> 00 ; Serial
> 86400 ; Refresh
> 7200 ; Retry
> 2592000 ; Expire
> 345600 ) ; Minimum
> IN NS localhost.
> 1 IN PTR localhost.
>
> /var/named/named.privnet.com
> ----------------------------------------------------
> $TTL 345600
> privnet.com IN SOA server.privnet.com. root.server.privnet.com. (
> 00 ; Serial
> 86400 ; Refresh
> 7200 ; Retry
> 2592000 ; Expire
> 345600 ) ; Minimum
> privnet.com. IN NS server.privnet.com.
> MX 10 server.privnet.com. ;
> MAIL Server
> localhost.privnet.com. A 127.0.0.1
> client.privnet.com. A 192.168.1.101
> server.privnet.com. A 192.168.1.103
>
> /var/named/named.192.168.1
> ----------------------------------------------------
> $TTL 345600
> 1.168.192.in-addr.arpa. IN SOA server.privnet.com.
> root.server.privnet.com. (
> 00 ; Serial
> 86400 ; Refresh
> 7200 ; Retry
> 2592000 ; Expire
> 345600 ) ; Minimum
> IN NS server.privnet.com.
>
> 101 IN PTR client.privnet.com.
> 103 IN PTR server.privnet.com.
>
> =========================================================
> CLIENT'S CONFIG FILES
>
> /etc/sysconfig/network
> ----------------------------------------------------
> NETWORKING=yes
> FORWARD_IPV4="yes"
> HOSTNAME="client.privnet.com"
> DOMAINNAME=privnet.com
> GATEWAY="192.168.1.103"
> GATEWAYDEV="eth0"
>
> /etc/sysconfig/static-routes
> ----------------------------------------------------
> eth0 net 192.27.10.1 netmask 255.255.255.255 gw 192.168.1.254
> eth0 net 10.4.1.1 netmask 255.255.255.255 gw 192.168.1.254
> eth0 net 192.200.1.101 netmask 255.255.255.255 gw 192.168.1.254
>
> /etc/sysconfig/network-scripts/ifcfg-eth0
> ----------------------------------------------------
> DEVICE="eth0"
> IPADDR="192.168.1.101"
> NETMASK="255.255.255.0"
> NETWORK=192.168.1.0
> BROADCAST=192.168.1.255
> ONBOOT="yes"
> BOOTPROTO="none"
>
> /etc/host.conf
> ----------------------------------------------------
> order hosts,bind
>
> /etc/resolv.conf
> ----------------------------------------------------
> domain privnet.com
> search privnet.com
> nameserver 192.168.1.103
More information about the bind-users
mailing list