Lookup failure for own domain (Everything else works)
David Botham
dns at botham.net
Mon Aug 5 14:47:24 UTC 2002
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of The Other Guy
> Sent: Sunday, August 04, 2002 5:52 PM
> To: comp-protocols-dns-bind at isc.org
> Subject: Lookup failure for own domain (Everything else works)
>
>
> Hi,
>
> I've recently registered a domain through godaddy.com, and as far as I
can
> tell, correctly configured the nameservers at their end. I assumed the
> fact
> that they accepted the changes indicated I had configured BIND
> correctly...
> apparently I had not.
>
> The problem is, I can resolve any address other than my own (using
either
> the forward configuration, of as a DNS server without forwarding
requests
> to
> my ISP).
>
> I have included my configuration files below. My config settings are
based
> on the FreeBSD handbook guide for setting up DNS. As I have just one
> domain,
> becoming an expert on using BIND isn't really a high priority... I'd
just
> like to understand what I am doing wrong.
>
> I'd also like to know if it is possible to only allow DNS lookups for
my
> own
> domain from remote users - I'd like it to work for all domains
internally
> (as a forwarder).
>
> Thanks for any assistance you can offer,
>
> The Other Guy (Config files below - domain name changed to
> unspecified.net,
> IP addresses altered).
>
>
>
> // $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.5 2002/02/04 18:24:21
ume
> Exp
> $
> //
> // Refer to the named.conf(5) and named(8) man pages for details. If
> // you are ever going to setup a primary server, make sure you've
> // understood the hairy details of how DNS is working. Even with
> // simple mistakes, you can break connectivity for affected parties,
> // or cause huge amount of useless Internet traffic.
>
> options {
> directory "/etc/namedb";
>
> // In addition to the "forwarders" clause, you can force your name
> // server to never initiate queries of its own, but always ask its
> // forwarders only, by enabling the following line:
> //
> // forward only;
>
> // If you've got a DNS server around at your upstream provider, enter
> // its IP address here, and enable the line below. This will make you
> // benefit from its cache, thus reduce overall DNS traffic in the
> Internet.
> /*
> forwarders {
> 210.55.12.1;
> 210.55.12.2;
> };
> */
> /*
> * If there is a firewall between you and nameservers you want
> * to talk to, you might need to uncomment the query-source
> * directive below. Previous versions of BIND always asked
> * questions using port 53, but BIND 8.1 uses an unprivileged
> * port by default.
> */
> // query-source address * port 53;
>
> /*
> * If running in a sandbox, you may have to specify a
different
> * location for the dumpfile.
> */
> // dump-file "s/named_dump.db";
> };
>
> // Note: the following will be supported in a future release.
> /*
> host { any; } {
> topology {
> 127.0.0.0/8;
> };
> };
> */
>
> // Setting up secondaries is way easier and the rough picture for this
> // is explained below.
> //
> // If you enable a local name server, don't forget to enter 127.0.0.1
> // into your /etc/resolv.conf so this server will be queried first.
> // Also, make sure to enable it in /etc/rc.conf.
>
> zone "." {
> type hint;
> file "named.root";
> };
>
> zone "0.0.127.IN-ADDR.ARPA" {
> type master;
> file "localhost.rev";
> };
>
> zone
>
"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT
"
> {
>
> type master;
> file "localhost-v6.rev";
> };
>
> // NB: Do not use the IP addresses below, they are faked, and only
> // serve demonstration/documentation purposes!
> //
> // Example secondary config entries. It can be convenient to become
> // a secondary at least for the zone where your own domain is in. Ask
> // your network administrator for the IP address of the responsible
> // primary.
> //
> // Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
> // (This is the first bytes of the respective IP address, in reverse
> // order, with ".IN-ADDR.ARPA" appended.)
> //
> // Before starting to setup a primary zone, better make sure you fully
> // understand how DNS and BIND works, however. There are sometimes
> // unobvious pitfalls. Setting up a secondary is comparably simpler.
> //
> // NB: Don't blindly enable the examples below. :-) Use actual names
> // and addresses instead.
> //
> // NOTE!!! FreeBSD can run bind in a sandbox (see named_flags in
rc.conf).
> // The directory containing the secondary zones must be write
accessible
> // to bind. The following sequence is suggested:
> //
> // mkdir /etc/namedb/s
> // chown bind:bind /etc/namedb/s
> // chmod 750 /etc/namedb/s
>
> /*
> zone "domain.com" {
> type slave;
> file "s/domain.com.bak";
> masters {
> 192.168.1.1;
> };
> };
>
> zone "0.168.192.in-addr.arpa" {
> type slave;
> file "s/0.168.192.in-addr.arpa.bak";
> masters {
> 192.168.1.1;
> };
> };
> */
> zone "unspecified.net" {
> type master;
> file "unspecified.net";
> };
>
>
> The contents of the file unspecified.net is as follows -
>
> unspecified.net. IN SOA ns1.unspecified.net.
> unspecified.unspecified.net.nz.
> {
> 1 ; Serial
> 10800 ; Refresh
> 3600 ; Retry
> 604800 ; Expire
> 86400 ) ; Minimum TTL
>
> ; DNS Servers
> @ IN NS ns1.unspecified.net.
> @ IN NS ns2.unspecified.net.
>
> ; Machine Names
> localhost IN A 127.0.0.1
> @ IN A www.yyy.xxx.145
> avon IN A www.yyy.xxx.146
A records MUST have an IP address in the RDATA, not a hostname beginning
with 'www':
@ IN A 192.168.10.145
avon IN A 192.168.10.146
>
> ; Aliases
> mail IN CNAME @
While you have not included your MX records below, I suspect that the
record for "mail" above is for your MX records. MX records should not
reference CNAME records. Make the above an A record:
mail IN A 192.168.10.145
> ns1 IN CNAME @
> ns2 IN CNAME avon
Your RDATA for your NS records can't be CNAME records, make them A
records, even if that means making things a little redundant.
ns1 IN A 192.168.10.145
ns2 IN A 192.168.10.146
> www IN CNAME @
>
> ; MX Record
More information about the bind-users
mailing list