Problem with DNS on mandriva 2007

Carlos Alberto Bernat Orozco cabo81 at gmail.com
Tue Jan 30 05:05:48 UTC 2007 

Hi group
Sorry but I'm clueless. My server still does not resolve. Let me explain my
self. I configured all my zones to make my DNS server.

This is my named.conf


include "/etc/rndc.key";

controls {
    inet 127.0.0.1 port 953
    allow { 127.0.0.1; } keys { mykey; };
};

// Access lists (ACL's) should be defined here
include "/etc/bogon_acl.conf";
include "/etc/trusted_networks_acl.conf";

// Define logging channels
include "/etc/logging.conf";

options {
    version "";
    directory "/var/named";
    dump-file "/var/tmp/named_dump.db";
    pid-file "/var/run/named.pid";
    statistics-file "/var/tmp/named.stats";
    zone-statistics yes;
//    datasize 256M;
    coresize 100M;
//    fetch-glue no;
//    recursion no;
//    recursive-clients 10000;
    auth-nxdomain yes;
    query-source address * port *;
    listen-on port 53 { any; };
    cleaning-interval 120;
    transfers-in 20;
    transfers-per-ns 2;
    lame-ttl 0;
    max-ncache-ttl 10800;
    notify no;
   transfer-format many-answers;
max-transfer-time-in 60;
interface-interval 0;
    allow-recursion { trusted_networks; };
   blackhole { bogon; };
};

zone "ac" { type delegation-only; };
zone "cc" { type delegation-only; };
zone "com" { type delegation-only; };
zone "cx" { type delegation-only; };
zone "lv" { type delegation-only; };
zone "museum" { type delegation-only; };
zone "net" { type delegation-only; };
zone "nu" { type delegation-only; };
zone "ph" { type delegation-only; };
zone "sh" { type delegation-only; };
zone "tm" { type delegation-only; };
zone "ws" { type delegation-only; };

zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "master/localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "master/localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "reverse/named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa"
IN {
        type master;
        file "reverse/named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "reverse/named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "reverse/named.zero";
        allow-update { none; };
};
//poner master/
zone "codisert.com.co" IN {
        type master;
        file "codisert.com.co.db";
        allow-update { none; };
};
//poner reverse/
zone "66.21.200.in-addr.arpa" IN {
        type master;
        file "200.21.66.rev";
        allow-update { none; };
};
//poner reverse/
zone "62.21.200.in-addr.arpa" IN {
        type master;
        file "200.21.62.rev";
        allow-update { none; };
};

########################################
And these are my DNS querys with the -x option:

 # dig @200.21.66.194 -x 200.21.66.194

; <<>> DiG 9.3.0 <<>> @200.21.66.194 -x 200.21.66.194
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43611
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;194.66.21.200.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
194.66.21.200.in-addr.arpa. 3600 IN     PTR     ethereal.codisert.com.co.

;; AUTHORITY SECTION:
66.21.200.in-addr.arpa. 604800  IN      NS      ethereal.codisert.com.co.

;; ADDITIONAL SECTION:
ethereal.codisert.com.co. 604800 IN     A       200.21.66.194

;; Query time: 39 msec
;; SERVER: 200.21.66.194#53(200.21.66.194)
;; WHEN: Tue Jan 30 00:01:42 2007
;; MSG SIZE  rcvd: 112


Thanks to Stephen, I added a dot on my 200.21.66.rev file. What I understood
is to allow recursion in order to make work my DNS server. But still
continue my problem.

I've reading about recursion, and I think that if is enable it by default,
then what other causes could posibble affect that my DNS server does not
resolv any web site? I already configured my firewall. But I'm lost with
this issue.

Please give some more steps to get more info. I have a week with no
solution.


Thanks in advanced and sorry for the dummie question

Carlos Bernat

2007/1/29, Barry Margolin <barmar at alum.mit.edu>:
>
> In article <epmdd7$2rfd$1 at sf1.isc.org>,
> "Carlos Alberto Bernat Orozco" <cabo81 at gmail.com> wrote:
>
> > Hi group
> > Thanks Stephane for your answers. Sorry, my mistake on the -x option on
> the
> > dig command. What you said before is that my DNS won't resolve unless
> uses
> > recursion to make querys.
> >
> > Sorry, I've been reading about how enable it (recursion) but I can't
> find
> > info. How can I enable it (in the zones, named.conf) ? or where can I
> find
> > info to enable it?
>
> Recursion is enabled by default, you have to disable it with "recursion
> no;" or "allow-recursion { <acl> };" in named.conf.
>
> --
> Barry Margolin, barmar at alum.mit.edu
> Arlington, MA
> *** PLEASE post questions in newsgroups, not directly to me ***
> *** PLEASE don't copy me on replies, I'll read them in the group ***
>
>
>

More information about the bind-users mailing list