DNS forwarding not working properly?
ARMSTRONG, KENNETH
KARMSTRONG at BOTETOURTVA.US
Thu Mar 26 16:11:52 UTC 2009
Thanks, I gave that a go and now when I run a query I get "No response from server" when running nslookup. I tried restarting bind and now I get the "rndc: connect failed: 127.0.0.1#953: connection refused" error. I then tried running rndc-confgen, and added the following to rndc.conf:
key "rndc-key" {
algorithm hmac-md5;
secret "stuff here";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
And created rndc.conf file with the following:
key "rndc-key" {
algorithm hmac-md5;
secret "stuff here";
};
But I still get the connection failed error as above when I try to restart bind.
-----Original Message-----
From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Jonathan Petersson
Sent: Thursday, March 26, 2009 11:33 AM
To: ARMSTRONG, KENNETH
Cc: bind-users at lists.isc.org
Subject: Re: DNS forwarding not working properly?
You need to enable recursion in options.
/Jonathan
2009/3/26 ARMSTRONG, KENNETH <KARMSTRONG at botetourtva.us>:
> OK, I've been trying my hardest to figure this out.
>
> I have BIND9 installed and set up as a slave to one of our Domain
> Controllers (so we can at least still get DNS if it were to go down). It
> works fine for transferring the zone file of our domain down, and from the
> server running BIND I can resolve hostnames of our local network machines
> along with outside names such as google.com (using nslookup, yeah I know it
> sucks).
>
> However, when I set up one of my Windows XP clients to use the new server
> for DNS, it can resolve local machine names fine when I run nslookup against
> it, but it gives me "Query refused" when trying to resolve an outside DNS
> name.
>
> I ran nslookup against the ISP's DNS IP's and can resolve the outside
> hostnames just fine, but for some reason I can't resolve them against the
> new DNS server.
>
> I have not made any modifications to /etc/bind/named.conf. Instead, I have
> put my configurations in /etc/bind/named.conf.local (since that is what the
> named.conf file says to do).
>
> Here is my /etc/bind/named.conf.local file (protected of course):
>
> Code:
>
> zone "OURDOMAIN.COM" {
>
> type slave;
>
> masters {
>
> 192.168.1.22;
>
> 192.168.1.23;
>
> };
>
> file "OURDOMAIN.COM.db";
>
> allow-transfer {
>
> any;
>
> };
>
> allow-query {
>
> any;
>
> };
>
> };
>
>
>
> zone "192.168.in-addr.arpa" {
>
> type slave;
>
> masters {
>
> 192.168.1.22;
>
> 192.168.1.23;
>
> };
>
> file "192.168.in-addr.arpa.db";
>
> allow-transfer {
>
> any;
>
> };
>
> allow-query {
>
> any;
>
> };
>
> };
>
> And my /etc/bind/named.conf.options:
>
> Code:
>
> options {
>
> directory "/var/cache/bind";
>
>
>
> forwarders {
>
> 216.12.0.20;
>
> 216.12.48.23;
>
> };
>
>
>
> auth-nxdomain no;
>
> listen-on-v6 { any; };
>
> };
>
> Again, this only seems to affect outside clients, I can run queries on
> nslookup just fine on the DNS server itself.
>
> Any help would be greatly appreciated.
>
>
>
> Kenny
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
_______________________________________________
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list