Resolving an internal IP address for a domain from an external DNS server?

Thu Jan 7 19:29:59 UTC 2010

Kaya Saman wrote:
> Hi guys,
>
> I hope this is possible to do and someone can help me doing it!
>
> Basically I have an authoritative DNS server located at IP 
> 81.178.2.118 running on Solaris 9 with 3 views; one for internal 
> clients, one for my current location (which has a static IP address as 
> I'm running an internet test radio station from it), and one for 
> external clients (everyone not in "my" network).
>
> What I would like to do is use this server located at 81.178.2.118 to 
> resolve a local IP address to my radio server??
>
> I mean I have FreeBSD and Bind running on the radio server but only 
> want to use it for hinted root zone queries as being authoritative 
> means that I will need to get the zone from the 'main' DNS server then 
> my view will be redundant.
I can't make any sense of that sentence. Could you please rephrase? What 
nameserver instances are running where, and what do you want them to 
resolve for whom?
>
> Currently I have this setup on the remote machine:
>
> in /etc/opt/csw/bind/optiplex-networks-kiziltoprak file:
>
> zone "optiplex-networks.com" {
> type master;
> file "/var/named/optiplex-networks-kiziltoprak.db";
> allow-query { 212.156.209.87; };
> };
>
>
> This is the view for it:
>
> view "kiziltoprak" {
> match-clients { 212.156.209.87; };
> allow-recursion {
> 127.0.0.1;
> 212.156.209.87;
> };
>
> zone "." {
> type hint;
> file "/etc/opt/csw/bind/db.root";
> };
>
> include "/etc/opt/csw/bind/named.conf.kiziltoprak";
>
> };
>
> And zone file:
>
> ;
> ; BIND data file for example.com
> ;
> $TTL 1d
> @ IN SOA ns1.optiplex-networks.com. mail.optiplex-networks.com. (
> 2010010704 ; Serial
> 7200 ; Refresh
> 120 ; Retry
> 2419200 ; Expire
> 86400) ; Default TTL
> ;
> IN NS ns1.optiplex-networks.com.
> [...]
> ns1.optiplex-networks.com. IN A 81.178.2.118
> [...]
> rd1.optiplex-networks.com. IN A 192.168.1.100
> ns1.rd1.optiplex-networks.com. IN A 192.168.1.100
> [...]
Since you don't show any master or slave zone definitions, I'm not sure 
what view this is supposed to be in. The "kiziltoprak" view? Is this the 
_only_ master/slave zone defined in that view? Using an include file for 
a single zone definition seems like unnecessary complexity to me.
>
>
> If I run a dig query from my linux notebook having 81.178.2.118 as the 
> nameserver in /etc/resolv.conf I get this:
>
>> root at Hp-Compaq-2230s:/var/log# dig @ns1.optiplex-networks.com 
>> optiplex-networks.com
>>
>> ; <<>> DiG 9.5.1-P2.1 <<>> @ns1.optiplex-networks.com 
>> optiplex-networks.com
>> ; (1 server found)
>> ;; global options: printcmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16423
>> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
>>
>> ;; QUESTION SECTION:
>> ;optiplex-networks.com. IN A
>>
>> ;; ANSWER SECTION:
>> optiplex-networks.com. 86400 IN A 81.178.2.118
>>
>> ;; AUTHORITY SECTION:
>> optiplex-networks.com. 86400 IN NS ns1.optiplex-networks.com.
>>
>> ;; ADDITIONAL SECTION:
>> ns1.optiplex-networks.com. 86400 IN A 81.178.2.118
>>
>> ;; Query time: 80 msec
>> ;; SERVER: 81.178.2.118#53(81.178.2.118)
>> ;; WHEN: Thu Jan 7 19:20:28 2010
>> ;; MSG SIZE rcvd: 89
>
> Which is fine as recursion is enabled so no probs there!
Recursion is not necessary for an authoritative response from an 
authoritative nameserver.
>
> Now if I try the local IP domain I get this:
>
>> root at Hp-Compaq-2230s:/var/log# dig @ns1.optiplex-networks.com 
>> rd1.optiplex-networks.com
>>
>> ; <<>> DiG 9.5.1-P2.1 <<>> @ns1.optiplex-networks.com 
>> rd1.optiplex-networks.com
>> ; (1 server found)
>> ;; global options: printcmd
>> ;; connection timed out; no servers could be reached
>
> This I don't understand!
Try a non-recursive query: dig +norec ... See what you get.

- Kevin