newbie struggles....
This is a discussion on newbie struggles.... within the Bind Users forums, part of the DNS and Related Forums category; Hi all, I've been trying to set up an authoratitive zone for my domain name using the O'Reilly ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-07-2004
|
|||
|
|||
newbie struggles....
Hi all,
I've been trying to set up an authoratitive zone for my domain name using the O'Reilly DNS and BIND book, but with no joy. My network set up is like this :- Internet <--> firewall <--> DMZ (172.16/16) " <--> LAN (192.168.4/24) On the firewall I do NAT for a static block of real ip addresses (xx.yy.182.112/29) to the DMZ addresses, which works fine. I have a domain name which I've delegated the authority for, e.g. MYDOMAIN.co.uk xx.yy.182.113 ns0.MYDOMAIN.co.uk xx.yy.182.114 ns1.MYDOMAIN.co.uk and I can see udp requests arriving for port 53 on the firewall when I use an external resolver. my resolv.conf:- ---------------- [root@prod1 named]# more /etc/resolv.conf domain MYDOMAIN.co.uk #nameserver 127.0.0.1 nameserver 172.16.0.20 my named.conf:- --------------- options { directory "/var/named"; // Uncommenting this might help if you have to go through a // firewall and things are not working out. But you probably // need to talk to your firewall admin. query-source address * port 53; }; controls { inet 127.0.0.1 allow { localhost; } keys { rndckey; }; }; zone "." { type hint; file "db.cache"; }; zone "MYDOMAIN.co.uk" { type master; file "db.MYDOMAIN.co.uk"; }; zone "16.172.in-addr.arpa" { type master; file "db.172.16"; }; zone "4.168.192.in-addr.arpa" { type master; file "db.192.168.4"; }; zone "0.0.127.in-addr.arpa" { type master; file "db.127.0.0"; }; include "/etc/rndc.key"; the reverse DNS for my static block is looked after by my ISPs nameservers but the forward addresses match. my db.MYDOMAIN.co.uk:- ----------------------- $TTL 3h MYDOMAIN.co.uk. IN SOA prod1.MYDOMAIN.co.uk. mark.MYDOMAIN.co.uk. ( 1 ; Serial 3h ; Refresh every 3 hours 1h ; Retry 1w ; Expires 1 week 1h ) ; negative chaing ttl ;nameservers MYDOMAIN.co.uk. IN NS ns0.MYDOMAIN.co.uk. MYDOMAIN.co.uk. IN NS ns1.MYDOMAIN.co.uk. ;hosts localhost.MYDOMAIN.co.uk. IN A 127.0.0.1 ; ; Internet hosts ; ;MYDOMAIN.co.uk IN A xx.yy.182.115 ns0.MYDOMAIN.co.uk. IN A xx.yy.182.113 ns1.MYDOMAIN.co.uk. IN A xx.yy.182.114 www.MYDOMAIN.co.uk. IN A xx.yy.182.115 beta.MYDOMAIN.co.uk. IN A xx.yy.182.116 router.MYDOMAIN.co.uk. IN A xx.yy.182.118 gateway.MYDOMAIN.co.uk. IN A xx.yy.182.117mydomain ; ; LAN hosts ; ;dev.MYDOMAIN.co.uk. IN A 192.168.4.37 ;windy.MYDOMAIN.co.uk. IN A 192.168.4.10 ;lan-fw.MYDOMAIN.co.uk. IN A 192.16.4.77 ; ; DMZ hosts ; prod1.MYDOMAIN.co.uk. IN A 172.16.0.20 ;dmz-fw.MYDOMAIN.co.uk. IN A 172.16.0.10 with this configuration I can only do lookups (forward and reverse) for ns0.MYDOMAIN.co.uk and ns1.MYDOMAIN.co.uk (i.e. only FQDN). All lookups for somehost.MYDOMAIN.co.uk is NXDOMAIN. I can't even resolve localhost, or the nameservers DMZ hostname PROD1. but I can resolve internet addresses fine. I've commented out my LAN and DMZ to keep everything as minimal as possible. I would appreciate any help given. Regards, -Mark. 
|
Linear Mode
