BIND problem in Fedora Core

narasimhulu · August 14, 2008, 12:57am

Hi ,

I am facing a strange with BIND in Fedora Core 6. Here is the config for more info.

#cat /etc/named.caching-nameserver.conf

options {
listen-on port 53 { any; };
directory "/var/named";
// dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
query-source port 53;
query-source-v6 port 53;
// allow-query { any; };
allow-transfer { 192.168.0.0/24; };
listen-on { any; };

};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

#cat /etc/named.rfc1912.zones

zone "." IN {
type hint;
file "named.ca";
};

zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

zone "example.com" IN {
type master;
file "example.com.zone";
allow-update { none; };
allow-transfer { any; };
};

zone "10.168.192.in-addr.arpa" IN {
type master;
file "10.168.192.in-addr.arpa.zone";
allow-update { none; };
allow-transfer { any; };
};

#cat /var/named/chroot/var/named/10.168.192.in-addr.arpa.zone
$TTL 86400
@ IN SOA @ example.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum

    IN      NS      example.com.

8 IN PTR backup.example.com.
2 IN PTR ftp.example.com.

# cat /var/named/chroot/var/named/example.com.zone
$TTL 86400
@ IN SOA @ example.com. (
42 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
604800 ; retire (1 week)
86400 ; ttl (1 day)
)
@ IN NS example.com.
backup IN A 192.168.10.8
ftp IN A 192.168.10.2

# cat /etc/resolv.conf
nameserver localhost

-------------------------------

When i try to use nslookup or dig or host in localhost, it will resolve domain names properly.

ex. #nslookup ftp.example.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Name: ftp.example.com
Address: 192.168.10.2

and When i try to use nslookup from the linux clinet machine, It shows me below error.

#nslookup ftp.example.com
Server: 192.168.10.8
Address: 192.168.10.8#53

** server can't find ftp.example.com: REFUSED

Here is the output from windows pc.

C:\>nslookup ftp.example.com
Server: 192.168.10.8
Address: 192.168.10.8:53

*** UnKnown can't find ftp.example.com: Query refused

I have googled regrading this issue but nothing worked out. Please suggest me to solve this problem.

narasimhulu · August 14, 2008, 1:53am

Hello all,

I have solved the problem by removing 2 lines from /etc/named.caching-nameserver.conf file. Now i can able to resolve the host names from the client machines.

match-clients { localhost; };
match-destinations { localhost; };

Thanks a lot,
Narasu

jamison_utter · August 14, 2008, 7:30pm

narasimhulu,
do you know that configuration has recursion turned on for anyone? I hope that this server is inside a fire-walled network.

narasimhulu · August 18, 2008, 12:32am

Hi jamison,

Yes this is inside firwall and i have turned off recursion for all users.

Thanks for the reply,
Narasimhulu