Bind

Steve Phillips steve at focb.co.nz
Mon Nov 19 00:26:07 UTC 2007 

Mad Unix wrote:
> Hi linuxers
> 
> I am setting up a DNS/BIND for my local office 100 users for resolving
> internal (nonroutable) and external names (internet)
> for internet usage it works fine but for internal one it shows problems
> am not using real name i called only my.lan
> my DNS server 10.5.1.30  hostname: linux1.my.lan
> my clients having 10.6.x.0/24
> my servers having 10.5.0.0/16
> 
> can any one tell me what am doing wrong?
> 
> root at linuxvmware:~# cat /etc/resolv.conf
> nameserver 10.5.1.30
> domain my.lan
> search my.lan
[snip]
> view localhost_resolver {
>         match-clients      { localhost; 10.5.0.0/16; 10.6.40.0/24; 127.0/8;
> };
>         match-destinations { localhost; };
>         recursion yes;
>         include "/etc/named.rfc1912.zones";
> };

At a wild guess, I'd say this is probably your problem, your zone files 
look like they are setup correctly.

if I am reading this right, your view basically says that the only 
destination for a query is 'localhost' yet I am guessing that you are 
not performing these queries on the localhost ? and even if you are, you 
may find that the 'destination' is actually 10.5.1.30 which != 127.0.0.1

I could be wildly wrong however :-) but it does seem like a views 
problem - you may also want to turn on debugging and then try again, 
bind does have some very good query debugging tools that are overly verbose.

logging {
         channel our_syslog {
                 syslog local3;        # send to syslog's local3 facility
                 severity info;        # only send priority info and higher
         };

         category default { our_syslog; default_debug; };
         category lame-servers { null; };
};

Thats my log entries for named, changing 'info' to 'debug' will boost 
the verbosity quite substantially and generally helps find where queries 
are failing. (obviously it will pay to setup syslog.conf as well to 
write local3.* entries to a seperate file)

Maybe try changing your logging levels to 'debug' as well, restart named 
and see if you get more info in the logs when performing the query that 
is failing.

-- 
Steve
()  ascii ribbon campaign - against html e-mail
/\  www.asciiribbon.org   - against proprietary attachments

More information about the redhat-list mailing list