Hi, Im trying to understand why my DNS is not working as its supposed to, I have a DNS server with the IP 192.168.102.159 (A Cent OS as VM) the DNS is configured with a zone abc.i. I tried nslookup with client it shows ** server can't find abc.i: NXDOMAIN ************************************************** [root@localhost ~]# nslookup 192.168.102.159 Server: 192.168.102.2 Address: 192.168.102.2#53 ** server can't find 159.102.168.192.in-addr.arpa.: NXDOMAIN [root@localhost ~]# nslookup abc.i Server: 192.168.102.2 Address: 192.168.102.2#53 ** server can't find abc.i: NXDOMAIN ************************************************** Zone files check.. [root@localhost ~]# named-checkzone abc.i /var/named/abc.db zone abc.i/IN: loaded serial 0 OK [root@localhost ~]# named-checkzone 102.168.192.in-addr.arpa /var/named/cba.db zone 102.168.192.in-addr.arpa/IN: loaded serial 0 OK [root@localhost ~]# ************************************************** ifcfg-ens33 configuration TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=dhcp DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=ens33 UUID=c39a3132-fecb-4688-aa6a-b83e4d8f09a3 DEVICE=ens33 HOSTNAME=ns2 IPADDR=192.168.102.159 SUBNETMASK=255.255.255.0 ADAPTER=ens33 GATEWAY=192.168.102.2 DNS1="192.168.102.2 NM_CONTROLLED=no ONBOOT=yes ************************************************** named.conf // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // // See the BIND Administrator's Reference Manual (ARM) for details about the // configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html acl internals { 192.168.102.0/24; }; options { listen-on port 53 { 127.0.0.1; 192.168.102.159; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; recursing-file "/var/named/data/named.recursing"; secroots-file "/var/named/data/named.secroots"; allow-query { localhost; internals; }; /* - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion. - If you are building a RECURSIVE (caching) DNS server, you need to enable recursion. - If your recursive DNS server has a public IP address, you MUST enable access control to limit queries to your legitimate users. Failing to do so will cause your server to become part of large scale DNS amplification attacks. Implementing BCP38 within your network would greatly reduce such attack surface */ recursion yes; dnssec-enable yes; dnssec-validation yes; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; pid-file "/run/named/named.pid"; session-keyfile "/run/named/session.key"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; zone "abc.i" { type master; file "abc.db"; }; zone "102.168.192.IN-ADDR.ARPA" { type master; file "cba.db"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; ************************************************** abc.db $TTL 3H $ORIGIN abc.i. @ IN SOA ns1.abc.i. admin.abc.i. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns1.abc.i. ns1 IN A 192.168.102.159 ************************************************** cba.db $TTL 3H $ORIGIN 102.168.192.IN-ADDR.ARPA. @ IN SOA ns1.abc.i. admin.abc.i. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum IN NS ns1.abc.i. 100 IN PTR ns1.abc.i. ************************************************** Thank You
This tutorial explains how to setup DNS (with ISPConfig) and how to test it is working. https://www.howtoforge.com/tutorial/setting-up-your-own-name-service-with-ispconfig/
This issue is resolved, apparently, I was so into it that I even forgot I was using a client machine that is not configured properly to check the DNS, even though the client was in the NAT network as the Cent OS, it was not issued a DHCP by the Cent OS Server and thus it did not have any DNS configuration either, I was testing through the client by manually adding DNS entries. Finally I tested it through putty as before and both forward and reverse lookups are resolving. Thank you all for your time, appreciate it.
