Hello all, First of all thank you for reading this topic, I hope together we can find the solution for my problem or at least narrowing it down. For my DNS server setup I mostly used the "Two-in-one DNS server with BIND9" how-to with some added function. At his moment I am about to run my own DNS servers but I seem to have some trouble with the internal view which doesn't work properly. Whenever I lookup a zone from my local network I get the results for the external view. A simple 'dig rootdomains.nl' on my primary ns gives my external IP as result, a 'dig rootdomains.nl @localhost' returns my internal IP address. On any other machine there will only be my external IP as result, my conclusion is that the 'acl internal' does include 127.0.0.0/8; but not 192.168.0.0/24;. My current setup in machines is: 192.168.0.50 is my server at home with openVZ. Within openVZ there are 2 name servers. The primary name server providers the internal and external view as shown below. It has 192.168.0.51 as address and transfers his external view zone files with 82.192.80.xxx. The internal view transfers his zone files with 192.168.0.52 which is my secondary internal dns server. 82.192.80.xxx is a server locatated in a data centre and is de secondary name server for my external views. Beneath are my config files used on the primary NS server: named.conf.local Code: acl internals { 127.0.0.0/8; 192.168.0.0/24; }; view "internal" { match-clients { internals; }; recursion yes; zone "rootdomains.nl" { type master; file "/etc/bind/internal/db.rootdomains.nl"; allow-transfer { 192.168.0.52; }; }; }; view "external" { match-clients { any; }; recursion yes; zone "rootdomains.nl" { type master; file "/etc/bind/external/db.rootdomains.nl"; allow-transfer { 82.192.80.xxx; }; }; zone "rootdomains.eu" { type master; file "/etc/bind/external/db.rootdomains.eu"; allow-transfer { 82.192.80.xxx; }; }; }; internal/db.rootdomains.nl Code: $ORIGIN . $TTL 604800 ; 1 week rootdomains.nl IN SOA ns1.rootdomains.nl. root.rootdomains.nl. ( 2007021503 ; serial 86400 ; refresh (1 day) 1800 ; retry (30 minutes) 2419200 ; expire (4 weeks) 604800 ; minimum (1 week) ) NS ns1.rootdomains.nl. NS ns2.rootdomains.nl. A 192.168.0.17 MX 10 mail.rootdomains.nl. $ORIGIN rootdomains.nl. ftp A 192.168.0.17 localhost A 127.0.0.1 mail A 192.168.0.17 ns1 A 192.168.0.51 ns2 A 192.168.0.52 www A 192.168.0.17 cat external/db.rootdomains.nl Code: $ORIGIN . $TTL 604800 ; 1 week rootdomains.nl IN SOA ns1.rootdomains.nl. root.rootdomains.nl. ( 2007021704 ; serial 4H ; refresh (4 hours) 1800 ; retry (30 minutes) 2419200 ; expire (4 weeks) 604800 ; minimum (1 week) ) NS ns1.rootdomains.nl. NS ns2.rootdomains.nl. A 85.223.49.xxx MX 10 mail.rootdomains.nl. $ORIGIN rootdomains.nl. ns1 A 85.223.49.xxx ns2 A 82.192.80.xxx localhost A 127.0.0.1 mail A 85.223.49.xxx www A 85.223.49.xxx ftp A 85.223.49.xxx If any information is needed I will provide it as soon as I can. With kind regards, sPENKMAN
Did you tell your client computers to use your own DNS server or do they use your ISP's name servers?
Hehe, that would have been quite silly. I am using my own internal nameservers cat /etc/resolv.conf @ 192.168.0.17 Code: nameserver 192.168.0.51 nameserver 192.168.0.52 ifconfig /all @ 192.168.0.18 Code: DNS-servers . . . . . . . . . . . : 192.168.0.51 192.168.0.52
That's my idea exactly. I had it working some time ago but at a certain point it didn't anymore. I reinstalled bind with apt-get remove --purge but that also didn't solve my problem. cat named.conf Code: include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; cat named.conf.local Code: acl internals { 127.0.0.0/8; 192.168.0.0/24; }; view "internal" { match-clients { internals; }; recursion yes; zone "rootdomains.nl" { type master; file "/etc/bind/internal/db.rootdomains.nl"; allow-transfer { 192.168.0.52; }; }; zone "rootdomains.eu" { type master; file "/etc/bind/internal/db.rootdomains.eu"; allow-transfer { 192.168.0.52; }; }; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; }; view "external" { match-clients { any; }; recursion yes; zone "rootdomains.nl" { type master; file "/etc/bind/external/db.rootdomains.nl"; allow-transfer { 82.192.80.188; }; }; zone "rootdomains.eu" { type master; file "/etc/bind/external/db.rootdomains.eu"; allow-transfer { 82.192.80.188; }; }; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; }; zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; } /etc/init.d/bind9 restart Code: Feb 19 19:06:08 ns1 named[22322]: shutting down: flushing changes Feb 19 19:06:08 ns1 named[22322]: stopping command channel on 127.0.0.1#953 Feb 19 19:06:08 ns1 named[22322]: no longer listening on 127.0.0.1#53 Feb 19 19:06:08 ns1 named[22322]: no longer listening on 192.168.0.51#53 Feb 19 19:06:08 ns1 named[22322]: exiting Feb 19 19:06:10 ns1 named[26224]: starting BIND 9.3.2-P1 -u bind Feb 19 19:06:10 ns1 named[26224]: found 1 CPU, using 1 worker thread Feb 19 19:06:10 ns1 named[26224]: loading configuration from '/etc/bind/named.conf' Feb 19 19:06:10 ns1 named[26224]: no IPv6 interfaces found Feb 19 19:06:10 ns1 named[26224]: listening on IPv4 interface lo, 127.0.0.1#53 Feb 19 19:06:10 ns1 named[26224]: listening on IPv4 interface venet0:0, 192.168.0.51#53 Feb 19 19:06:10 ns1 named[26224]: command channel listening on 127.0.0.1#953 Feb 19 19:06:10 ns1 named[26224]: zone 0.in-addr.arpa/IN/internal: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone 127.in-addr.arpa/IN/internal: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone 255.in-addr.arpa/IN/internal: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/internal: loaded serial 2007021505 Feb 19 19:06:10 ns1 named[26224]: zone localhost/IN/internal: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/internal: loaded serial 2007021503 Feb 19 19:06:10 ns1 named[26224]: zone 0.in-addr.arpa/IN/external: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone 127.in-addr.arpa/IN/external: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone 255.in-addr.arpa/IN/external: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/external: loaded serial 2007021505 Feb 19 19:06:10 ns1 named[26224]: zone localhost/IN/external: loaded serial 1 Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/external: loaded serial 2007021704 Feb 19 19:06:10 ns1 named[26224]: running Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/internal: sending notifies (serial 2007021503) Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/internal: sending notifies (serial 2007021505) Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.nl/IN/external: sending notifies (serial 2007021704) Feb 19 19:06:10 ns1 named[26224]: zone rootdomains.eu/IN/external: sending notifies (serial 2007021505)
