DNS works only with ip but does not work with NS CentOS + Bind9
- by Borislav Yordanov
I am having a headache with DNS.
Lets say my public IP is 1.2.3.4, my local IP is 192.168.0.10 and my domain is example.com
I am running CentOS on a virtual machine (Parallels Desktop for Mac) with a LAN card reserved for it, so it gets Ip directly from the router. I have ports 80,443,53 forwarded to 192.168.0.10. Both Mac OS and CentOs firewalls are Off.
The strange is when I type
dig @1.2.3.4 example.com from my other PC I get:
; <<>> DiG 9.8.3-P1 <<>> @1.2.3.4 example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16941
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 86400 IN A 1.2.3.4
;; AUTHORITY SECTION:
example.com. 86400 IN NS ns2.example.com.
example.com. 86400 IN NS ns1.example.com.
;; ADDITIONAL SECTION:
ns1.example.com. 86400 IN A 1.2.3.4
ns2.example.com. 86400 IN A 1.2.3.4
;; Query time: 8 msec
;; SERVER: 1.2.3.4#53(1.2.3.4)
;; WHEN: Sat Nov 2 09:37:36 2013
;; MSG SIZE rcvd: 109
but when i type: dig @ns1.example.com example.com it waits a few seconds and returns dig: couldn't get address for 'ns1.dsht.in': not found
This is my config file:
/etc/named.conf
options {
listen-on-v6 { none; };
directory"/var/named";
dump-file"/var/named/data/cache_dump.db";
statistics-file"/var/named/data/named_stats.txt";
memstatistics-file"/var/named/data/named_mem_stats.txt";
allow-query{ localhost; 192.168.0.0/24; };
allow-transfer { localhost; 192.168.0.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
# change all from here
view "internal" {
match-clients {
localhost;
192.168.0.0/24;
};
zone "." IN {
type hint;
file "named.ca";
};
zone "example.com" IN {
type master;
file "example.com.zone";
allow-update { none; };
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "0.168.192.in-addr.arpa";
allow-update { none; };
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
};
view "external" {
match-clients { any; };
allow-query { any; };
recursion no;
zone "example.com" IN {
type master;
file "example.com.zone";
allow-update { none; };
};
zone "4.3.2.1.in-addr.arpa" IN {
type master;
file "4.3.2.1.in-addr.arpa";
allow-update { none; };
};
};
/var/named/exmaple.com.zone
$TTL 86400
@ IN SOA ns1.example.com. host.example.com. (
2013042201 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
; Specify our two nameservers
IN NS ns1.example.com.
IN NS ns2.example.com.
; Resolve nameserver hostnames to IP, replace with your two droplet IP addresses.
ns1 IN A 1.2.3.4
ns2 IN A 1.2.3.4
; Define hostname -> IP pairs which you wish to resolve
@ IN A 1.2.3.4
IN A 1.2.3.4
www IN A 1.2.3.4
server2 IN A 192.168.0.2
* IN A 1.2.3.4
/var/named/4.3.2.1.in-addr.arpa
$TTL 2d ; 172800 seconds
$ORIGIN 4.3.2.1.IN-ADDR.ARPA.
@ IN SOA ns1.example.com. host.example.com. (
2013010304 ; serial number
3h ; refresh
15m ; update retry
3w ; expiry
3h ; nx = nxdomain ttl
)
IN NS ns1.example.com.
IN NS ns2.example.com.
IN PTR example.com.
; etc
/var/named/0.168.192.in-addr.arpa
$TTL 2d ; 172800 seconds
$ORIGIN 0.168.192.IN-ADDR.ARPA.
@ IN SOA ns1.example.com. host.example.com. (
2013010304 ; serial number
3h ; refresh
15m ; update retry
3w ; expiry
3h ; nx = nxdomain ttl
)
IN NS ns1.example.com.
IN NS ns2.example.com.
10 IN PTR example.com.
2 IN PTR server2.example.com
; etc
I will be very glad if someone can help me.
Thank you in advance
