Alright. I am running Ubuntu LTS 12.04 and am trying to configure a local caching/master DNS server so I am using Bind9.
First, here are some things via default DHCP:
/etc/network/interfaces
cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
# The primary network interface - STATIC
#auto eth0
#iface eth0 inet static
# address 192.168.2.113
# netmask 255.255.255.0
# network 192.168.2.0
# broadcast 192.168.2.255
# gateway 192.168.2.1
# dns-search uclemmer.net
# dns-nameservers 192.168.2.113 8.8.8.8
/etc/resolv.conf
cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.2.1
search uclemmer.net
ifconfig
ifconfig
eth0 Link encap:Ethernet HWaddr 00:14:2a:82:d4:9e
inet addr:192.168.2.103 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::214:2aff:fe82:d49e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1067 errors:0 dropped:0 overruns:0 frame:0
TX packets:2504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:153833 (153.8 KB) TX bytes:214129 (214.1 KB)
Interrupt:23 Base address:0x8800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:915 errors:0 dropped:0 overruns:0 frame:0
TX packets:915 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:71643 (71.6 KB) TX bytes:71643 (71.6 KB)
ping
ping -c 4 192.168.2.1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_req=1 ttl=64 time=0.368 ms
64 bytes from 192.168.2.1: icmp_req=2 ttl=64 time=0.224 ms
64 bytes from 192.168.2.1: icmp_req=3 ttl=64 time=0.216 ms
64 bytes from 192.168.2.1: icmp_req=4 ttl=64 time=0.237 ms
--- 192.168.2.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.216/0.261/0.368/0.063 ms
ping -c 4 google.com
PING google.com (74.125.134.102) 56(84) bytes of data.
64 bytes from www.google-analytics.com (74.125.134.102): icmp_req=1 ttl=48 time=15.1 ms
64 bytes from www.google-analytics.com (74.125.134.102): icmp_req=2 ttl=48 time=11.4 ms
64 bytes from www.google-analytics.com (74.125.134.102): icmp_req=3 ttl=48 time=11.6 ms
64 bytes from www.google-analytics.com (74.125.134.102): icmp_req=4 ttl=48 time=11.5 ms
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 11.488/12.465/15.118/1.537 ms
ip route
ip route
default via 192.168.2.1 dev eth0 metric 100
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.103
As you can see, with DHCP everything seems to work fine.
Now, here are things with static IP:
/etc/network/interfaces
cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
#auto eth0
#iface eth0 inet dhcp
# The primary network interface - STATIC
auto eth0
iface eth0 inet static
address 192.168.2.113
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.1
dns-search uclemmer.net
dns-nameservers 192.168.2.1 8.8.8.8
I have tried dns-nameservers in various combos of *.2.1, *.2.113, and other reliable, public nameservers.
/etc/resolv.conf
cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.2.1
nameserver 8.8.8.8
search uclemmer.net
Obviously, when I change the nameservers in the /etc/network/interfaces file, the nameservers change here too.
ifconfig
ifconfig
eth0 Link encap:Ethernet HWaddr 00:14:2a:82:d4:9e
inet addr:192.168.2.113 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::214:2aff:fe82:d49e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1707 errors:0 dropped:0 overruns:0 frame:0
TX packets:2906 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:226230 (226.2 KB) TX bytes:263497 (263.4 KB)
Interrupt:23 Base address:0x8800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:985 errors:0 dropped:0 overruns:0 frame:0
TX packets:985 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:78625 (78.6 KB) TX bytes:78625 (78.6 KB)
ping
ping -c 4 192.168.2.1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
--- 192.168.2.1 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3023ms
ping -c 4 google.com
ping: unknown host google.com
Lastly, here are my bind zone files:
/etc/bind/named.conf.options
cat /etc/bind/named.conf.options
options {
directory "/etc/bind";
//
//
//
query-source address * port 53;
notify-source * port 53;
transfer-source * port 53;
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
forwarders {
// My local
192.168.2.113;
// Comcast
75.75.75.75;
75.75.76.76;
// Google
8.8.8.8;
8.8.4.4;
// DNSAdvantage
156.154.70.1;
156.154.71.1;
// OpenDNS
208.67.222.222;
208.67.220.220;
// Norton
198.153.192.1;
198.153.194.1;
// Verizon
4.2.2.1;
4.2.2.2;
4.2.2.3;
4.2.2.4;
4.2.2.5;
4.2.2.6;
// Scrubit
67.138.54.100;
207.255.209.66;
};
//
//
//
//allow-query { localhost; 192.168.2.0/24; };
//allow-transfer { localhost; 192.168.2.113; };
//also-notify { 192.168.2.113; };
//allow-recursion { localhost; 192.168.2.0/24; };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
/etc/bind/named.conf.local
cat /etc/bind/named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "example.com" {
type master;
file "/etc/bind/zones/db.example.com";
};
zone "2.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/db.2.168.192.in-addr.arpa";
/etc/bind/zones/db.example.com
cat /etc/bind/zones/db.example.com
;
; BIND data file for example.com interface
;
$TTL 604800
@ IN SOA yossarian.example.com. root.example.com. (
1343171970 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS yossarian.example.com.
@ IN A 192.168.2.113
@ IN AAAA ::1
@ IN MX 10 yossarian.example.com.
;
yossarian IN A 192.168.2.113
router IN A 192.168.2.1
printer IN A 192.168.2.200
;
ns01 IN CNAME yossarian.example.com.
www IN CNAME yossarian.example.com.
ftp IN CNAME yossarian.example.com.
ldap IN CNAME yossarian.example.com.
mail IN CNAME yossarian.example.com.
/etc/bind/zones/db.2.168.192.in-addr.arpa
cat /etc/bind/zones/db.2.168.192.in-addr.arpa
;
; BIND reverse data file for 2.168.192.in-addr interface
;
$TTL 604800
@ IN SOA yossarian.example.com. root.example.com. (
1343171970 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS yossarian.example.com.
@ IN A 255.255.255.0
;
113 IN PTR yossarian.example.com.
1 IN PTR router.example.com.
200 IN PTR printer.example.com.
ip route
ip route
default via 192.168.2.1 dev eth0 metric 100
192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.113
I can SSH in to the machine locally at *.2.113 or at whatever address is dynamically assigned when in DHCP "mode". *2.113 is in my router's range and I have ports open and forwarding to the server. Pinging is enabled on the router too. I briefly had a static configuration working but it died after the first reboot.
Please let me know what other info you might need. I am beyond frustrated/baffled.