?
Solved

DNS Setup

Posted on 2002-07-11
3
Medium Priority
?
487 Views
Last Modified: 2013-12-27
Hallo,

I have problem with my Bind DNS.  I am using Sun E250 and sit behind CheckPoint Firewall.  Internet connection via 128k lease line.

Sun E250 serve as SMTP server (Sendmail), Apache Webserver & DNS server.  The external IP is 202.190.160.131 (NAT)[private IP 198.10.10.112], and mail server & webserver work fine.  For internal user, the DNS server work fine because it albe to resolve name correctly, and users able to browse Internet.

My internal network IP is 198.10.10.X (example), and Sun E250 have NAT IP 202.190.160.131.  I set everything accordingly for DNS but I cant get mail reply for other internet users because MX record problem.

Following is the result I got from www.checkdns.net :

Asking root servers about authoritative NS for domain
  Got DNS list for 'dbku.gov.my' from GATE1.JARING.my
  Found NS record: 'ns1.jaring.my' [161.142.201.17], was resolved to IP by GATE1.JARING.my
  Found NS record: 'ns2.jaring.my' [192.228.188.61], was resolved to IP by GATE1.JARING.my
  Domain has 2 DNS server(s)


Verifying if NS are alive
  DNS server ns1.jaring.my [161.142.201.17] is alive and authoritative for domain 'dbku.gov.my'
  DNS server ns2.jaring.my [192.228.188.61] is alive and authoritative for domain 'dbku.gov.my'
  2 server(s) are alive


Check if all NS have the same version
  All 2 your servers have the same zone version (2002051500)


Checking www. records
  Checking http server www.dbku.gov.my [202.190.160.131]
  HTTP server www.dbku.gov.my [202.190.160.131] answers on port 80
  Received: HTTP/1.1 200 OK (Server: Apache/2.0.35 (Unix)) . . . . . .Welcome to Kuching North City Hall official Website. . . . . . .A:hover {color: #FF99FF; font-family: Arial; font-size: 10pt} . . function Activated() { window.alert("English version is under renovation"); } . . . . ...Welcome to the Official Homepage of Kuching North City Hall... . . . .  


Check mail-servers
  Domain dbku.gov.my has no MX records



Here are the my DNS configuration files :

>>>>>named.conf<<<<<
//
// DNS config file for a primary server
//
options {
     directory "/var/named";
     query-source address * port 53;
};

zone "." {
     type hint;
     file "db.cache";
};

zone "localhost" {
       type master;
       file "local.zone";
};

zone "0.0.127.in-addr.arpa" {
     type master;
     file "named.local";
};

zone "dbku.gov.my" {
     type master;
     file "named.dbku.gov.my";
};

zone "0.0.10.in-addr.arpa" {
     type master;
     file "named.dbku.gov.my.rev";
};
>>>>>>>>><<<<<<<<<<<<<<

>>>>>>>>local.zone<<<<<<<<<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN  SOA          enigma.dbku.gov.my. jim.dbku.gov.my. (
     2000041900   ; Serial
          10800   ; Refresh
           3600   ; Retry
         604800   ; Expire
          86400)  ; Minimum

             IN  NS     enigma.dbku.gov.my.
             IN  NS     ns1.jaring.my.

localhost.    IN  A      127.0.0.1
>>>>>>>>><<<<<<<<<<<<

>>>>>>local.rev<<<<<<<<
;
; Reverse resolution zone file for a primary nameserver
;
$TTL 86400
@ IN  SOA          enigma.dbku.gov.my. jim.dbku.gov.my. (
     2000041900   ; Serial
          10800   ; Refresh
           3600   ; Retry
         604800   ; Expire
          86400)  ; Minimum

             IN  NS     enigma.dbku.gov.my.
             IN  NS     ns1.jaring.my.

1             IN  PTR    localhost.

>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<

>>>>>>named.dbku.gov.my<<<<<<<<<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN  SOA          enigma.dbku.gov.my. jim.dbku.gov.my. (
     2000041900   ; Serial
          10800   ; Refresh
           3600   ; Retry
         604800   ; Expire
          86400)  ; Minimum

             IN  NS     enigma.dbku.gov.my.
             IN  NS     ns1.jaring.my.

            IN  MX 10  mail.dbku.gov.my.
            IN  A   198.10.10.112

enigma       IN  A       198.10.10.112
www          IN  CNAME   enigma.dbku.gov.my.
>>>>>>>>><<<<<<<<<<<<

>>>>>>>>named.dbku.gov.my.rev<<<<<<<<<<<
;
; Forward resolution zone file for a primary nameserver
;
$TTL 86400
@ IN  SOA          enigma.dbku.gov.my. jim.dbku.gov.my. (
     2000041900   ; Serial
          10800   ; Refresh
           3600   ; Retry
         604800   ; Expire
          86400)  ; Minimum

             IN  NS     enigma.dbku.gov.my.
             IN  NS     ns1.jaring.my.

1             IN  PTR    enigma.dbku.gov.my.
>>>>>>>>>>>>><<<<<<<<<<<<<<<<

I think it might cause by my NAT IP.  But, I dont know how to correct.  

How to solve it/

Thank you very much.
0
Comment
Question by:yllee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 15

Accepted Solution

by:
samri earned 600 total points
ID: 7146810
Yllee,

Check your zone correctly your MX record seems to be pointing to mail.dbku.gov.my, buy I cannot locate any A record for that host.  Make sure you had a corresponding A record for mail.dbku.gov.my, and it should be in the 202.190.160 range.

see if that works.

cheers.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 7149105
If you are running a DNS server inide of a firewall and the inside hosts will be looking at that DNS, then you have to have split views of the namespace. One view, which is only used be outside hosts, maps names to outside IP's, the other view, which is only used by inside hosts maps those same names to inside IP's.

This is easily done with one named instance in Bind 9.x by using ACL's and views. For earlier versions you have to run two copies of bind each listening on a different IP. That of couse means that the inside DNS server needs to have an IP alias of a second NIC.
0
 

Author Comment

by:yllee
ID: 7434110
Thank you very much
0

Featured Post

Enroll in August's Course of the Month

August's CompTIA IT Fundamentals course includes 19 hours of basic computer principle modules and prepares you for the certification exam. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month7 days, 21 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question