Solved

Domain names not resolving

Posted on 2007-03-20
2
377 Views
Last Modified: 2010-05-18
I am running BIND on a newly installed Fedora core 6 server.  I'm not sure of the version of Bind but looking at the config files it accepts it's probably 4 something.

named loads and seems to run fine, it even says 39 zones:
 /etc/init.d/named status
number of zones: 39
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running

Here's the process:
 ps -ef|grep named
named     2428     1  0 02:38 ?        00:00:00 /usr/sbin/named -u named -c /etc/named.caching-nameserver.conf -t /var/named/chroot

cat /etc/named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { localhost; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};


[root@kirkyonline ~]# cat "/etc/named.rfc1912.zones";
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "kirkyonline.com" {
        type master;
        file "kirkyonline.com";
};

zone "toptipper.com" {
        type master;
        file "toptipper.com";
};

zone "leaguetipping.com" {
        type master;
        file "leaguetipping.com";
};

zone "roosterstipping.com" {
        type master;
        file "roosterstipping.com";
};

zone "officetipping.com" {
        type master;
        file "officetipping.com";
};

zone "augustflorist.com" {
        type master;
        file "augustflorist.com";
};

zone "augustflorist.co.uk" {
        type master;
        file "augustflorist.co.uk";
};

zone "houseplantdoctor.com" {
        type master;
        file "houseplantdoctor.com";
};

zone "resultsinsport.com" {
        type master;
        file "resultsinsport.com";
};

zone "sportspunter.com" {
        type master;
        file "sportspunter.com";
};

zone "asianhandicapodds.com" {
        type master;
        file "asianhandicapodds.com";
};

zone "melbournecupbetting.net" {
        type master;
        file "melbournecupbetting.net";
};

zone "sportspunter.com.au" {
        type master;
        file "sportspunter.com.au";
};

zone "netnaturopath.com" {
        type master;
        file "netnaturopath.com";
};

zone "tennisbettingodds.net" {
        type master;
        file "tennisbettingodds.net";
};

zone "rugbybettingodds.net" {
        type master;
        file "rugbybettingodds.net";
};

zone "nflbettingodds.net" {
        type master;
        file "nflbettingodds.net";
};

zone "cricketbettingodds.net" {
        type master;
        file "cricketbettingodds.net";
};
zone "nhlbettingodds.net" {
        type master;
        file "nhlbettingodds.net";
};
zone "nbabettingodds.net" {
        type master;
        file "nbabettingodds.net";
};
zone "gocasinogambling.co.uk" {
        type master;
        file "gocasinogambling.co.uk";
};


zone "eurosoccerbetting.net" {
        type master;
        file "eurosoccerbetting.net";
};

zone "frenchsoccerbetting.net" {
        type master;
        file "frenchsoccerbetting.net";
};

zone "germansoccerbetting.net" {
        type master;
        file "germansoccerbetting.net";
};

zone "italiansoccerbetting.net" {
        type master;
        file "italiansoccerbetting.net";
};

zone "spanishsoccerbetting.net" {
        type master;
        file "spanishsoccerbetting.net";
};

zone "englishsoccerbetting.net" {
        type master;
        file "englishsoccerbetting.net";
};


zone "pickswarehouse.com" {
        type master;
        file "pickswarehouse.com";
};


zone "comparejackpots.com" {
        type master;
        file "comparejackpots.com";
};


zone "scottishsoccerbetting.net" {
        type master;
        file "scottishsoccerbetting.net";
};

zone "rleaguebetting.com" {
        type master;
        file "rleaguebetting.com";
};

zone "sydneyfctipping.com" {
        type master;
        file "sydneyfctipping.com";
};

zone "goalservebetting.com" {
        type master;
        file "goalservebetting.com";
};

one of the many zone files:

 cat /var/named/chroot/var/named/kirkyonline.com
;
; Zone file for kirkyonline.com
;

$TTL 3D
@       IN      SOA     ns0.kirkyonline.com. dkirk.bigpond.net.au. (
                        2007032004
                        8H
                        2H
                        4W
                        1D )
;
                NS      ns0.kirkyonline.com. ; Inet Address of name server
                NS      ns1.kirkyonline.com. ; Inet Address of name server
                MX      10 mail.kirkyonline.com. ; Primary Mail Exchanger
;
localhost       A       207.228.252.47
ns0             A       207.228.252.47
ns1             A       207.228.252.194
www             A       207.228.252.47
mail            A       207.228.252.47

An example domain name is www.kirkyonline.com
which has name servers ns0.kirkyonline.com and ns1.kirkyonline.com

and another example:

 cat /var/named/chroot/var/named/sportspunter.com
;
; Zone file for sportspunter.com
;
$TTL 3D
@       IN      SOA     ns0.kirkyonline.com. webmaster@kirkyonline.com. (
                        20030128
                        8H
                        2H
                        4W
                        1D )
;
                NS      ns0.kirkyonline.com. ; Inet Address of name server
                NS      ns1.kirkyonline.com. ; Inet Address of name server
                MX      10 mail.sportspunter.com. ; Primary Mail Exchanger
;
localhost       A       207.228.252.47
ns0             A       207.228.252.47
ns1             A       207.228.252.194
www             A       207.228.252.47
xml             A       207.228.252.8
arbs            A       207.228.252.8
bettingbox      A       207.228.252.8
@               A       207.228.252.47
afl             A       207.228.252.47
nrl             A       207.228.252.47
soccer          A       207.228.252.47
football        A       207.228.252.47
nfl             A       207.228.252.47
nbl             A       207.228.252.47
rugby           A       207.228.252.47
seriea          A       207.228.252.47
super12         A       207.228.252.47
cricket         A       207.228.252.47
premierleague   A       207.228.252.47
championsleague A       207.228.252.47
facup           A       207.228.252.47
nsl             A       207.228.252.47
bundesliga      A       207.228.252.47
germansoccer    A       207.228.252.47
germanfootball  A       207.228.252.47
italiansoccer   A       207.228.252.47
italianfootball A       207.228.252.47
englishsoccer   A       207.228.252.47
englishfootball A       207.228.252.47
scottishsoccer  A       207.228.252.47
spanishsoccer   A       207.228.252.47
spanishfootball A       207.228.252.47
laliga          A       207.228.252.47
sportsbetting   A       207.228.252.47
betting         A       207.228.252.47
bet             A       207.228.252.47
sport           A       207.228.252.47
sports          A       207.228.252.47
sportbetting    A       207.228.252.47
footballbetting A       207.228.252.47
aflbetting      A       207.228.252.47
soccerbetting   A       207.228.252.47
nrlbetting      A       207.228.252.47
mail            A       207.228.252.47

 cat /etc/resolv.conf
nameserver 207.228.226.50
nameserver 207.228.225.50

i've tried with and without a firewall, when the firewall is active:
 cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

Do you know why nothing is resolving?

thanks
0
Comment
Question by:danielkirk
2 Comments
 
LVL 5

Accepted Solution

by:
suggestionstick earned 500 total points
ID: 18776669
Hi

Just did a brief skim of your setup, so I might have missed some points.
I am assuming that this name server is public facing.
I am assuming that you are actually running version 9.3.4

In your named.conf your are listening on ip address 127.0.0.1 (locahost)

try listen-on {
                  127.0.0.1;        
                  external ip address of server;  
                  };  

also change the following statement.

allow-query { any; };
this allows everybody to query your DNS server, previously on your DNS server could query itself.

also your firewall needs to be opened for port 53  inbound

assuming that this is a none recursive name server (it only allows queries for domains hosted on server) you might want to add the following statement.

allow-recursion {  none; };

might also need the following statement if you don't have a secondary dns Server
allow-transfer {none;};

trev
 




0
 

Author Comment

by:danielkirk
ID: 18776694
This is now fixed.

the problem was the "view".  Anything that doesn't match a view gets rejected.

All of trev's points were also valid.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
Resolve DNS query failed errors for Exchange
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question