Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Domain names not resolving

Posted on 2007-03-20
2
Medium Priority
?
405 Views
Last Modified: 2010-05-18
I am running BIND on a newly installed Fedora core 6 server.  I'm not sure of the version of Bind but looking at the config files it accepts it's probably 4 something.

named loads and seems to run fine, it even says 39 zones:
 /etc/init.d/named status
number of zones: 39
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running

Here's the process:
 ps -ef|grep named
named     2428     1  0 02:38 ?        00:00:00 /usr/sbin/named -u named -c /etc/named.caching-nameserver.conf -t /var/named/chroot

cat /etc/named.caching-nameserver.conf
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
        listen-on port 53 { 127.0.0.1; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { localhost; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
view localhost_resolver {
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};


[root@kirkyonline ~]# cat "/etc/named.rfc1912.zones";
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
        type hint;
        file "named.ca";
};

zone "localdomain" IN {
        type master;
        file "localdomain.zone";
        allow-update { none; };
};

zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
        file "named.ip6.local";
        allow-update { none; };
};

zone "255.in-addr.arpa" IN {
        type master;
        file "named.broadcast";
        allow-update { none; };
};

zone "0.in-addr.arpa" IN {
        type master;
        file "named.zero";
        allow-update { none; };
};

zone "kirkyonline.com" {
        type master;
        file "kirkyonline.com";
};

zone "toptipper.com" {
        type master;
        file "toptipper.com";
};

zone "leaguetipping.com" {
        type master;
        file "leaguetipping.com";
};

zone "roosterstipping.com" {
        type master;
        file "roosterstipping.com";
};

zone "officetipping.com" {
        type master;
        file "officetipping.com";
};

zone "augustflorist.com" {
        type master;
        file "augustflorist.com";
};

zone "augustflorist.co.uk" {
        type master;
        file "augustflorist.co.uk";
};

zone "houseplantdoctor.com" {
        type master;
        file "houseplantdoctor.com";
};

zone "resultsinsport.com" {
        type master;
        file "resultsinsport.com";
};

zone "sportspunter.com" {
        type master;
        file "sportspunter.com";
};

zone "asianhandicapodds.com" {
        type master;
        file "asianhandicapodds.com";
};

zone "melbournecupbetting.net" {
        type master;
        file "melbournecupbetting.net";
};

zone "sportspunter.com.au" {
        type master;
        file "sportspunter.com.au";
};

zone "netnaturopath.com" {
        type master;
        file "netnaturopath.com";
};

zone "tennisbettingodds.net" {
        type master;
        file "tennisbettingodds.net";
};

zone "rugbybettingodds.net" {
        type master;
        file "rugbybettingodds.net";
};

zone "nflbettingodds.net" {
        type master;
        file "nflbettingodds.net";
};

zone "cricketbettingodds.net" {
        type master;
        file "cricketbettingodds.net";
};
zone "nhlbettingodds.net" {
        type master;
        file "nhlbettingodds.net";
};
zone "nbabettingodds.net" {
        type master;
        file "nbabettingodds.net";
};
zone "gocasinogambling.co.uk" {
        type master;
        file "gocasinogambling.co.uk";
};


zone "eurosoccerbetting.net" {
        type master;
        file "eurosoccerbetting.net";
};

zone "frenchsoccerbetting.net" {
        type master;
        file "frenchsoccerbetting.net";
};

zone "germansoccerbetting.net" {
        type master;
        file "germansoccerbetting.net";
};

zone "italiansoccerbetting.net" {
        type master;
        file "italiansoccerbetting.net";
};

zone "spanishsoccerbetting.net" {
        type master;
        file "spanishsoccerbetting.net";
};

zone "englishsoccerbetting.net" {
        type master;
        file "englishsoccerbetting.net";
};


zone "pickswarehouse.com" {
        type master;
        file "pickswarehouse.com";
};


zone "comparejackpots.com" {
        type master;
        file "comparejackpots.com";
};


zone "scottishsoccerbetting.net" {
        type master;
        file "scottishsoccerbetting.net";
};

zone "rleaguebetting.com" {
        type master;
        file "rleaguebetting.com";
};

zone "sydneyfctipping.com" {
        type master;
        file "sydneyfctipping.com";
};

zone "goalservebetting.com" {
        type master;
        file "goalservebetting.com";
};

one of the many zone files:

 cat /var/named/chroot/var/named/kirkyonline.com
;
; Zone file for kirkyonline.com
;

$TTL 3D
@       IN      SOA     ns0.kirkyonline.com. dkirk.bigpond.net.au. (
                        2007032004
                        8H
                        2H
                        4W
                        1D )
;
                NS      ns0.kirkyonline.com. ; Inet Address of name server
                NS      ns1.kirkyonline.com. ; Inet Address of name server
                MX      10 mail.kirkyonline.com. ; Primary Mail Exchanger
;
localhost       A       207.228.252.47
ns0             A       207.228.252.47
ns1             A       207.228.252.194
www             A       207.228.252.47
mail            A       207.228.252.47

An example domain name is www.kirkyonline.com
which has name servers ns0.kirkyonline.com and ns1.kirkyonline.com

and another example:

 cat /var/named/chroot/var/named/sportspunter.com
;
; Zone file for sportspunter.com
;
$TTL 3D
@       IN      SOA     ns0.kirkyonline.com. webmaster@kirkyonline.com. (
                        20030128
                        8H
                        2H
                        4W
                        1D )
;
                NS      ns0.kirkyonline.com. ; Inet Address of name server
                NS      ns1.kirkyonline.com. ; Inet Address of name server
                MX      10 mail.sportspunter.com. ; Primary Mail Exchanger
;
localhost       A       207.228.252.47
ns0             A       207.228.252.47
ns1             A       207.228.252.194
www             A       207.228.252.47
xml             A       207.228.252.8
arbs            A       207.228.252.8
bettingbox      A       207.228.252.8
@               A       207.228.252.47
afl             A       207.228.252.47
nrl             A       207.228.252.47
soccer          A       207.228.252.47
football        A       207.228.252.47
nfl             A       207.228.252.47
nbl             A       207.228.252.47
rugby           A       207.228.252.47
seriea          A       207.228.252.47
super12         A       207.228.252.47
cricket         A       207.228.252.47
premierleague   A       207.228.252.47
championsleague A       207.228.252.47
facup           A       207.228.252.47
nsl             A       207.228.252.47
bundesliga      A       207.228.252.47
germansoccer    A       207.228.252.47
germanfootball  A       207.228.252.47
italiansoccer   A       207.228.252.47
italianfootball A       207.228.252.47
englishsoccer   A       207.228.252.47
englishfootball A       207.228.252.47
scottishsoccer  A       207.228.252.47
spanishsoccer   A       207.228.252.47
spanishfootball A       207.228.252.47
laliga          A       207.228.252.47
sportsbetting   A       207.228.252.47
betting         A       207.228.252.47
bet             A       207.228.252.47
sport           A       207.228.252.47
sports          A       207.228.252.47
sportbetting    A       207.228.252.47
footballbetting A       207.228.252.47
aflbetting      A       207.228.252.47
soccerbetting   A       207.228.252.47
nrlbetting      A       207.228.252.47
mail            A       207.228.252.47

 cat /etc/resolv.conf
nameserver 207.228.226.50
nameserver 207.228.225.50

i've tried with and without a firewall, when the firewall is active:
 cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

Do you know why nothing is resolving?

thanks
0
Comment
Question by:danielkirk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
suggestionstick earned 1500 total points
ID: 18776669
Hi

Just did a brief skim of your setup, so I might have missed some points.
I am assuming that this name server is public facing.
I am assuming that you are actually running version 9.3.4

In your named.conf your are listening on ip address 127.0.0.1 (locahost)

try listen-on {
                  127.0.0.1;        
                  external ip address of server;  
                  };  

also change the following statement.

allow-query { any; };
this allows everybody to query your DNS server, previously on your DNS server could query itself.

also your firewall needs to be opened for port 53  inbound

assuming that this is a none recursive name server (it only allows queries for domains hosted on server) you might want to add the following statement.

allow-recursion {  none; };

might also need the following statement if you don't have a secondary dns Server
allow-transfer {none;};

trev
 




0
 

Author Comment

by:danielkirk
ID: 18776694
This is now fixed.

the problem was the "view".  Anything that doesn't match a view gets rejected.

All of trev's points were also valid.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
Resolve DNS query failed errors for Exchange
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question