• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1634
  • Last Modified:

need explanation of named.conf and named.rfc1912.zones

Hi, in my dns server under /var/named/chroot/etc/ there are 2 files

named.conf and named.rfc1912.zones.

Now i have create my own internal  zone which is example.local.zone and its located /var/named/chroot/var/named/

now my question is :
 if i insert zone information in named.conf file then all the internal pc can do dns query for internal network, but Dns server it slef is unable .[ host workshop - it wil fail]
if i delete example.local.zone from named.conf and i insert it to named.rfc1912.zone then dns server can query for internal network but internal pc is unable to query for any internal pc such as : host workshop  [ it will fail]

so for the solution , i have included example.local.zone information on both named.conf and named.rfc1912.zone file, so both server and client pc can query about internal network

but i am sure its not the way to work with!!
can any one point me out  on this issue ??
  • 7
  • 3
  • 2
2 Solutions
Google explains what RFC 1912 stands for.
Are you trying to have different results from inside your network and from outside ?
Thats called split horizon.  It can be done but avoid it unless you need it.
fosiul01Author Commented:
Thanks for the solution but did you realy read the  my question fully ?? or you just came conclustion from the header of my question ??
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

fosiul01Author Commented:
sorry my previous commensts was for : :gheist

hi edster99 : what happended , its nothing to do with external network

its internal and its server and client issue
let me explain more..
fosiul01Author Commented:
I have configured dns server before, but i never used named.rfc1912.zone file

everything i put in named.conf and it workes fine

but i am studying toward RHCE, so according to the book its there is 2 files, named.conf and named.rfc1912

now if i insert zone information in named.conf then all the client pc can do dns query for internal zone , but dnsserver itself cant

but if i insert the zone file in named.rfc1912.zone then dnserver it self can query for internal network but other pc in internal network unable to query!!!

hope it does make sense
You have to use different file for each zone. see www.isc.org for bind documentation.
fosiul01Author Commented:
i have only one zone which is : example.local.zone

and in named.conf  under  view internal section i have added this

zone "example.local" IN {
       type master;
       file "example.local.zone";
       allow-update { none; };

but prboelm is : internal pc would be able to query , such as
here bkworkshop is client and workshop is server

[root@bkworkshop var]# host workshop
workshop.example.local has address

but from the server :
[root@workshop etc]# host bkworkshop
Host bkworkshop not found: 3(NXDOMAIN)

the server goes to a dns server to get its info.

if you edit /etc/resolv.conf you can make it point to itself.

# Internal DNS

BUT - This will mean the server can not get access to anything else so if you needed to download files off the internet it would not be able to get there.

You might have to write protect this file to stop it switching back to the real one when you go online

chmod 400 /etc/resolv.conf

If all you are trying to do is give a name to two machines you are really going about it in a difficult way.
You could just add a couple of ines to /etc/hosts      workshop.example.local      bkworkshop.example.local
fosiul01Author Commented:
about this one : nameserver , i have added this entry to /etc/resolv.conf
but still no luck.

but it does not make sense off adding all the client pc in /etc/hosts file.

concept of dnserver and internal zone file so that if i have suppose 100 internal pc, i just need to create a zone file in dns server and have to add all the pc and iP in that zone files and other internal pc would be able to get all the information from the zone file is not it ??

the zone file i got which is this :
; example.local
$TTL    604800
@       IN      SOA     workshop.example.local. root.example.local. (
                     2006020201 ; Serial
                         604800 ; Refresh
                          86400 ; Retry
                        2419200 ; Expire
                         604800); Negative Cache TTL
@           IN      NS      workshop
            IN      MX      10 mail
            IN      A
workshop    IN      A
bkworkshop  IN      A
mail        IN      A ; We have our mail server somewhere else.
www         IN      A
If that doesn't work try the real ip of the server.
In the confi file for the DNS you specify which addresses to bind to (listen to)
if it is done on the servers IP address then it can ignore
you can set the bind address to be which means listen to everything.
fosiul01Author Commented:
bye "you can set the bind address to be which means listen to everything " did you mean  -> allow-query {  }

fosiul01Author Commented:
ok fixed it,

in localhost resolver section , i had to

match-clients           {localhost;; };
       match-destinations      { localhost;; };

then client and server every pc can see each other.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 7
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now