We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now


Ubuntu DNS multiple subnets

BlakeGriffin asked
Medium Priority
Last Modified: 2012-05-11
I have configured an Ubuntu server to act as a DNS server.  Everything works fine for the local subnet.  Now I want other subnets to use this server as well for DNS.  To get this to work, do I need to configure additional reverse lookup zones for these  even though I dont need to resolve anything in these zones (just need to resolve public internet) or is there something else I need to do?
Watch Question


So you are sure that everything in the local DNS?

First check it.

For example if you have mydomain.com

Issue the following command

dig @localhost mydomain.com

Once you are sure that all the domain names resolve correctly to the correct IP address, you have to see if you have domain registration?

DNS is a network of databases each serving some zones and then when the receive any query that they cannot answer, they forward the request to another server.  So there should be some DNS that forwards request to your DNS that in turn would reply to the queries.



Yes I am sure.  I did your dig command and a dig without the @localhost and everything appeared to be find.  In addition, I set another machine on the same subnet as DNS and used the DNS server IP for the DNS setting in the client machine.  Am able to resolve and get to the internet.  When I move to another subnet, resolving doesnt work.  However, I know network connectivity is fine because i can ping and traceroute just fine to the DNS subnet.  Here are the steps I used to config.  Maybe I am missing something.

sudo vi /etc/bind/named.conf.local

# This is the zone definition. replace example.com with your domain name

zone “griffin.local” {
type master;
file “/etc/bind/zones/griffin.local.db”;

# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0

zone “202.168.192.in-addr.arpa” {
type master;
file “/etc/bind/zones/rev.202.168.192.in-addr.arpa”;


sudo vi /etc/bind/named.conf.options

forwarders {
# Replace the address below with the address of your provider’s DNS server;;


sudo mkdir /etc/bind/zones

sudo vi /etc/bind/zones/griffin.local.db

// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
griffin.local. IN SOA ns1.griffin.local. admin.griffin.local. (
// Do not modify the following lines!

// Replace the following line as necessary:
// ns1 = DNS Server name
// mail = mail server name
// example.com = domain name
griffin.local. IN NS ns1.griffin.local.

// Replace the IP address with the right IP addresses.
// www IN A
// mta IN A
ns1 IN A


sudo vi /etc/bind/zones/rev.0.168.192.in-addr.arpa

//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it’s 1, as my IP address is
@ IN SOA ns1.griffin.local. admin.griffin.local. (

IN NS ns1.griffin.local.
100 IN PTR griffin.local


Restart Bind server using the following command
sudo /etc/init.d/bind9 restart

Testing Your DNS Server

Modify the file resolv.conf with the following settings

sudo vi /etc/resolv.conf

Enter the following details save and exit the file

// replace example.com with your domain name, and with the address of your new DNS server.

search griffin.local

Test your DNS Using the following command

dig griffin.local

192.168 ... address is the private address.  Is this the address your host names resolve to?

What is the live IP public address that your DNS is resolving?

So you want the addresses to be resolved by any one in the WWW or just from other subnets within your internal network?
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview


Figured everything out.  Needed to add acl "trusted {  LIST }; to named.conf.local

Sorry, I thought that you were trying the world to see your DNS.  You were trying to reach external DNS from your network.

Sorry about that confusion.

Glad you found it.


Found the answer prior to anyone else submitting appropriate answer.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.