BlakeGriffin
asked on
Ubuntu DNS multiple subnets
I have configured an Ubuntu server to act as a DNS server. Everything works fine for the local subnet. Now I want other subnets to use this server as well for DNS. To get this to work, do I need to configure additional reverse lookup zones for these even though I dont need to resolve anything in these zones (just need to resolve public internet) or is there something else I need to do?
ASKER
Yes I am sure. I did your dig command and a dig without the @localhost and everything appeared to be find. In addition, I set another machine on the same subnet as DNS and used the DNS server IP for the DNS setting in the client machine. Am able to resolve and get to the internet. When I move to another subnet, resolving doesnt work. However, I know network connectivity is fine because i can ping and traceroute just fine to the DNS subnet. Here are the steps I used to config. Maybe I am missing something.
sudo vi /etc/bind/named.conf.local
# This is the zone definition. replace example.com with your domain name
zone “griffin.local” {
type master;
file “/etc/bind/zones/griffin.l ocal.db”;
};
# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone “202.168.192.in-addr.arpa” {
type master;
file “/etc/bind/zones/rev.202.1 68.192.in- addr.arpa” ;
};
__________________________ __________ __________ __________ __________ ________
sudo vi /etc/bind/named.conf.optio ns
forwarders {
# Replace the address below with the address of your provider’s DNS server
24.220.0.10;
24.220.0.11;
};
__________________________ __________ __________ __________ __________ __________
sudo mkdir /etc/bind/zones
sudo vi /etc/bind/zones/griffin.lo cal.db
// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
griffin.local. IN SOA ns1.griffin.local. admin.griffin.local. (
// Do not modify the following lines!
2007031001
28800
3600
604800
38400
)
// Replace the following line as necessary:
// ns1 = DNS Server name
// mail = mail server name
// example.com = domain name
griffin.local. IN NS ns1.griffin.local.
// Replace the IP address with the right IP addresses.
// www IN A 192.168.0.2
// mta IN A 192.168.0.3
ns1 IN A 192.168.202.100
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------
sudo vi /etc/bind/zones/rev.0.168. 192.in-add r.arpa
//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it’s 1, as my IP address is 192.168.0.1.
@ IN SOA ns1.griffin.local. admin.griffin.local. (
2007031001;
28800;
604800;
604800;
86400
)
IN NS ns1.griffin.local.
100 IN PTR griffin.local
-------------------------- ---------- ---------- ---------- ---------- ---------- ---------- -
Restart Bind server using the following command
//
sudo /etc/init.d/bind9 restart
Testing Your DNS Server
Modify the file resolv.conf with the following settings
sudo vi /etc/resolv.conf
Enter the following details save and exit the file
// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.
search griffin.local
nameserver 192.168.202.100
Test your DNS Using the following command
dig griffin.local
sudo vi /etc/bind/named.conf.local
# This is the zone definition. replace example.com with your domain name
zone “griffin.local” {
type master;
file “/etc/bind/zones/griffin.l
};
# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation - e.g my network address is 192.168.0
zone “202.168.192.in-addr.arpa”
type master;
file “/etc/bind/zones/rev.202.1
};
__________________________
sudo vi /etc/bind/named.conf.optio
forwarders {
# Replace the address below with the address of your provider’s DNS server
24.220.0.10;
24.220.0.11;
};
__________________________
sudo mkdir /etc/bind/zones
sudo vi /etc/bind/zones/griffin.lo
// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
griffin.local. IN SOA ns1.griffin.local. admin.griffin.local. (
// Do not modify the following lines!
2007031001
28800
3600
604800
38400
)
// Replace the following line as necessary:
// ns1 = DNS Server name
// mail = mail server name
// example.com = domain name
griffin.local. IN NS ns1.griffin.local.
// Replace the IP address with the right IP addresses.
// www IN A 192.168.0.2
// mta IN A 192.168.0.3
ns1 IN A 192.168.202.100
--------------------------
sudo vi /etc/bind/zones/rev.0.168.
//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it’s 1, as my IP address is 192.168.0.1.
@ IN SOA ns1.griffin.local. admin.griffin.local. (
2007031001;
28800;
604800;
604800;
86400
)
IN NS ns1.griffin.local.
100 IN PTR griffin.local
--------------------------
Restart Bind server using the following command
//
sudo /etc/init.d/bind9 restart
Testing Your DNS Server
Modify the file resolv.conf with the following settings
sudo vi /etc/resolv.conf
Enter the following details save and exit the file
// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.
search griffin.local
nameserver 192.168.202.100
Test your DNS Using the following command
dig griffin.local
192.168 ... address is the private address. Is this the address your host names resolve to?
What is the live IP public address that your DNS is resolving?
So you want the addresses to be resolved by any one in the WWW or just from other subnets within your internal network?
What is the live IP public address that your DNS is resolving?
So you want the addresses to be resolved by any one in the WWW or just from other subnets within your internal network?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Figured everything out. Needed to add acl "trusted { LIST }; to named.conf.local
Sorry, I thought that you were trying the world to see your DNS. You were trying to reach external DNS from your network.
Sorry about that confusion.
Glad you found it.
Sorry about that confusion.
Glad you found it.
ASKER
Found the answer prior to anyone else submitting appropriate answer.
First check it.
For example if you have mydomain.com
Issue the following command
dig @localhost mydomain.com
Once you are sure that all the domain names resolve correctly to the correct IP address, you have to see if you have domain registration?
DNS is a network of databases each serving some zones and then when the receive any query that they cannot answer, they forward the request to another server. So there should be some DNS that forwards request to your DNS that in turn would reply to the queries.
Details:
http://en.wikipedia.org/wiki/Domain_Name_System