April 30, 2007 · Server · Email This Post

Sponsored Link
DNS Stands for Domain Name Service.On the Internet, the Domain Name Service (DNS) stores and associates many types of information with domain names; most importantly, it translates domain names (computer hostnames) to IP addresses. It also lists mail exchange servers accepting e-mail for each domain.

Introduction

BIND (Berkeley Internet Name Domain) is an open reference implementation of the Domain Name System (DNS) protocol and provides a redistributable implementation of the major components of the Domain Name System.

a name server (named)

a resolver library

troubleshooting tools like nslookup and dig

The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization's naming architecture can be built. The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service.

Firewall Config

Bind listens on port 53 UDP and TCP. TCP is normally only used during zone transfers so it would appear that you could filter it if you have no slaves. However If the response to a query is greater than 1024 bytes, the server sends a partial response, and client and server will try to redo the transaction with TCP.

Responses that big do not happen often, but they happen. And people do quite often block 53/tcp without their world coming to an end. But this is where one usually inserts the story about the Great DNS Meltdown when more root servers were added. This made queries for the root list greater than 1024 and the whole DNS system started to break down from people violating the DNS spec (RFC1035) and blocking TCP.

Differences in BIND8 and BIND9

Apart from being multi-threaded, and a complete code rewrite -- which should provide better stability and security in the long term, there are other differences

If there is a syntax error in named.conf, BIND9 will log errors and not reload the named server. BIND8 will log errors and the daemon will die!

Extensive support of TSIGs (shared keys) for access control, for example, "update-policy" can be used for fine grained access control of dynamic updates.

The tool for starting/stopping/reloading etc., rndc is different from the v8 ndc -- different communications, authentication and features.

Syntax in zone files is more rigorously checked (e.g. a TTL line must exist)

In named.conf

v8 options ‘check-names' and ‘statistics-interval' are not yet implemented in V9.

the default for the option ‘auth-nxdomain' is now ‘no', if you don't set this manually, BIND 9 logs a corresponding message on startup.

The root server list, often called named.root or root.hints in BIND8 is not necessary in BIND 9, as it is included within the server.

Installing Bind in Ubuntu

sudo apt-get install bind9 dnsutils

This will install all the required packages for bind9

Configuring Bind

If you install Bind from the source code, you will have to edit the file named.conf. However, Ubuntu provides you with a pre-configured Bind, so we will edit named.conf.local file

sudo vi /etc/bind/named.conf.local

This is where we will insert our zones.If you want to know what is zone in DNs check this

DNS zone is a portion of the global DNS namespace. This namespace is defined by RFC 1034, "Domain Names -- Concepts and Facilities" and RFC 1035, ""Domain Names -- Implementation and Specification", and is laid out in a tree structure from right to left, such that divisions of the namespace are performed by prepending a series of characters followed by period (‘.'), to the upper namespace

You need to add the following lines in named.conf.local file

# This is the zone definition. replace example.com with your domain name

zone "example.com" {
type master;
file "/etc/bind/zones/example.com.db";
};

# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation -- e.g my network address is 192.168.0

zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};

Now you need to edit the options file

sudo vi /etc/bind/named.conf.options

We need to modify the forwarder. This is the DNS server to which your own DNS will forward the requests he cannot process.

forwarders {
# Replace the address below with the address of your provider's DNS server
123.123.123.123;
};

add the zone definition files (replace example.com with your domain name

sudo mkdir /etc/bind/zones

sudo vi /etc/bind/zones/example.com.db

The zone definition file is where we will put all the addresses / machine names that our DNS server will know.Example zone file as follows

// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
example.com. IN SOA ns1.example.com. admin.example.com. (
// Do not modify the following lines!
2007031001
28800
3600
604800
38400
)

// Replace the following line as necessary:
// ns1 = DNS Server name
// mail = mail server name
// example.com = domain name
example.com. IN NS ns1.example.com.
example.com. IN MX 10 mail.example.com.

// Replace the IP address with the right IP addresses.
www IN A 192.168.0.2
mta IN A 192.168.0.3
ns1 IN A 192.168.0.1

Create Reverse DNS Zone file

A normal DNS query would be of the form ‘what is the IP of host=www in domain=mydomain.com'. There are times however when we want to be able to find out the name of the host whose IP address = x.x.x.x. Sometimes this is required for diagnostic purposes more frequently these days it is used for security purposes to trace a hacker or spammer, indeed many modern mailing systems use reverse mapping to provide simple authentication using dual look-up, IP to name and name to IP.

In order to perform Reverse Mapping and to support normal recursive and Iterative (non-recursive) queries the DNS designers defined a special (reserved) Domain Name called IN-ADDR.ARPA. This domain allows for all supported Internet IPv4 addresses (and now IPv6).

sudo vi /etc/bind/zones/rev.0.168.192.in-addr.arpa

copy and paste the following sample file

//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it's 1, as my IP address is 192.168.0.1.
@ IN SOA ns1.example.com. admin.example.com. (
2007031001;
28800;
604800;
604800;
86400
)

IN NS ns1.example.com.
1 IN PTR example.com

Restart Bind server using the following command

sudo /etc/init.d/bind9 restart

Testing Your DNS Server

Modify the file resolv.conf with the following settings

sudo vi /etc/resolv.conf

Enter the following details save and exit the file

// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.

search example.com
nameserver 192.168.0.1

Test your DNS Using the following command

dig example.com

 

Incoming search terms:

Related posts

94 Comments to “DNS server Setup using bind in Ubuntu”

  1. Dan says:

    Gulab,

    If you read the syslog output you posted, you’ll see what the problem is…
    It doesn’t look like you’re starting the daemon as root.

    [Reply]

  2. Gulab Pasha says:

    Hi,

    As you can see, I’m starting daemon as root only but still I’m getting the same error.

    Command executed as root find below.

    root@sfdlabs:~# sudo /etc/init.d/bind9 restart
    * Stopping domain name service… bind9
    rndc: connect failed: 127.0.0.1#953: connection refused
    …done.
    * Starting domain name service… bind9
    …fail!

    Error Log from syslog file.

    root@sfdlabs:~# cat /var/log/syslog | grep named
    May 5 10:14:11 sfdlabs named[21350]: starting BIND 9.6.1-P2 -u bind -t /var/lib/named
    May 5 10:14:11 sfdlabs named[21350]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6′ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2′ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’ ‘CXXFLAGS=-g -O2′ ‘FFLAGS=-g -O2′
    May 5 10:14:11 sfdlabs named[21350]: adjusted limit on open files from 1024 to 1048576
    May 5 10:14:11 sfdlabs named[21350]: found 4 CPUs, using 4 worker threads
    May 5 10:14:11 sfdlabs named[21350]: using up to 4096 sockets
    May 5 10:14:11 sfdlabs named[21350]: loading configuration from ‘/etc/bind/named.conf’
    May 5 10:14:11 sfdlabs named[21350]: none:0: open: /etc/bind/named.conf: permission denied
    May 5 10:14:11 sfdlabs named[21350]: loading configuration: permission denied
    May 5 10:14:11 sfdlabs named[21350]: exiting (due to fatal error)
    May 5 10:14:11 sfdlabs kernel: [1619942.294274] type=1503 audit(1273034651.145:42): operation=”open” pid=21354 parent=21349 profile=”/usr/sbin/named” requested_mask=”r::” denied_mask=”r::” fsuid=107 ouid=107 name=”/var/lib/named/etc/bind/named.conf”

    Looking forward your support,

    Thanks,
    Gulab Pasha

    [Reply]

  3. Dan says:

    Gulab,

    Your daemon is recieving a permission denied, which tells me one of two things.
    1) sudo is not working correctly… which you can try just being root and starting it instead of going through sudo.
    2) ls -alh /etc/bind/named.conf (so you can see what the permissions are on the file, to see why the daemon is having problems accessing it.)

    I don’t mean come back and paste your results, but I’m pointing you in the right direction to solve it.

    [Reply]

  4. Gulab Pasha says:

    Hi,

    I tried starting the daemon just being root and i receive the same and my file permissions of /etc/bind/named.conf is (-rw-r–r–)

    As i’m new to dns service, do am i making some mistake.

    Looking forward to your support.

    Thanks,
    Gulab Pasha

    [Reply]

  5. Runey says:

    i get the exact same problem as Gulab,
    except mine is [ok] then [fail]
    connection refused for 127.0.0.1
    something’s wrong with this walk through.

    [Reply]

  6. Dan says:

    These problems that are being had have nothing to do with anything in this configuration. Troubleshooting the problem you guys are having remotely would be like playing chess over snail mail.

    Here are the steps I would take:
    1) /etc/init.d/named stop
    2) assess that it shutdown: netstat -plan | grep “:53 “, if you see something running then it didn’t stop.
    3) If it stopped fine, then assess this documentation again.

    Steps in this documentation in a nutshell (a stepping stone to troubleshoot)
    a) Before anything, create your zone definition file directory, and add the
    zone definitions.
    As root, type:
    mkdir /etc/bind/zones
    vi /etc/bind/zones/example.com.db
    Add the following, changing example.com to YOUR domain:

    // replace example.com with your domain name. do not forget the . after the domain name!
    // Also, replace ns1 with the name of your DNS server
    example.com. IN SOA ns1.example.com. admin.example.com. (
    // Do not modify the following lines!
    2007031001
    28800
    3600
    604800
    38400
    )

    // Replace the following line as necessary:
    // ns1 = DNS Server name
    // mail = mail server name
    // example.com = domain name
    example.com. IN NS ns1.example.com.
    example.com. IN MX 10 mail.example.com.

    // Replace the IP address with the right IP addresses.
    www IN A 192.168.0.2
    mta IN A 192.168.0.3
    ns1 IN A 192.168.0.1

    b) As root, edit /etc/bind/named.conf.local
    a zone definition should be there for your domain.
    Example:
    zone “example.com” {
    type master;
    file “/etc/bind/zones/example.com.db”; <– This is the file containing the zone info
    };

    Also, an ARPA configuration in that file for your subnet.
    Example for a 192.168.0.x network:
    zone “0.168.192.in-addr.arpa” {
    type master;
    file “/etc/bind/zones/rev.0.168.192.in-addr.arpa”;
    };

    c) As root, edit /etc/bind/named.conf.options
    A forwarder DNS can be entered here that would be your upstream provider.
    In other words, your net provider's dns IP
    Example of entry:
    forwarders {
    # Replace the address below with the address of your provider’s DNS server
    123.123.123.123;
    };

    That sums up the major changes.
    This was a rewrite of exactly what was typed above… as you can see, no file permissions
    were changed, so troubleshooting the application itself is necessary.
    My recommendation is to have two terms up and type "tail -f /var/log/messages" and in the other
    term, stopping, then starting bind9. Not restart, but stop, then start.

    [Reply]

  7. Gulab Pasha says:

    Hi Dan,

    After following the above procedure, now I’m getting this error.
    tail -f /var/log/messages

    May 11 10:30:35 sfdlabs kernel: [2139326.806883] type=1503 audit(1273554035.659:194): operation=”open” pid=7575 parent=7570 profile=”/usr/sbin/named” requested_mask=”::r” denied_mask=”::r” fsuid=107 ouid=0 name=”/var/lib/named/etc/bind/named.conf”
    May 11 10:30:38 sfdlabs kernel: [2139329.617311] type=1503 audit(1273554038.469:195): operation=”open” pid=7619 parent=7614 profile=”/usr/sbin/named” requested_mask=”::r” denied_mask=”::r” fsuid=107 ouid=0 name=”/var/lib/named/etc/bind/named.conf”

    #cat /var/log/syslog | grep named

    May 11 10:35:30 sfdlabs named[8519]: starting BIND 9.6.1-P2 -u bind -t /var/lib/named
    May 11 10:35:30 sfdlabs named[8519]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6′ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2′ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’ ‘CXXFLAGS=-g -O2′ ‘FFLAGS=-g -O2′
    May 11 10:35:30 sfdlabs named[8519]: adjusted limit on open files from 1024 to 1048576
    May 11 10:35:30 sfdlabs named[8519]: found 4 CPUs, using 4 worker threads
    May 11 10:35:30 sfdlabs named[8519]: using up to 4096 sockets
    May 11 10:35:30 sfdlabs named[8519]: loading configuration from ‘/etc/bind/named.conf’
    May 11 10:35:30 sfdlabs named[8519]: none:0: open: /etc/bind/named.conf: permission denied
    May 11 10:35:30 sfdlabs named[8519]: loading configuration: permission denied
    May 11 10:35:30 sfdlabs named[8519]: exiting (due to fatal error)
    May 11 10:35:30 sfdlabs kernel: [2139621.228332] type=1503 audit(1273554330.075:196): operation=”open” pid=8524 parent=8518 profile=”/usr/sbin/named” requested_mask=”::r” denied_mask=”::r” fsuid=107 ouid=0 name=”/var/lib/named/etc/bind/named.conf”

    Looking forward to your support.

    Thanks,
    Gulab Pasha

    [Reply]

  8. Dan says:

    Just looking at all of the permissions issues of reading a file which is set to read by root, it might be an selinux thing.
    Does Ubuntu use selinux?

    [Reply]

  9. Gulab Pasha says:

    Hi Dan,

    I’m not running selinux in my linux box, still i’m getting the error.

    you want me to install selinux and disable the settings.

    Thanks,
    Gulab Pasha

    [Reply]

  10. Robbie says:

    That’s AppArmor. Try stopping it (/etc/init.d/apparmor stop) and then try starting/stopping bind and see if it cooperates.

    If it works, you have two options: disable AppArmor completely or configure it to play nice with Bind.

    [Reply]

  11. Gulab Pasha says:

    Hi Robbie,

    Now i’m getting some other error messages, Please find below.

    root@sfdlabs:~# /etc/init.d/bind9 start
    * Starting domain name service… bind9
    …done.
    root@sfdlabs:~# /etc/init.d/bind9 restart
    * Stopping domain name service… bind9
    rndc: connection to remote host closed
    This may indicate that
    * the remote server is using an older version of the command protocol,
    * this host is not authorized to connect,
    * the clocks are not synchronized, or
    * the key is invalid.
    …done.
    * Starting domain name service… bind9
    …fail!

    Syslog Error messages.

    May 13 11:47:12 sfdlabs named[2358]: starting BIND 9.7.0-P1 -u bind
    May 13 11:47:12 sfdlabs named[2358]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6′ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2′ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’
    May 13 11:47:12 sfdlabs named[2358]: adjusted limit on open files from 1024 to 1048576
    May 13 11:47:12 sfdlabs named[2358]: found 4 CPUs, using 4 worker threads
    May 13 11:47:12 sfdlabs named[2358]: using up to 4096 sockets
    May 13 11:47:12 sfdlabs named[2358]: loading configuration from ‘/etc/bind/named.conf’
    May 13 11:47:12 sfdlabs named[2358]: /etc/bind/named.conf.local:13: expected quoted string near ‘“’
    May 13 11:47:12 sfdlabs named[2358]: loading configuration: unexpected token
    May 13 11:47:12 sfdlabs named[2358]: exiting (due to fatal error)

    Looking forward to your support.

    Thanks,
    Gulab Pasha

    [Reply]

  12. Mohamed says:

    root@moha-laptop:/home/moha# cat /var/log/syslog | grep named

    Jun 11 03:45:34 moha-laptop named[11522]: received control channel command ‘stop -p’
    Jun 11 03:45:34 moha-laptop named[11522]: shutting down: flushing changes
    Jun 11 03:45:34 moha-laptop named[11522]: stopping command channel on 127.0.0.1#953
    Jun 11 03:45:34 moha-laptop named[11522]: stopping command channel on ::1#953
    Jun 11 03:45:34 moha-laptop named[11522]: no longer listening on ::#53
    Jun 11 03:45:34 moha-laptop named[11522]: no longer listening on 127.0.0.1#53
    Jun 11 03:45:34 moha-laptop named[11522]: no longer listening on 41.92.5.110#53
    Jun 11 03:45:34 moha-laptop named[11522]: exiting
    Jun 11 03:45:34 moha-laptop named[12849]: starting BIND 9.5.1-P2.1 -u bind
    Jun 11 03:45:34 moha-laptop named[12849]: found 2 CPUs, using 2 worker threads
    Jun 11 03:45:34 moha-laptop named[12849]: using up to 4096 sockets
    Jun 11 03:45:34 moha-laptop named[12849]: loading configuration from ‘/etc/bind/named.conf’
    Jun 11 03:45:34 moha-laptop named[12849]: /etc/bind/named.conf.options:21: unknown option ‘forwarders’

    [Reply]

  13. Anderson Dias says:

    I’m having the some problem it’s related in here.

    What can I do beyond to related in here?

    Thanks.

    [Reply]

  14. Dan says:

    Mohamed,
    Make sure your ‘forwarders’ section is contained WITHIN the options section. Example:
    options {


    forwarders {
    1.2.3.4
    2.3.4.5
    };
    };

    [Reply]

  15. Kelso says:

    Got into a little friendly argument.. is DNS domain name SERVERS or SERVICE?

    Thanks

    [Reply]

  16. dan says:

    the acronym stands for domain name service. though i can understand how someone could call it domain name server accidentally since most times dns is on its own solitary hardware.

    think of it this way, it’d be redundant to call it a dns server if it was domain name server.

    [Reply]

  17. Kelso says:

    Ok thanks that makes sense

    [Reply]

  18. Grace Rodriguez says:

    Hi,

    I’m trying to implement DNSSEC in my DNS server, but it doesn’t work. I’ll paste the configuration I have, please tell me if it’s wrong.

    In the file: /etc/bind/named.conf.options:

    options {
    directory “/var/cache/bind”;

    // If there is a firewall between you and nameservers you want
    // to talk to, you may need to fix the firewall to allow multiple
    // ports to talk. See http://www.kb.cert.org/vuls/id/800113

    // If your ISP provided one or more IP addresses for stable
    // nameservers, you probably want to use them as forwarders.
    // Uncomment the following block, and insert the addresses replacing
    // the all-0’s placeholder.

    // forwarders {
    // 0.0.0.0;
    // };

    recursion yes;

    auth-nxdomain no; # conform to RFC1035
    listen-on-v6 { any; };

    dnssec-enable yes;
    dnssec-validation yes;
    };

    managed-keys {
    “.” 257 3 8 ”
    AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
    FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
    bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
    X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
    W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
    Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
    QxA+Uk1ihz0= “;
    };

    Thank you,

    Grace Rodriguez

    [Reply]

  19. Captainawol says:

    I just wanted to throw in an FYI here for anyone who is having the same error that Gulab Pasha was having when trying to start bind9 after following this how to. If you are seeing
    /etc/bind/named.conf.local:13: expected quoted string near ‘“’
    in your /var/log/syslog file, and you copied and pasted from this tutorial, it is because the quotation marks in the copy and pasted text are not ascii standard, replace them in vi by typing them in yourself and it works like a charm.
    Thanks for a great how to

    [Reply]

  20. Scott Berry says:

    I have looked this over several times and I have went through the named.conf.local and I am still confused as to what’s happening here.

    This is the syslog entries:

    root@pilotalk:/etc/bind# tail -f /var/log/syslog
    Dec 10 16:15:33 pilotalk named[1952]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6′ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2′ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’
    Dec 10 16:15:33 pilotalk named[1952]: adjusted limit on open files from 1024 to 1048576
    Dec 10 16:15:33 pilotalk named[1952]: found 1 CPU, using 1 worker thread
    Dec 10 16:15:33 pilotalk named[1952]: using up to 4096 sockets
    Dec 10 16:15:33 pilotalk named[1952]: loading configuration from ‘/etc/bind/named.conf’
    Dec 10 16:15:33 pilotalk named[1952]: /etc/bind/named.conf.local:12: expected quoted string near ‘“’
    Dec 10 16:15:33 pilotalk named[1952]: loading configuration: unexpected token
    Dec 10 16:15:33 pilotalk named[1952]: exiting (due to fatal error)

    [Reply]

  21. David says:

    I’ve discovered a Forwarding DNS Server on my network that looks misconfigured but still active.

    How do I go about permanently disabling it?

    Linux oscar.icovfx.local 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:24:04 UTC 2010 i686 GNU/Linux

    [Reply]

  22. ilya says:

    i have siemens router connect to my virtual mashine
    when i installed ubuntu server its automatic create in /etc/resolv.conf nameserver and domain of my router.1 set static ip in /etc/network.interfaces
    2.after installation you need change parameters in /etc/hosts an /etc/resolv + set permissions to bind directory which contained conf files of master zones

    [Reply]

  23. alpanda says:

    how to build DNS and Web Mail Server?

    thanks…

    [Reply]

  24. jkio says:

    when i restarted bind9 i have this mess:
    jkio@ubuntu:~$ sudo /etc/init.d/bind9 restart
    * Stopping domain name service… bind9 rndc: connect failed: 127.0.0.1#953: connection refused
    [ OK ]
    * Starting domain name service… bind9
    and when i had tried to change resolv.conf with my own dns server like that:
    search jkioinfract.com
    nameserver 192.168.1.41 (this is my ip address support by dhcp)
    but i cannot connect to internet, when i tried command: dig jkioinfract.com, i got this mess:”; <> DiG 9.7.1-P2 <> jkioinfract.com
    ;; global options: +cmd
    ;; connection timed out; no servers could be reached “. So what’s the problem? and what can i do now? thanks

    [Reply]

  25. nocaic says:

    congrats for the absolutely awsum cp+pst post folks

    [Reply]

  26. Rob says:

    Hey guys, just chanced over this, all I can say is DNS is far too precious to try and copy stuff from a tutorial like this and expect to get running, I recommend DNS & BIND by o’reilly and dedication of a good few weeks to properly understand the subject, which once you do grasp is pretty straight forward but very difficult I would say to do a generic demonstration for. Best of luck!

    [Reply]

  27. musa says:

    Hi everybody,

    I am trying to set up a DNS server on my private LAN and using only two systems on LAN for testing purpose. I have configured the bind9 as directed here on ubuntu 10.10 machine. the IP of ubuntu machine is 192.xx.xx.2 and that of another machine which is centOS is .3
    i get good results when i use dig mydomain.com but when i try to ping the mydomain.com from another machine (centOS) it simply says ‘unknown host mydomain.com’
    i have already configured .2 as nameserver on centOS machine in /etc/resolv.conf file but still nothing doing…
    by norms i should be able to ping mydomain.com from centOS machine when i am able to ping the IP .2 of the DNS server…right?
    any help please?

    [Reply]

  28. Brandon says:

    Sigh….
    nullcity@NullCity-Ubuntu:~$ sudo /etc/init.d/bind9 start
    * Starting domain name service… bind9 [fail]
    nullcity@NullCity-Ubuntu:~$ sudo /etc/init.d/bind9 restart
    * Stopping domain name service… bind9 rndc: connect failed: 127.0.0.1#953: connection refused
    [ OK ]
    * Starting domain name service… bind9 [fail]
    nullcity@NullCity-Ubuntu:~$

    [Reply]

  29. Tony says:

    I had this problem because I hadnt removed the // at the beginning of forwarders in named.conf.options. Fixed that and it loaded fine

    [Reply]

  30. Max says:

    Can I set my DNS provider as 127.0.0.1?

    [Reply]

Leave a Reply