Sponsored Link
Introduction
BIND (Berkeley Internet Name Domain) is an open reference implementation of the Domain Name System (DNS) protocol and provides a redistributable implementation of the major components of the Domain Name System.
a name server (named)
a resolver library
troubleshooting tools like nslookup and dig
The BIND DNS Server is used on the vast majority of name serving machines on the Internet, providing a robust and stable architecture on top of which an organization's naming architecture can be built. The resolver library included in the BIND distribution provides the standard APIs for translation between domain names and Internet addresses and is intended to be linked with applications requiring name service.
Firewall Config
Bind listens on port 53 UDP and TCP. TCP is normally only used during zone transfers so it would appear that you could filter it if you have no slaves. However If the response to a query is greater than 1024 bytes, the server sends a partial response, and client and server will try to redo the transaction with TCP.
Responses that big do not happen often, but they happen. And people do quite often block 53/tcp without their world coming to an end. But this is where one usually inserts the story about the Great DNS Meltdown when more root servers were added. This made queries for the root list greater than 1024 and the whole DNS system started to break down from people violating the DNS spec (RFC1035) and blocking TCP.
Differences in BIND8 and BIND9
Apart from being multi-threaded, and a complete code rewrite -- which should provide better stability and security in the long term, there are other differences
If there is a syntax error in named.conf, BIND9 will log errors and not reload the named server. BIND8 will log errors and the daemon will die!
Extensive support of TSIGs (shared keys) for access control, for example, "update-policy" can be used for fine grained access control of dynamic updates.
The tool for starting/stopping/reloading etc., rndc is different from the v8 ndc -- different communications, authentication and features.
Syntax in zone files is more rigorously checked (e.g. a TTL line must exist)
In named.conf
v8 options ‘check-names' and ‘statistics-interval' are not yet implemented in V9.
the default for the option ‘auth-nxdomain' is now ‘no', if you don't set this manually, BIND 9 logs a corresponding message on startup.
The root server list, often called named.root or root.hints in BIND8 is not necessary in BIND 9, as it is included within the server.
Installing Bind in Ubuntu
sudo apt-get install bind9 dnsutils
This will install all the required packages for bind9
Configuring Bind
If you install Bind from the source code, you will have to edit the file named.conf. However, Ubuntu provides you with a pre-configured Bind, so we will edit named.conf.local file
sudo vi /etc/bind/named.conf.local
This is where we will insert our zones.If you want to know what is zone in DNs check this
DNS zone is a portion of the global DNS namespace. This namespace is defined by RFC 1034, "Domain Names -- Concepts and Facilities" and RFC 1035, ""Domain Names -- Implementation and Specification", and is laid out in a tree structure from right to left, such that divisions of the namespace are performed by prepending a series of characters followed by period (‘.'), to the upper namespace
You need to add the following lines in named.conf.local file
# This is the zone definition. replace example.com with your domain name
zone "example.com" {
type master;
file "/etc/bind/zones/example.com.db";
};
# This is the zone definition for reverse DNS. replace 0.168.192 with your network address in reverse notation -- e.g my network address is 192.168.0
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/rev.0.168.192.in-addr.arpa";
};
Now you need to edit the options file
sudo vi /etc/bind/named.conf.options
We need to modify the forwarder. This is the DNS server to which your own DNS will forward the requests he cannot process.
forwarders {
# Replace the address below with the address of your provider's DNS server
123.123.123.123;
};
add the zone definition files (replace example.com with your domain name
sudo mkdir /etc/bind/zones
sudo vi /etc/bind/zones/example.com.db
The zone definition file is where we will put all the addresses / machine names that our DNS server will know.Example zone file as follows
// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
example.com. IN SOA ns1.example.com. admin.example.com. (
// Do not modify the following lines!
2007031001
28800
3600
604800
38400
)
// Replace the following line as necessary:
// ns1 = DNS Server name
// mail = mail server name
// example.com = domain name
example.com. IN NS ns1.example.com.
example.com. IN MX 10 mail.example.com.
// Replace the IP address with the right IP addresses.
www IN A 192.168.0.2
mta IN A 192.168.0.3
ns1 IN A 192.168.0.1
Create Reverse DNS Zone file
A normal DNS query would be of the form ‘what is the IP of host=www in domain=mydomain.com'. There are times however when we want to be able to find out the name of the host whose IP address = x.x.x.x. Sometimes this is required for diagnostic purposes more frequently these days it is used for security purposes to trace a hacker or spammer, indeed many modern mailing systems use reverse mapping to provide simple authentication using dual look-up, IP to name and name to IP.
In order to perform Reverse Mapping and to support normal recursive and Iterative (non-recursive) queries the DNS designers defined a special (reserved) Domain Name called IN-ADDR.ARPA. This domain allows for all supported Internet IPv4 addresses (and now IPv6).
sudo vi /etc/bind/zones/rev.0.168.192.in-addr.arpa
copy and paste the following sample file
//replace example.com with yoour domain name, ns1 with your DNS server name.
// The number before IN PTR example.com is the machine address of the DNS server. in my case, it's 1, as my IP address is 192.168.0.1.
@ IN SOA ns1.example.com. admin.example.com. (
2007031001;
28800;
604800;
604800;
86400
)
IN NS ns1.example.com.
1 IN PTR example.com
Restart Bind server using the following command
sudo /etc/init.d/bind9 restart
Testing Your DNS Server
Modify the file resolv.conf with the following settings
sudo vi /etc/resolv.conf
Enter the following details save and exit the file
// replace example.com with your domain name, and 192.168.0.1 with the address of your new DNS server.
search example.com
nameserver 192.168.0.1
Test your DNS Using the following command
dig example.com
Gulab,
If you read the syslog output you posted, you’ll see what the problem is…
It doesn’t look like you’re starting the daemon as root.
Hi,
As you can see, I’m starting daemon as root only but still I’m getting the same error.
Command executed as root find below.
root@sfdlabs:~# sudo /etc/init.d/bind9 restart
* Stopping domain name service… bind9
rndc: connect failed: 127.0.0.1#953: connection refused
…done.
* Starting domain name service… bind9
…fail!
Error Log from syslog file.
root@sfdlabs:~# cat /var/log/syslog | grep named
May 5 10:14:11 sfdlabs named[21350]: starting BIND 9.6.1-P2 -u bind -t /var/lib/named
May 5 10:14:11 sfdlabs named[21350]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6’ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2’ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’ ‘CXXFLAGS=-g -O2’ ‘FFLAGS=-g -O2’
May 5 10:14:11 sfdlabs named[21350]: adjusted limit on open files from 1024 to 1048576
May 5 10:14:11 sfdlabs named[21350]: found 4 CPUs, using 4 worker threads
May 5 10:14:11 sfdlabs named[21350]: using up to 4096 sockets
May 5 10:14:11 sfdlabs named[21350]: loading configuration from ‘/etc/bind/named.conf’
May 5 10:14:11 sfdlabs named[21350]: none:0: open: /etc/bind/named.conf: permission denied
May 5 10:14:11 sfdlabs named[21350]: loading configuration: permission denied
May 5 10:14:11 sfdlabs named[21350]: exiting (due to fatal error)
May 5 10:14:11 sfdlabs kernel: [1619942.294274] type=1503 audit(1273034651.145:42): operation=”open” pid=21354 parent=21349 profile=”/usr/sbin/named” requested_mask=”r::” denied_mask=”r::” fsuid=107 ouid=107 name=”/var/lib/named/etc/bind/named.conf”
Looking forward your support,
Thanks,
Gulab Pasha
Gulab,
Your daemon is recieving a permission denied, which tells me one of two things.
1) sudo is not working correctly… which you can try just being root and starting it instead of going through sudo.
2) ls -alh /etc/bind/named.conf (so you can see what the permissions are on the file, to see why the daemon is having problems accessing it.)
I don’t mean come back and paste your results, but I’m pointing you in the right direction to solve it.
Hi,
I tried starting the daemon just being root and i receive the same and my file permissions of /etc/bind/named.conf is (-rw-r–r–)
As i’m new to dns service, do am i making some mistake.
Looking forward to your support.
Thanks,
Gulab Pasha
i get the exact same problem as Gulab,
except mine is [ok] then [fail]
connection refused for 127.0.0.1
something’s wrong with this walk through.
These problems that are being had have nothing to do with anything in this configuration. Troubleshooting the problem you guys are having remotely would be like playing chess over snail mail.
Here are the steps I would take:
1) /etc/init.d/named stop
2) assess that it shutdown: netstat -plan | grep “:53 “, if you see something running then it didn’t stop.
3) If it stopped fine, then assess this documentation again.
Steps in this documentation in a nutshell (a stepping stone to troubleshoot)
a) Before anything, create your zone definition file directory, and add the
zone definitions.
As root, type:
mkdir /etc/bind/zones
vi /etc/bind/zones/example.com.db
Add the following, changing example.com to YOUR domain:
// replace example.com with your domain name. do not forget the . after the domain name!
// Also, replace ns1 with the name of your DNS server
example.com. IN SOA ns1.example.com. admin.example.com. (
// Do not modify the following lines!
2007031001
28800
3600
604800
38400
)
// Replace the following line as necessary:
// ns1 = DNS Server name
// mail = mail server name
// example.com = domain name
example.com. IN NS ns1.example.com.
example.com. IN MX 10 mail.example.com.
// Replace the IP address with the right IP addresses.
www IN A 192.168.0.2
mta IN A 192.168.0.3
ns1 IN A 192.168.0.1
b) As root, edit /etc/bind/named.conf.local
a zone definition should be there for your domain.
Example:
zone “example.com” {
type master;
file “/etc/bind/zones/example.com.db”; <– This is the file containing the zone info
};
Also, an ARPA configuration in that file for your subnet.
Example for a 192.168.0.x network:
zone “0.168.192.in-addr.arpa” {
type master;
file “/etc/bind/zones/rev.0.168.192.in-addr.arpa”;
};
c) As root, edit /etc/bind/named.conf.options
A forwarder DNS can be entered here that would be your upstream provider.
In other words, your net provider's dns IP
Example of entry:
forwarders {
# Replace the address below with the address of your provider’s DNS server
123.123.123.123;
};
That sums up the major changes.
This was a rewrite of exactly what was typed above… as you can see, no file permissions
were changed, so troubleshooting the application itself is necessary.
My recommendation is to have two terms up and type "tail -f /var/log/messages" and in the other
term, stopping, then starting bind9. Not restart, but stop, then start.
Hi Dan,
After following the above procedure, now I’m getting this error.
tail -f /var/log/messages
May 11 10:30:35 sfdlabs kernel: [2139326.806883] type=1503 audit(1273554035.659:194): operation=”open” pid=7575 parent=7570 profile=”/usr/sbin/named” requested_mask=”::r” denied_mask=”::r” fsuid=107 ouid=0 name=”/var/lib/named/etc/bind/named.conf”
May 11 10:30:38 sfdlabs kernel: [2139329.617311] type=1503 audit(1273554038.469:195): operation=”open” pid=7619 parent=7614 profile=”/usr/sbin/named” requested_mask=”::r” denied_mask=”::r” fsuid=107 ouid=0 name=”/var/lib/named/etc/bind/named.conf”
#cat /var/log/syslog | grep named
May 11 10:35:30 sfdlabs named[8519]: starting BIND 9.6.1-P2 -u bind -t /var/lib/named
May 11 10:35:30 sfdlabs named[8519]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6’ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2’ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’ ‘CXXFLAGS=-g -O2’ ‘FFLAGS=-g -O2’
May 11 10:35:30 sfdlabs named[8519]: adjusted limit on open files from 1024 to 1048576
May 11 10:35:30 sfdlabs named[8519]: found 4 CPUs, using 4 worker threads
May 11 10:35:30 sfdlabs named[8519]: using up to 4096 sockets
May 11 10:35:30 sfdlabs named[8519]: loading configuration from ‘/etc/bind/named.conf’
May 11 10:35:30 sfdlabs named[8519]: none:0: open: /etc/bind/named.conf: permission denied
May 11 10:35:30 sfdlabs named[8519]: loading configuration: permission denied
May 11 10:35:30 sfdlabs named[8519]: exiting (due to fatal error)
May 11 10:35:30 sfdlabs kernel: [2139621.228332] type=1503 audit(1273554330.075:196): operation=”open” pid=8524 parent=8518 profile=”/usr/sbin/named” requested_mask=”::r” denied_mask=”::r” fsuid=107 ouid=0 name=”/var/lib/named/etc/bind/named.conf”
Looking forward to your support.
Thanks,
Gulab Pasha
Just looking at all of the permissions issues of reading a file which is set to read by root, it might be an selinux thing.
Does Ubuntu use selinux?
Hi Dan,
I’m not running selinux in my linux box, still i’m getting the error.
you want me to install selinux and disable the settings.
Thanks,
Gulab Pasha
That’s AppArmor. Try stopping it (/etc/init.d/apparmor stop) and then try starting/stopping bind and see if it cooperates.
If it works, you have two options: disable AppArmor completely or configure it to play nice with Bind.
Hi Robbie,
Now i’m getting some other error messages, Please find below.
root@sfdlabs:~# /etc/init.d/bind9 start
* Starting domain name service… bind9
…done.
root@sfdlabs:~# /etc/init.d/bind9 restart
* Stopping domain name service… bind9
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not synchronized, or
* the key is invalid.
…done.
* Starting domain name service… bind9
…fail!
Syslog Error messages.
May 13 11:47:12 sfdlabs named[2358]: starting BIND 9.7.0-P1 -u bind
May 13 11:47:12 sfdlabs named[2358]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6’ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2’ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’
May 13 11:47:12 sfdlabs named[2358]: adjusted limit on open files from 1024 to 1048576
May 13 11:47:12 sfdlabs named[2358]: found 4 CPUs, using 4 worker threads
May 13 11:47:12 sfdlabs named[2358]: using up to 4096 sockets
May 13 11:47:12 sfdlabs named[2358]: loading configuration from ‘/etc/bind/named.conf’
May 13 11:47:12 sfdlabs named[2358]: /etc/bind/named.conf.local:13: expected quoted string near ‘“’
May 13 11:47:12 sfdlabs named[2358]: loading configuration: unexpected token
May 13 11:47:12 sfdlabs named[2358]: exiting (due to fatal error)
Looking forward to your support.
Thanks,
Gulab Pasha
root@moha-laptop:/home/moha# cat /var/log/syslog | grep named
Jun 11 03:45:34 moha-laptop named[11522]: received control channel command ‘stop -p’
Jun 11 03:45:34 moha-laptop named[11522]: shutting down: flushing changes
Jun 11 03:45:34 moha-laptop named[11522]: stopping command channel on 127.0.0.1#953
Jun 11 03:45:34 moha-laptop named[11522]: stopping command channel on ::1#953
Jun 11 03:45:34 moha-laptop named[11522]: no longer listening on ::#53
Jun 11 03:45:34 moha-laptop named[11522]: no longer listening on 127.0.0.1#53
Jun 11 03:45:34 moha-laptop named[11522]: no longer listening on 41.92.5.110#53
Jun 11 03:45:34 moha-laptop named[11522]: exiting
Jun 11 03:45:34 moha-laptop named[12849]: starting BIND 9.5.1-P2.1 -u bind
Jun 11 03:45:34 moha-laptop named[12849]: found 2 CPUs, using 2 worker threads
Jun 11 03:45:34 moha-laptop named[12849]: using up to 4096 sockets
Jun 11 03:45:34 moha-laptop named[12849]: loading configuration from ‘/etc/bind/named.conf’
Jun 11 03:45:34 moha-laptop named[12849]: /etc/bind/named.conf.options:21: unknown option ‘forwarders’
I’m having the some problem it’s related in here.
What can I do beyond to related in here?
Thanks.
Mohamed,
Make sure your ‘forwarders’ section is contained WITHIN the options section. Example:
options {
…
…
forwarders {
1.2.3.4
2.3.4.5
};
};
Got into a little friendly argument.. is DNS domain name SERVERS or SERVICE?
Thanks
the acronym stands for domain name service. though i can understand how someone could call it domain name server accidentally since most times dns is on its own solitary hardware.
think of it this way, it’d be redundant to call it a dns server if it was domain name server.
Ok thanks that makes sense
Hi,
I’m trying to implement DNSSEC in my DNS server, but it doesn’t work. I’ll paste the configuration I have, please tell me if it’s wrong.
In the file: /etc/bind/named.conf.options:
options {
directory “/var/cache/bind”;
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0’s placeholder.
// forwarders {
// 0.0.0.0;
// };
recursion yes;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
dnssec-enable yes;
dnssec-validation yes;
};
managed-keys {
“.” 257 3 8 ”
AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
QxA+Uk1ihz0= “;
};
Thank you,
Grace Rodriguez
I just wanted to throw in an FYI here for anyone who is having the same error that Gulab Pasha was having when trying to start bind9 after following this how to. If you are seeing
/etc/bind/named.conf.local:13: expected quoted string near ‘“’
in your /var/log/syslog file, and you copied and pasted from this tutorial, it is because the quotation marks in the copy and pasted text are not ascii standard, replace them in vi by typing them in yourself and it works like a charm.
Thanks for a great how to
I have looked this over several times and I have went through the named.conf.local and I am still confused as to what’s happening here.
This is the syslog entries:
root@pilotalk:/etc/bind# tail -f /var/log/syslog
Dec 10 16:15:33 pilotalk named[1952]: built with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–localstatedir=/var’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-dlz-postgres=no’ ‘–with-dlz-mysql=no’ ‘–with-dlz-bdb=yes’ ‘–with-dlz-filesystem=yes’ ‘–with-dlz-ldap=yes’ ‘–with-dlz-stub=yes’ ‘–with-geoip=/usr’ ‘–enable-ipv6’ ‘CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2’ ‘LDFLAGS=-Wl,-Bsymbolic-functions’ ‘CPPFLAGS=’
Dec 10 16:15:33 pilotalk named[1952]: adjusted limit on open files from 1024 to 1048576
Dec 10 16:15:33 pilotalk named[1952]: found 1 CPU, using 1 worker thread
Dec 10 16:15:33 pilotalk named[1952]: using up to 4096 sockets
Dec 10 16:15:33 pilotalk named[1952]: loading configuration from ‘/etc/bind/named.conf’
Dec 10 16:15:33 pilotalk named[1952]: /etc/bind/named.conf.local:12: expected quoted string near ‘“’
Dec 10 16:15:33 pilotalk named[1952]: loading configuration: unexpected token
Dec 10 16:15:33 pilotalk named[1952]: exiting (due to fatal error)
I’ve discovered a Forwarding DNS Server on my network that looks misconfigured but still active.
How do I go about permanently disabling it?
Linux oscar.icovfx.local 2.6.32-24-generic #42-Ubuntu SMP Fri Aug 20 14:24:04 UTC 2010 i686 GNU/Linux
i have siemens router connect to my virtual mashine
when i installed ubuntu server its automatic create in /etc/resolv.conf nameserver and domain of my router.1 set static ip in /etc/network.interfaces
2.after installation you need change parameters in /etc/hosts an /etc/resolv + set permissions to bind directory which contained conf files of master zones
how to build DNS and Web Mail Server?
thanks…
when i restarted bind9 i have this mess:
jkio@ubuntu:~$ sudo /etc/init.d/bind9 restart
* Stopping domain name service… bind9 rndc: connect failed: 127.0.0.1#953: connection refused
[ OK ]
* Starting domain name service… bind9
and when i had tried to change resolv.conf with my own dns server like that:
search jkioinfract.com
nameserver 192.168.1.41 (this is my ip address support by dhcp)
but i cannot connect to internet, when i tried command: dig jkioinfract.com, i got this mess:”; <> DiG 9.7.1-P2 <> jkioinfract.com
;; global options: +cmd
;; connection timed out; no servers could be reached “. So what’s the problem? and what can i do now? thanks
congrats for the absolutely awsum cp+pst post folks
Hey guys, just chanced over this, all I can say is DNS is far too precious to try and copy stuff from a tutorial like this and expect to get running, I recommend DNS & BIND by o’reilly and dedication of a good few weeks to properly understand the subject, which once you do grasp is pretty straight forward but very difficult I would say to do a generic demonstration for. Best of luck!
Hi everybody,
I am trying to set up a DNS server on my private LAN and using only two systems on LAN for testing purpose. I have configured the bind9 as directed here on ubuntu 10.10 machine. the IP of ubuntu machine is 192.xx.xx.2 and that of another machine which is centOS is .3
i get good results when i use dig mydomain.com but when i try to ping the mydomain.com from another machine (centOS) it simply says ‘unknown host mydomain.com’
i have already configured .2 as nameserver on centOS machine in /etc/resolv.conf file but still nothing doing…
by norms i should be able to ping mydomain.com from centOS machine when i am able to ping the IP .2 of the DNS server…right?
any help please?
Sigh….
nullcity@NullCity-Ubuntu:~$ sudo /etc/init.d/bind9 start
* Starting domain name service… bind9 [fail]
nullcity@NullCity-Ubuntu:~$ sudo /etc/init.d/bind9 restart
* Stopping domain name service… bind9 rndc: connect failed: 127.0.0.1#953: connection refused
[ OK ]
* Starting domain name service… bind9 [fail]
nullcity@NullCity-Ubuntu:~$
I had this problem because I hadnt removed the // at the beginning of forwarders in named.conf.options. Fixed that and it loaded fine
Can I set my DNS provider as 127.0.0.1?