[TriLUG] DNS ( BIND 9 )

[Brian McCullough]

On Sun, Jun 27, 2004 at 11:15:02PM -0400, Jon Carnes wrote:
> > 
> I'm running named on Open BSD v3.5. works like a charm.
> What errors are you getting?


That's the funny thing.  No errors, other than "Host not found".




> > BTW, is there a difference in using the IP address of the local machine or should I always use 127.0.0.1 in the /etc/resolv.conf file? ( If that makes sense. )
> 
> Yes. You should use 127.0.0.1. Although if you are going to allow anyone
> to attach to the server and use it for DNS (and you've opened up the
> firewall to allow that) then it doesn't make any difference.


I don't think that the firewall is involved, since it is only internal
machines that I am interested in using BIND.  ( Port 53 appears to work
through the firewall, anyway, since I am getting name resolution for all
domains but my own. )



> > OK, here is /var/named/etc/named.conf:
> 
> Run the file through named-checkconf:
>   sudo -s
>   cd /var/named/etc/
>   named-checkconf named.conf


Did so -- no output.


> > acl clients {
> >         localnets;
> > 	::1;
> > };
> 
> Try:
>   acl clients { any; };
> 
> Once things are working, you can drop it back to "localnets" instead.


Since the internal machines do seem to be communicating with the name
server, just getting "no answer" can presume that this works correctly?


Perhaps, as usual, I should have been more clear in the first place.
The name server itself appears to be running, just won't resolve any
host that it is supposed to be authoritative for!



> You don't need the "forwarders", especially since you are defining that
> *only* localnet folks can use your DNS server for general look ups. 
> In general you would only us a forwarder for servers running behind a
> firewall or in a large private organization (forwarding to a centralized
> server). 
> 
> If you can't get this one to work try dropping back to the
> named-simple.conf.
> 
> Good Luck - Jon Carnes


Thank you both,
Brian