split-view DNS not working for my internal zone...

Evert evert at poboxes.info
Thu Sep 18 21:40:09 UTC 2008


There we have something! :-)

After modifying domain.com.hosts it works!
Had to add a SOA, etc:
-------------------------------------------------
$TTL 3600

@       IN      SOA     ns.domain.com. hostmaster.domain.com. (
                        2008091806
                         1800
                         900
                         604800
                         1200 )

@       IN NS   ns
ns              IN      A       127.0.0.1
www1    IN A    1.2.3.4
-------------------------------------------------

I guess the above (excluding the www1) is the absolute minimum for a 
master domain?


Thanks for all the help, guys! :)


Regards,
	Evert



	

Kevin Darcy wrote:
> It's not a view problem, apparently. SERVFAIL can be caused by any 
> number of things.
> 
> Start with the basic stuff. Look at the logs. Did the zone load 
> properly? Etc. etc. etc.
> 
>                                                                          
>       - Kevin
> 
> Evert wrote:
>> The problem persists after changing the ACL to localnets.
>>
>>
>> Greetings,
>> 	Evert
>>
>> Kevin Darcy wrote:
>>   
>>> Evert wrote:
>>>     
>>>> Hi all,
>>>>
>>>> Wrestling a bit with split-view...
>>>>
>>>> In my named.conf:
>>>> -------------------------------------------------
>>>> view "internal" {
>>>>          match-clients { 192.168.24.10/24; };
>>>>          recursion yes;
>>>> 	notify no;
>>>>
>>>>          zone "." {
>>>>                  type hint;
>>>>                  file "named.ca";
>>>>                  };
>>>>
>>>>
>>>> zone "domain.com" {
>>>>                  type master;
>>>>                  file "local/domain.com.hosts";
>>>>          };
>>>> };
>>>> -------------------------------------------------
>>>>
>>>>
>>>>
>>>> In local/domain.com.hosts:
>>>> -------------------------------------------------
>>>> $TTL 3600
>>>>
>>>> www1    IN A    1.2.3.4
>>>> -------------------------------------------------
>>>>
>>>>
>>>> However, when I try a:
>>>>     nslookup www1.domain.com.
>>>>
>>>> I get:
>>>> -------------------------------------------------
>>>> Server:         127.0.0.1
>>>> Address:        127.0.0.1#53
>>>>
>>>> ** server can't find www1.domain.com: SERVFAIL
>>>> -------------------------------------------------
>>>>
>>>>
>>>>
>>>> The queries.log shows it does go to the correct view:
>>>> -------------------------------------------------
>>>> 18-Sep-2008 20:21:18.802 client 127.0.0.1#40414: view internal: query: 
>>>> www1.domain.com IN A +
>>>> 18-Sep-2008 20:21:18.803 client 127.0.0.1#53315: view internal: query: 
>>>> www1.domain.com IN A +
>>>> -------------------------------------------------
>>>>
>>>>
>>>> What am I doing wrong here?
>>>>
>>>>   
>>>>       
>>> 192.168.24.10/24 is an illegal specification (masking on the first 3 
>>> octets, but with bits in the fourth octet?). Did you perhaps mean 
>>> 192.168.24.0/24?
>>>
>>> 127.0.0.1 is neither 192.168.24.10 nor in the 192.168.24.0/24 range 
>>> (depending on what you meant, see above).
>>>
>>> You might want to include the built-in ACL "localhost" in the 
>>> match-clients. That ACL includes the addresses of all your local 
>>> interfaces. "localnets" may be even more convenient, but, depending on 
>>> your network configuration and the rest of your config, match more than 
>>> you intend.
>>>
>>>                                                                          
>>>             - Kevin
>>>
>>>
>>>     
>>
>>
>>
>>   
> 
> 



More information about the bind-users mailing list