split-view DNS not working for my internal zone...
Evert
evert at poboxes.info
Thu Sep 18 21:40:09 UTC 2008
There we have something! :-)
After modifying domain.com.hosts it works!
Had to add a SOA, etc:
-------------------------------------------------
$TTL 3600
@ IN SOA ns.domain.com. hostmaster.domain.com. (
2008091806
1800
900
604800
1200 )
@ IN NS ns
ns IN A 127.0.0.1
www1 IN A 1.2.3.4
-------------------------------------------------
I guess the above (excluding the www1) is the absolute minimum for a
master domain?
Thanks for all the help, guys! :)
Regards,
Evert
Kevin Darcy wrote:
> It's not a view problem, apparently. SERVFAIL can be caused by any
> number of things.
>
> Start with the basic stuff. Look at the logs. Did the zone load
> properly? Etc. etc. etc.
>
>
> - Kevin
>
> Evert wrote:
>> The problem persists after changing the ACL to localnets.
>>
>>
>> Greetings,
>> Evert
>>
>> Kevin Darcy wrote:
>>
>>> Evert wrote:
>>>
>>>> Hi all,
>>>>
>>>> Wrestling a bit with split-view...
>>>>
>>>> In my named.conf:
>>>> -------------------------------------------------
>>>> view "internal" {
>>>> match-clients { 192.168.24.10/24; };
>>>> recursion yes;
>>>> notify no;
>>>>
>>>> zone "." {
>>>> type hint;
>>>> file "named.ca";
>>>> };
>>>>
>>>>
>>>> zone "domain.com" {
>>>> type master;
>>>> file "local/domain.com.hosts";
>>>> };
>>>> };
>>>> -------------------------------------------------
>>>>
>>>>
>>>>
>>>> In local/domain.com.hosts:
>>>> -------------------------------------------------
>>>> $TTL 3600
>>>>
>>>> www1 IN A 1.2.3.4
>>>> -------------------------------------------------
>>>>
>>>>
>>>> However, when I try a:
>>>> nslookup www1.domain.com.
>>>>
>>>> I get:
>>>> -------------------------------------------------
>>>> Server: 127.0.0.1
>>>> Address: 127.0.0.1#53
>>>>
>>>> ** server can't find www1.domain.com: SERVFAIL
>>>> -------------------------------------------------
>>>>
>>>>
>>>>
>>>> The queries.log shows it does go to the correct view:
>>>> -------------------------------------------------
>>>> 18-Sep-2008 20:21:18.802 client 127.0.0.1#40414: view internal: query:
>>>> www1.domain.com IN A +
>>>> 18-Sep-2008 20:21:18.803 client 127.0.0.1#53315: view internal: query:
>>>> www1.domain.com IN A +
>>>> -------------------------------------------------
>>>>
>>>>
>>>> What am I doing wrong here?
>>>>
>>>>
>>>>
>>> 192.168.24.10/24 is an illegal specification (masking on the first 3
>>> octets, but with bits in the fourth octet?). Did you perhaps mean
>>> 192.168.24.0/24?
>>>
>>> 127.0.0.1 is neither 192.168.24.10 nor in the 192.168.24.0/24 range
>>> (depending on what you meant, see above).
>>>
>>> You might want to include the built-in ACL "localhost" in the
>>> match-clients. That ACL includes the addresses of all your local
>>> interfaces. "localnets" may be even more convenient, but, depending on
>>> your network configuration and the rest of your config, match more than
>>> you intend.
>>>
>>>
>>> - Kevin
>>>
>>>
>>>
>>
>>
>>
>>
>
>
More information about the bind-users
mailing list