DNS forwarding not working properly?

Jonathan Petersson jpetersson at garnser.se
Thu Mar 26 15:32:57 UTC 2009


You need to enable recursion in options.

/Jonathan

2009/3/26 ARMSTRONG, KENNETH <KARMSTRONG at botetourtva.us>:
> OK, I've been trying my hardest to figure this out.
>
> I have BIND9 installed and set up as a slave to one of our Domain
> Controllers (so we can at least still get DNS if it were to go down). It
> works fine for transferring the zone file of our domain down, and from the
> server running BIND I can resolve hostnames of our local network machines
> along with outside names such as google.com (using nslookup, yeah I know it
> sucks).
>
> However, when I set up one of my Windows XP clients to use the new server
> for DNS, it can resolve local machine names fine when I run nslookup against
> it, but it gives me "Query refused" when trying to resolve an outside DNS
> name.
>
> I ran nslookup against the ISP's DNS IP's and can resolve the outside
> hostnames just fine, but for some reason I can't resolve them against the
> new DNS server.
>
> I have not made any modifications to /etc/bind/named.conf. Instead, I have
> put my configurations in /etc/bind/named.conf.local (since that is what the
> named.conf file says to do).
>
> Here is my /etc/bind/named.conf.local file (protected of course):
>
> Code:
>
> zone "OURDOMAIN.COM" {
>
>        type slave;
>
>        masters {
>
>                 192.168.1.22;
>
>                 192.168.1.23;
>
>        };
>
>        file "OURDOMAIN.COM.db";
>
>        allow-transfer {
>
>                 any;
>
>        };
>
>        allow-query {
>
>                 any;
>
>        };
>
> };
>
>
>
> zone "192.168.in-addr.arpa" {
>
>        type slave;
>
>        masters {
>
>                 192.168.1.22;
>
>                 192.168.1.23;
>
>        };
>
>        file "192.168.in-addr.arpa.db";
>
>        allow-transfer {
>
>                 any;
>
>        };
>
>        allow-query {
>
>                 any;
>
>        };
>
> };
>
> And my /etc/bind/named.conf.options:
>
> Code:
>
> options {
>
>         directory "/var/cache/bind";
>
>
>
>         forwarders {
>
>                    216.12.0.20;
>
>                    216.12.48.23;
>
>         };
>
>
>
>         auth-nxdomain no;
>
>         listen-on-v6 { any; };
>
> };
>
> Again, this only seems to affect outside clients, I can run queries on
> nslookup just fine on the DNS server itself.
>
> Any help would be greatly appreciated.
>
>
>
> Kenny
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>



More information about the bind-users mailing list