Bind9 name server cannot resolves local domain

binddomain-name-systeminternal-dnsubuntu-14.04

I tried to set up bind DNS in Ubuntu.

I have two machines (VMware):

machine A is client:

IP: 192.168.1.1  (host-only)
hostname: example.com

machine B is DNS Server:

IP: 192.168.1.2 (host-only)

/etc/bind/named.conf.local:

zone "example.com" {
        type master;
        file "/etc/bind/db.example.com";
};
//reverse zone
zone "1.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/db.192";
};

/etc/bind/db.example.com:

$TTL    604800
@       IN      SOA     example.com.        root.example.com. (
                              2         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      example.com.
@       IN      A       192.168.1.1
@       IN      AAAA    ::1

/etc/bind/db.192:

$TTL    604800
@       IN      SOA     1.168.192.in-addr.arpa. root.example.com. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      example.com.
1       IN      PTR     example.com.

When i use nslookup in client:

nslookup example.com
Server:     192.168.1.2
Address:    192.168.1.2#53

Name:   example.com
Address: 192.168.1.1

nslookup 192.168.1.1
Server:     192.168.1.2
Address:    192.168.1.2#53

** server can't find 1.1.168.192.in-addr.arpa: NXDOMAIN

Can you fix it?

Best Answer

First of all you state in your named.conf.local that your zone is example.com. So B hostname cannot be example.com. It could be some-hostname on example.com like foo.example.com but not example.com since it implies that your zone is com and B's hostname is example which is not consistent with the configuration you provided.

There is an error in/etc/bind/db.example.com.

@       IN      NS      example.com.

This lines is used to specify domain name server. Here you just said :

@(expand to example.com)'s name server is `example.com`

which should be

@       IN     NS      "B's hostname".example.com

Then you specify the A records related to the NS records (i.e your nameserver IP adress) :

hostname       IN      A       192.168.1.1
               IN      AAAA    ::1

But this is still bad configuration. You said before that your nameserver is B with IP 192.168.1.2 right ? So the statement above should be

hostname       IN      A       192.168.1.2

This is the same for the SOA records in db.example.com:

@ IN SOA example.com. root.example.com.

should be :

@       IN      SOA     "B's hostname".example.com.        root.example.com.

SOA records in db.192 should be exactly the same as db.example.com, no needs to write 1.168.192.in-addr.arpa..

Then again your NS and PTR records aren't correct, they should be :

@       IN      NS      "B's hostname".example.com.
2       IN      PTR     "B's hostname".example.com.

I hope I didn't miss something but for last piece of advice Bind9 is packaged with two scripts named-checkzone and named-checkconf. The former can check zone file (i.e db.192 and db.example.com) and the latter can check Bind9 configuration (i.e named.conf.local).

If you are interested in understand better how Bind9 (and dns) you should have a look at Zytrax Pro DNS and Bind which explain very well configuration options with plenty of examples.

Related Solutions

Debian – Setting up a DNS name server for a mass virtual host with Bind9

Looking at the IP addresses in your resolv.conf I get the feeling that your BIND server is on 192.168.1.52. As far as I can tell, you can't specify in resolv.conf something like "for these domains, use this name server". Basically, your BIND server will never be queried. As you can see in your dig lookup (which is incorrect, it is asking for a reverse DNS entry), it tries 80.58.0.33, which I assume is your provider's DNS server.

You already set up BIND as caching nameserver by using the 'forwarders' option, so what you need to do is have only 192.168.1.52 in the client PCs as nameserver.

To see if your BIND is configured correctly, try this:

dig example.test @192.168.1.52

BIND – How to Set Up Wildcard DNS

Your origin for the zone is . per your configuration. You are creating records for ns1. and ns2. instead of ns1.example.com. and ns2.example.com. Since ns1.example.com and ns2.example.com aren't defined, they are matched by the wildcard.

EDIT: here's an edit of your config and zone:

zone "example.com." {
        type master;
        file "ext.zone";
};

ext.zone:

$TTL    3600
@       IN      SOA     ns1 root (
                              1         ; Serial
                         3600         ; Refresh
                          300         ; Retry
                         3600         ; Expire
                         300 )        ; Negative Cache TTL


        IN      NS      ns1
        IN      NS      ns2
        IN      A       192.0.2.6


ns1     IN      A       192.0.2.4
ns2     IN      A       192.0.2.5

*      IN      A       192.0.2.6

Everything in the zone is relative to the zone name in the named configuration, so adding a second zone just points to the same file:

zone "example.net." {
    type master;
    file "ext.zone";
};

Best Answer

Related Solutions

Debian – Setting up a DNS name server for a mass virtual host with Bind9

BIND – How to Set Up Wildcard DNS

Related Topic