I've setup an Ubuntu 10.04 BIND9 DNS server in my companies server room so that it has a redundant network, power supply, etc… It shares that room with 2 other servers. If I do an nslookup from those 2 servers to gmail.com it respond with a Non-authoritative answer without a problem. If I ask it to resolve an internal name it will also respond correctly.
I have two offices, A and B that are connected to that server room through a VPN. A normal windows laptop can resolve an internal name correctly, but when I try to resolve gmail.com it says *** UnKnown can't find gmail.com: Query refused.
I've haven't changed any of the options except add this to the forwarders: 8.8.8.8;8.8.4.4;
Since this happens in both of my offices, but not in the server room I suspect it has something to do with our subnets. The server room is in th 10.0.2.x/24 subnet, office A is in the 10.0.5.x/24 subnet and office B is in the 10.0.4.x/24 subnet. Am I on the right track or is this totally wrong?
Best Answer
Change option 'recursion' and 'allow-recursion' for server or view. Set recursion to 'yes'. allow-recursion defines list of IP-address which are allowed to issue recursive queries. You could do this: