Hello all,
I am trying to configure a subdomain DNS server on a Cent OS 5.1 - for my lab. Brief configuration:
Lab machine ---> 192.168.17.2 (should respond to DNS queries from hosts in 192.168.16.0/20 network)
1. I would also like to forward any queries outside the above network to our corporate domain (no firewalls between our 192.168.16.x network and the corporate network. The domain server is: dns.company.com with an IP of 10.100.1.2 (255.255.255.0).
2. What I have configured is:
192.168.17.2 --> myhost.lab.company.com 10.100.1.2 --> dns.company.com
3. Installed the dns bind 9 in myhost and set basic configuration via the system-config-bind GUI. My configuration file specific to my setup there is:
cat lab.maxiscale.com.db $TTL 1H @ SOA myhost.lab.company.com. root.myhost.lab.company.com. ( 2 3H 1H 1W 1H ) NS myhost.lab.company.com. qaserver2 A 192.168.17.3 qaserver1 A 192.168.17.1 myhost A 192.168.17.2
=================
The rest of the DNS/Bind records were based upon the auto-generated files from the Bind GUI Config tool.
3. I also changed myhost's resolv.conf to reflect the following:
search lab.mycompany.com 192.168.17.2 search mycompany.com 10.100.1.2
======
PROBLEM:
1. When I am in myhost.com, I can perform: a. nslookup hostname (to any host within 192.168.x and 10.100.x networks) b. nslookup ip to anyhost wtihin both networks.
2. When I am in one of the hosts within 192.168.x aside from myhost.com (for example, qaserver1 or qaserver2):
a: SUCCESS to nslookup hostname to any host within BOTH networks. b. FAILS to nslookup ip (reverse nslookup) to anyhost within the 10.100.x network.
this is the error I get:
nslookup 10.100.1.2 Server: 192.168.17.2 Address: 192.168.17.2#53
Non-authoritative answer: 24.1.100.10.in-addr.arpa name = dns.company.com.
Authoritative answers can be found from: . nameserver = e.root-servers.net. . nameserver = f.root-servers.net. . nameserver = g.root-servers.net. . nameserver = h.root-servers.net. . nameserver = i.root-servers.net. . nameserver = j.root-servers.net. . nameserver = k.root-servers.net. . nameserver = l.root-servers.net. . nameserver = m.root-servers.net. . nameserver = a.root-servers.net. . nameserver = b.root-servers.net. . nameserver = c.root-servers.net. . nameserver = d.root-servers.net. a.root-servers.net internet address = 198.41.0.4 b.root-servers.net internet address = 192.228.79.201 c.root-servers.net internet address = 192.33.4.12 d.root-servers.net internet address = 128.8.10.90 e.root-servers.net internet address = 192.203.230.10 f.root-servers.net internet address = 192.5.5.241 g.root-servers.net internet address = 192.112.36.4 h.root-servers.net internet address = 128.63.2.53 i.root-servers.net internet address = 192.36.148.17 j.root-servers.net internet address = 192.58.128.30 k.root-servers.net internet address = 193.0.14.129 k.root-servers.net has AAAA address 2001:7fd::1 l.root-servers.net internet address = 199.7.83.42
=====
I must be missing something stupid and apparent .... any help would be greatly appreciated!!!
:)
thanks in advance!
vincenzo romero wrote:
Hello all,
I am trying to configure a subdomain DNS server on a Cent OS 5.1 - for my lab. Brief configuration:
Lab machine ---> 192.168.17.2 (should respond to DNS queries from hosts in 192.168.16.0/20 network)
- I would also like to forward any queries outside the above network
to our corporate domain (no firewalls between our 192.168.16.x network and the corporate network. The domain server is: dns.company.com with an IP of 10.100.1.2 (255.255.255.0).
- What I have configured is:
192.168.17.2 --> myhost.lab.company.com 10.100.1.2 --> dns.company.com
- Installed the dns bind 9 in myhost and set basic configuration via
the system-config-bind GUI. My configuration file specific to my setup there is:
cat lab.maxiscale.com.db $TTL 1H @ SOA myhost.lab.company.com. root.myhost.lab.company.com. ( 2 3H 1H 1W 1H ) NS myhost.lab.company.com. qaserver2 A 192.168.17.3 qaserver1 A 192.168.17.1 myhost A 192.168.17.2
=================
The rest of the DNS/Bind records were based upon the auto-generated files from the Bind GUI Config tool.
- I also changed myhost's resolv.conf to reflect the following:
search lab.mycompany.com 192.168.17.2 search mycompany.com 10.100.1.2
what's this? should be:
search lab.mycompany.com mycompany.com server 192.168.17.2 server 10.100.1.2
======
PROBLEM:
- When I am in myhost.com, I can perform:
a. nslookup hostname (to any host within 192.168.x and 10.100.x networks) b. nslookup ip to anyhost wtihin both networks.
- When I am in one of the hosts within 192.168.x aside from
myhost.com (for example, qaserver1 or qaserver2):
a: SUCCESS to nslookup hostname to any host within BOTH networks. b. FAILS to nslookup ip (reverse nslookup) to anyhost within the 10.100.x network.
you did not create the reverse zone. the zone file should contains something like
$TTL 1H @ SOA myhost.lab.company.com. root.myhost.lab.company.com. ( 2 3H 1H 1W 1H ) NS myhost.lab.company.com.
3 IN PTR qaserver2.lab.company.com. 1 IN PTR qaserver2.lab.company.com. 2 IN PTR myhostA.lab.company.com.
WARNING. don't forget the trailing dot (...lab.company.com. with a dot at the end).
you must tell you bind that it is authoritative for this zone. so in named.conf, add
zone "17.168.192.IN-ADDR.ARPA" { type master; file "192.168.17.db"; };
where 192.168.17.db is the name of the zone file.
A good reference for DNS is http://www.zytrax.com/books/dns/
where 192.168.17.db is the name of the zone file.
A good reference for DNS is http://www.zytrax.com/books/dns/
thank you for the reference and response... I have also checked the above and reviewed it.... and attempted to follow the configuration file samples; however I noticed in CentOS is that I either:
- use the Bind Configuration Tool or - configure DNS manually (byhand, hence the above reference should be followed).
As I am a newbie, I attempted to configure using the Bind Configuration Tool (GUI) that automatically creates my records files; The questions I have are:
1. Is there some URL or reference that has a "step-by-step-DNS configuration" based upon the Bind configuration Tool (GUI)? the manuals is not a cookbook and could potentially cause newbies to make mistakes. the HOW-TO-FORGE document - does NOT show step-by-step but only shows how to INSTALL bind. ... If anyone is aware of such a link, I would appreciate pointers to where.
2. I did not seem to find a place to configure my /etc/resolv.conf - do I configure this from the Network Manager? Again, I feel that I should configure all via GUI since it seems that if I configure sometimes by editing files or by GUI, then the configuration gets messed up.
thanks in advance,
vincenzo romero wrote:
where 192.168.17.db is the name of the zone file.
A good reference for DNS is http://www.zytrax.com/books/dns/
thank you for the reference and response... I have also checked the above and reviewed it.... and attempted to follow the configuration file samples; however I noticed in CentOS is that I either:
- use the Bind Configuration Tool
or
- configure DNS manually (byhand, hence the above reference should be followed).
As I am a newbie, I attempted to configure using the Bind Configuration Tool (GUI) that automatically creates my records files; The questions I have are:
Use webmin. (webmin.com). I am an old hand at BIND and use webmin regularly....
- Is there some URL or reference that has a "step-by-step-DNS
configuration" based upon the Bind configuration Tool (GUI)? the manuals is not a cookbook and could potentially cause newbies to make mistakes. the HOW-TO-FORGE document - does NOT show step-by-step but only shows how to INSTALL bind. ... If anyone is aware of such a link, I would appreciate pointers to where.
- I did not seem to find a place to configure my /etc/resolv.conf -
do I configure this from the Network Manager? Again, I feel that I should configure all via GUI since it seems that if I configure sometimes by editing files or by GUI, then the configuration gets messed up.
thanks in advance, _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
mouss -
Robert Moskowitz -
vincenzo romero