[lug] DNS for private hosts

Giuliano Rescaldani resca at iciesse.it
Wed Nov 22 10:26:40 MST 2000 

Hello,
	I am trying to remove all the hosts files all around the office and
substitute them with a single DNS box that have only two tasks to perform:

A-Resolve the names of the local machines.
B-Forward the request to the provider's DNS(s) in case it is not found.

	I managed to have everything working and everything looks perfect when I do
pings or nslookups from the Linux box where the DNS sits, but I have a
problem when an other box tries to use it as DNS!

	The local names are not rsolved unless I enter the complete name.domain and
the provider's DNS is never invoked.

	Let's talk about my configuration. In /etc/resolv.conf, I have:

-------------------------------------------------
search mydomain.fake
nameserver 127.0.0.1
#nameserver 212.41.208.6
#nameserver 212.41.208.7
hostresorder local bind
-------------------------------------------------
	(locally the "external" names are resolved anyway, even if the provider's
DNS's are commented out, from a remote box, even uncommented the names are
not resolved).

In named.conf, I have:
------------------------------------------------
options {
        directory "/var/named";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
        // query-source address * port 53;
};

//
// a caching only nameserver config
//
zone "." {
        type hint;
        file "named.ca";
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "named.local";
};

zone "localhost" {
        type master;
        file "zone/localhost";
};

zone "1.1.10.in-addr.arpa" in {
        type master;
        file "zone/10.1.1";
};

zone "mydomain.fake" in {
        type master;
        notify no;
        file "zone/mydomain.fake";
};
-------------------------------------------------------------------

in /var/named/zone/localhost I have:
--------------------------------------------------------------------------
$TTL 3600
@       in      soa localhost.postmaster.locahost. (
                        1993050801      ;serial
                        3600            ;refresh
                        1800            ;retry
                        604800          ;expiration
                        3600)           ;minimum

        ns      localhost;
        a       127.0.0.1
--------------------------------------------------------------------------

in /var/named/mydomain.fake I have:
--------------------------------------------------------------------------
@       in      soa ns.mydomain.fake.hostmaster.mydoamin.fake (
                        2000092801      ;serial
                        8H              ;refresh
                        2H              ;retry
                        1W              ;expiration
                        1D  )           ;minimum

        ns      ns.mydomain.fake;

        TXT     "DNS.mydomain.fake, our fake DNS"
        NS      10.1.1.12       ;Inet address of DNS

localhost       A       127.0.0.1
mydomain.fake   A       10.0.0.128      ;???

resca   A       10.1.1.3
luca    A       10.1.1.4
nt-web  A     10.1.1.7
--------------------------------------------------------------------------

in /var/named/10.1.1 I have:
--------------------------------------------------------------------------
$TTL 3600
@       in      soa ns.postmaster.ns. (
                        2000092901      ;serial
                        3600            ;refresh
                        1800            ;retry
                        604800          ;expiration
                        3600)           ;minimum

3       PTR     resca.mydomain.fake
4       PTR     luca.mydomain.fake
7       PTR     nt-web.mydomain.fake
--------------------------------------------------------------------------

And, finally, in named.ca I have the output of the dig command.

So, I think I made almost everything correct, in fact if on the Linux that
hosts the DNS, I enter ping resca, I get:
PING resca.mydomain.fake (10.1.3.3) from 10.1.1.12 : 56(84) bytes of data.
64 bytes from resca.mydomain.fake.3.1.10.in-addr.arpa (10.1.3.3): icmp_seq=0
ttl=128 time=0.7 ms

as well as with nslookup:

Default Server:  localhost
Address:  127.0.0.1

> resca
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    resca.mydomain.fake
Address:  10.1.3.3

Perfect.

But from an other box, nslookup finds the DNS but it doesn't resolve the
name:

C:\WINNT\system32\drivers\etc>nslookup
Server predefinito:  linwww.mydomain.fake.1.1.10.in-addr.arpa
Address:  10.1.1.12

> resca
Server:  linwww.mydomain.fake.1.1.10.in-addr.arpa
Address:  10.1.1.12

DNS request timed out.
    timeout was 2 seconds.
*** Tempo scaduto per la richiesta a
linwww.mydomain.fake.1.1.10.in-addr.arpa
>

But, if instead of resca, I eneter:
> resca.mydomain.fake
Server:  linwww.mydomain.fake.1.1.10.in-addr.arpa
Address:  10.1.1.12

Risposta da un server non di fiducia:
Nome:    luca.mydomain.fake
Address:  10.1.3.3

And external names are not resolved as well:
> www.gar.no
Server:  linwww.mydomain.fake.1.1.10.in-addr.arpa
Address:  10.1.1.12

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Tempo scaduto per la richiesta a
linwww.mydomain.fake.1.1.10.in-addr.arpa

While from the DNS itself, it works fine:
> www.gar.no
Server:  localhost
Address:  127.0.0.1

Name:    smil.gar.no
Address:  193.216.112.8
Aliases:  www.gar.no

Any idea/suggestions?

Thanks and best regards.

Giuliano Rsscaldani

More information about the LUG mailing list