[CentOS] How to enable bind to listen querys from all my network

Hello all,

I?ve installed a proxy Squid in my gateway and a Cache DNS Server with
bind. The problem is the server is only resolving is own querys but not
the client queries from my company.
When I do:
$service named start
I see in /var/log/messages:

starting BIND 9.3.4-P1 -u named -t /var/named/chroot
found 1 CPU, using 1 worker thread
loading configuration from '/etc/named.conf'
listening on IPv6 interface lo, ::1#53
listening on IPv4 interface lo, 127.0.0.1#53
command channel listening on 127.0.0.1#953
command channel listening on ::1#953
zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver:

loaded serial 1997022700
zone localdomain/IN/localhost_resolver: loaded serial 42
zone localhost/IN/localhost_resolver: loaded serial 42
running

I don?t understand why is only "listening on IPv4 interface lo,
127.0.0.1#53"
I have bind-chroot installed with the following options in
/etc/named.conf:

options {
listen-on port 53 { 127.0.0.1; 10.10.80.0; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable
port
// randomization
// query-source port 53;
// query-source-v6 port 53;

allow-query { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

Where 10.10.80.0 is my network range. What may I do my server really
listen for all my network? Nowadays it?s listenning just itself ....

Thanks very much for your attention.
Miguel A. Velasco

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Hello all,

I?ve installed a proxy Squid in my gateway and a Cache DNS Server with
bind. The problem is the server is only resolving is own querys but not
the client queries from my company.
When I do:
$service named start
I see in /var/log/messages:

starting BIND 9.3.4-P1 -u named -t /var/named/chroot
found 1 CPU, using 1 worker thread
loading configuration from '/etc/named.conf'
listening on IPv6 interface lo, ::1#53
listening on IPv4 interface lo, 127.0.0.1#53
command channel listening on 127.0.0.1#953
command channel listening on ::1#953
zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver:

loaded serial 1997022700
zone localdomain/IN/localhost_resolver: loaded serial 42
zone localhost/IN/localhost_resolver: loaded serial 42
running

I don?t understand why is only "listening on IPv4 interface lo,
127.0.0.1#53"
I have bind-chroot installed with the following options in
/etc/named.conf:

options {
listen-on port 53 { 127.0.0.1; 10.10.80.0; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable
port
// randomization
// query-source port 53;
// query-source-v6 port 53;

allow-query { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

Where 10.10.80.0 is my network range. What may I do my server really
listen for all my network? Nowadays it?s listenning just itself ....

Thanks very much for your attention.
Miguel A. Velasco

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Romeo Ninov escribi?:
Set bind to listen to IP, not network, for example 10.10.80.1, no
10.10.80.0

Miguel A. Velasco wrote / nap?sal(a):
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Romeo Ninov escribi?:
Thanks Romeo, I?ve also tried it but doen?t work.
Miguel A. Velasco
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Miguel A. Velasco ha scritto:

I have bind-chroot installed with the following options in /etc/named.conf:

options {
listen-on port 53 { 127.0.0.1; 10.10.80.0; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;

allow-query { localhost; };

Lorenzo Quatrini escribi?:
Hi Miguel,
you have to edit the allow-query line to allow queries from other host (I have
any there, not localhost) I'm not sure about the syntax but I guess you could
try to put 10.10.80.* or 10.10.80.0/24 there to allow queries from you network

Also remove "10.10.80.0;" from listen-on port as it isn't needed (here you can
specify addresses if your server is multi-homed and you want it to listen only
on some interfaces)

On Thu, 2008-08-28 at 12:28 +0200, Lorenzo Quatrini wrote:

Miguel A. Velasco ha scritto:
Hi Miguel,
you have to edit the allow-query line to allow queries from other host (I have
any there, not localhost) I'm not sure about the syntax but I guess you could
try to put 10.10.80.* or 10.10.80.0/24 there to allow queries from you network

Also remove "10.10.80.0;" from listen-on port as it isn't needed (here you can
specify addresses if your server is multi-homed and you want it to listen only
on some interfaces)

--
Regards

Lorenzo Quatrini
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Gopinath Achari escribi?:
try this


listen-on port 53 { 0.0.0.0; };

On Thu, Aug 28, 2008 at 11:23 AM, Miguel A. Velasco wrote:

Hello all,

I?ve installed a proxy Squid in my gateway and a Cache DNS Server with
bind. The problem is the server is only resolving is own querys but not
the client queries from my company.
When I do:
$service named start
I see in /var/log/messages:

starting BIND 9.3.4-P1 -u named -t /var/named/chroot
found 1 CPU, using 1 worker thread
loading configuration from '/etc/named.conf'
listening on IPv6 interface lo, ::1#53
listening on IPv4 interface lo, 127.0.0.1#53
command channel listening on 127.0.0.1#953
command channel listening on ::1#953
zone 0.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone 0.0.127.in-addr.arpa/IN/localhost_resolver: loaded serial 1997022700
zone 255.in-addr.arpa/IN/localhost_resolver: loaded serial 42
zone
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN/localhost_resolver:

loaded serial 1997022700
zone localdomain/IN/localhost_resolver: loaded serial 42
zone localhost/IN/localhost_resolver: loaded serial 42
running

I don?t understand why is only "listening on IPv4 interface lo,
127.0.0.1#53"
I have bind-chroot installed with the following options in /etc/named.conf:

options {
listen-on port 53 { 127.0.0.1; 10.10.80.0; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;

allow-query { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};

Where 10.10.80.0 is my network range. What may I do my server really
listen for all my network? Nowadays it?s listenning just itself ....

Thanks very much for your attention.
Miguel A. Velasco

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

On Thu, Aug 28, 2008 at 8:10 AM, Spook ZA wrote:

Hi Guys.
I installed BIND 9.3.3rc2 straight off the CentOS 5.1 CDs.
By default the /var/named/chroot is empty, so all I did was copy the
cp -R /usr/share/doc/bind-9.3.3/sample/* /var/named/chroot/
and it inserts a working set of files.
Editing /var/named/chroot/etc/named.conf shows a sample setup that listens
on all interfaces
(which is why I set up the firewall first to block all interfaces) and has
3 views (localhost_resolver, internal and external)
Then it is a simple matter to set up forwarders in the options section for
caching and off you go.
Further tweaking should allow you to restrict the interfaces and adding
zones (master/slave/forward) into the appropriate views
will allow resolving of internal or domains hosted by the server.

By default there is no "listen-on port" option in the sample file, so it
listens on the default port (53) on all interfaces.

HTH
Regards,
Andrew.

On Thu, Aug 28, 2008 at 11:23 AM, Miguel A. Velasco <
miguel.suscripcion@gmail.com> wrote:

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos