[CentOS] Configure a local DNS caching nameserver: partial success

Hi

Do you really need to use bind perhaps dnsmasq? would be a better
option for you.

Per
E-mail: per at norhex.com [1]
http://www.linkedin.com/in/perqvindesland [2]
--- Original message follows ---
SUBJECT:?[CentOS] Configure a local DNS caching nameserver: partial
success
FROM: ?Niki Kovacs
TO:?"CentOS mailing list"
DATE:?02-07-2009 9:48

Hi,

The subject says it all. On my "server" machine in the local LAN
(192.168.1.252 in a 192.168.1.0/24 network), I setup Bind. I
installed
the 'caching-nameserver' package, which provides a set of
configuration
files for Bind so it can be used as a caching nameserver out of the
box.

On the server :

I start bind (service named start), and try it out.

# host www.google.fr 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:
www.google.fr is an alias for www.google.com.
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 209.85.227.99
www.l.google.com has address 209.85.227.103
www.l.google.com has address 209.85.227.104
www.l.google.com has address 209.85.227.147

Which tells me basically that my DNS server works.

Now I'd like all the other machines on the network to use this local
DNS
server instead of my ISP's DNS. First thing, I know Bind uses port
53,
so I take care to open that port on the server as well as on the
other
machines in the network. Then, I try to use my local DNS server
manually
on one of the machines, but I only get this :

$ host www.google.fr 192.168.1.252
;; connection timed out; no servers could be reached

Since I'm rather new to Bind, this leaves me a bit clueless. I'm
currently busy reading "DNS & Bind" from O'Reilly, but this 750 page
book is ideal for blocking my terrace door on windy days, and the
problem is not absence, but wealth of information.

Any suggestions ?

Niki
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos

Links:
------
[1] http://webmail.norhex.com/#
[2] http://www.linkedin.com/in/perqvindesland

53 udp and tcp ?

No, that's not it. I disabled the (internal) firewall just for testing's
sake, and still nothing. I can only use Bind on localhost (e. g. on the
machine where I installed it), but not from any other machine on the
network.

From: Niki Kovacs <contact at kikinovak.net>
what does the following command output on the server?

netstat -nlp | grep named
What do you have in your other machines /etc/resolv.conf ?

JD

what does you named.conf look like? i am guessing you have it set to
only listen on localhost

make sure you have a line similar to

listen-on port 53 { 192.168.10.1; };

and bounce named

I just got it to work. In fact, I deleted the stock caching-nameserver
package and followed this excellent tutorial:

http://www.madboa.com/geek/soho-bind/

Works great!

Cheers,

Niki

Here's my working /etc/named.caching-nameserver.conf:
http://pastie.org/531889

Replace 192.168.1.0/24 with your own network.

Cheers

i dont see what was wrong with the stock one - seems you did not fully
configure it

Make sure iptables allows both TCP and UDP port 53.

Make sure that you have

allow-recursion { your.subnet.address/mask; }
allow-query { any; }

In your named.conf

--Chris