linux DNS server?

T

travbrad

[H]ard|Gawd
Joined
Jan 11, 2005
Messages
1,253
I have a linux DNS server set up through webmin. I set up a couple forwarders, and set linux.localdomain.com to point to the linux box. I also set the linux box's own dns server to point to itself (127.0.0.1). I can ping linux.localdomain.com fine and can also ping websites fine FROM my linux box. However, when i set a windows computer to use the linux dns server they can't ping anything. The DNS server only works for the linux box itself (which is completely useless). I have TCP port 53 open too.

I'm totally stumped. I just have no idea why it's working for itself, but not for other computers. Any help would be greatly appreciated :)
 
on your Linux box, drop down to a console, and start playing with 'host' or 'nslookup'

First, do a 'host somedomain 127.0.0.1' and make sure it works. Then, do a 'host somedomain $your_LAN_IP_address'. This will make sure your DNS server is both working, and listening on your LAN IP. If that works, then get on your Windoze box, get to a command prompt, and do 'nslookup somedomain $IP_of_Linux_DNS_Server' and it should resolve. If that works, but you can't ping sites from the windose machine, then check and make sure they have the correct DNS server settings.
 
Also, make sure you have some outside DNS servers in your /etc/resolv.conf, so when you look for domains it doesn't know, it knows where to start looking.
 
He is running his own DNS server; as long as his DNS server is working and has the right root-hints, changing your resolve.conf won't be needed unless his own DNS server is down.
 
DNS uses TCP/53 for large queries, and UDP/53 for smaller ones. So you'll likely want them both open.
 
Fint said:
He is running his own DNS server; as long as his DNS server is working and has the right root-hints, changing your resolve.conf won't be needed unless his own DNS server is down.
Click to expand...
His own DNS sever doesn't know every thing now does it?

It needs to know where to go to look for hosts it doesn't know about, this is what reslov.conf is for, to tell it where to look next.

Another thing I would recomend, is DON'T put 127.0.0.1 in resolv.conf on the dns server, as from what I can remeber that causes it to infinitly ask itself who has the domain requested, so it looks like it just times out.
 
Thanks for all the responses. It turns out it was just my firewall. I had opened port 53 (for both tcp/udp), but it still wasn't working. I tried disabling my firewall and it worked. Then i got rid of the old firewall settings and re-input the port 53 stuff and now it works. I must have just typed something slightly wrong the first time. I've learned something though, DONT use a firewall when testing stuff out :) It seems the simple stuff gives me more problems than the difficult things
 
Xipher said:
His own DNS sever doesn't know every thing now does it?
Click to expand...
Correct, which is what the root-hints are for. This is what tells his DNS server where to look (the IPs of the Root DNS servers; those that are responsible for . ) for hosts it doesn't know about. So in theory, that's all he needs.

Xipher said:
It needs to know where to go to look for hosts it doesn't know about, this is what reslov.conf is for, to tell it where to look next.
Click to expand...
resolv.conf tells the OS what DNS servers to query. You really only need one in there, but more than one are good if the first one is down.
 
Fint said:
Correct, which is what the root-hints are for. This is what tells his DNS server where to look (the IPs of the Root DNS servers; those that are responsible for . ) for hosts it doesn't know about. So in theory, that's all he needs.
Click to expand...
In theory, yes, but in practice you shouldn't put unnessacary load on them when its not required. That and it never seems to work for me, lol, BIND will just respond saying it can't find the host, but then again I think I should have updated the root hints file.

Fint said:
resolv.conf tells the OS what DNS servers to query. You really only need one in there, but more than one are good if the first one is down.
Click to expand...
It tells the OS where to Query, but BIND will use it as well, to find servers to query before going to the root hints. Better to put the load on your ISP first if possible before going all the way to the top.
 
Xipher said:
It tells the OS where to Query, but BIND will use it as well, to find servers to query before going to the root hints. Better to put the load on your ISP first if possible before going all the way to the top.
Click to expand...

Bind (daemon part) doesn't touch /etc/resolv.conf; if it does there is something seriously wrong with Linux chroots!

The client, when making a DNS query will look at the resolv.conf and query them in order until they get a response. The path of that query is defined by your Bind configuration.

If your local Bind server can't answer the query it will tell the client so and the client will look at the next nameserver in resolv.conf. Eventually it'll go to the root name servers (unless it's cached) or the nameserver itself knows the host being queried.
 
doh said:
Bind (daemon part) doesn't touch /etc/resolv.conf; if it does there is something seriously wrong with Linux chroots!

The client, when making a DNS query will look at the resolv.conf and query them in order until they get a response. The path of that query is defined by your Bind configuration.

If your local Bind server can't answer the query it will tell the client so and the client will look at the next nameserver in resolv.conf. Eventually it'll go to the root name servers (unless it's cached) or the nameserver itself knows the host being queried.
Click to expand...

As of late you don't even need to chroot bind, as it drops root privs at startup.

I see what your saying though.
 
You must log in or register to reply here.
Back
Top