[afnog] DNS not responding to outside queries
Noa of Ark
ncmaina2001 at yahoo.com
Wed Oct 3 15:29:01 UTC 2007
Hello Mohamadi,
I tried dropping the iptalbes but still i did not get a positive result and my iptalbes are not the default firewall one, i set my own rules which of course permit udp port 53 for DNS queries.
Below is my named.conf file.
---------------------------------------------------------------------------------------------------------------------
# cat /etc/named.conf
//Directory where the rest of the files reside.
//--------------------------------------------
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
query-source address * port 53;
};
logging {
channel bindlog {
file "/var/log/bind.log" versions 5 size 1m;
print-time yes;
print-category yes;
print-severity yes;
};
category xfer-out { bindlog; };
category xfer-in { bindlog; };
category security { bindlog; };
category lame-servers { null; };
};
acl "wantaz" {
127/8; 172.16.1.0/24; 10.10.10.0/24; 192.168.1.0/24; 192.168.2.0/24; 41.221.48.0/20;
};
controls {
inet 127.0.0.1 allow { localhost; };
};
view "internal" {
match-clients { "wantaz"; };
match-recursive-only yes;
recursion yes;
zone "." IN {
type hint;
file "db.cache";
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "wanlan.db";
};
zone "wantaznetwork.com" IN {
type master;
allow-query { "wantaz"; };
file "in.wantaznetwork.com";
allow-transfer { 192.168.1.254; };
};
};
view "external" {
match-clients { any; };
match-recursive-only no;
recursion no;
zone "." IN {
type hint;
file "db.cache";
};
zone "63.221.41.in-addr.arpa" IN {
type master;
file "wanwan.db";
};
zone "wantaznetwork.com" IN {
type master;
file "ex.wantaznetwork.com";
allow-transfer { 41.221.63.5; };
};
};
include "/etc/rndc.key";
--------------------------------------------------------------------------------------------------------------------
Like you can see, i do have ACLs permiting only the networks i have specified in the acls.
So i am not certain if this is the reason.
I wouls like our domain to be pointed to this DNS server and unless the registrer reaches it , i will not be able to acheive that.
Please i appreciate your assistance.
Mohamadi ZONGO <mzongo at zcp.bf> wrote:
2007/10/3, Noa of Ark <ncmaina2001 at yahoo.com>:
My named.conf file is devided into VIEW's for the Internal network and external network. However when i get to the internet and try to access my DNS i dont get responce. My DNS servers don't respond to queries from the Internet. I cant even reach them thru ssh.
Have you match-clients { any; }; in the view for internet.
Do you use other ACLs on top of your config ?
I am not certain whether it is the iptables but yeah, that is my situation.
The best way is to drop all your iptabbles rules and try again ! If not fixed, you can post your config to the list.
--
mzongo
_______________________________________________
afnog mailing list
http://afnog.org/mailman/listinfo/afnog
A little sleep, a little slumber, a little folding of the hands to rest,
and poverty will come upon you like a robber,and want, like an armed warrior.
------------------------------------------------------------------------------------------
---------------------------------
Luggage? GPS? Comic books?
Check out fitting gifts for grads at Yahoo! Search.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://afnog.org/pipermail/afnog/attachments/20071003/8641f3e3/attachment.html
More information about the afnog
mailing list