0

I have set up a DNS Server within my company's LAN.

Local nameservers works correctly, however those outside such as google.com are not resolved...

By running dig google.it I get this result:

; <<>> DiG 9.10.6 <<>> google.it ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 5354 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;google.it. IN A

;; Query time: 71 msec ;; SERVER: 192.168.83.4#53(192.168.83.4) ;; WHEN: Thu Nov 03 08:59:41 CET 2022 ;; MSG SIZE rcvd: 38

My current LAN config is:

  • Gateway: 192.168.83.1
  • Subnet: 255.255.255.0
  • Web Server: 192.168.83.3
  • DNS Server: 192.168.83.4
  • Storage 1: 192.168.83.5
  • Storage 2: 192.168.83.6

Etc..

As for Bind this is my config: (I replaced my real domain with the mydomain.it keyword)

/etc/bind/named.conf.options

acl trusted {
        192.168.83.0/24;
};

options {
        directory "/var/cache/bind";

        allow-query { localhost; trusted; };
        allow-transfer { localhost; };
        forwarders { 8.8.8.8; 8.8.4.4; };
        recursion yes;

        dnssec-validation auto;

        listen-on-v6 { any; };
};

/etc/bind/named.conf.local

zone "dc1.mydomain.it" IN {
        type master;
        file "/etc/bind/zones/db.dc1.mydomain.it";
        allow-update { none; };
};

zone "168.192.in-addr.arpa" IN {
        type master;
        file "/etc/bind/zones/db.192.168";
        allow-update { none; };
};

/etc/bind/zones/db.dc1.mydomain.it

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     dc1.mydomain.it. admin.dc1.mydomain.it. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
        IN      NS      ns1.dc1.mydomain.it.

ns1.dc1.mydomain.it.           IN      A       192.168.83.4
www.dc1.mydomain.it.           IN      A       192.168.83.3
storage1.dc1.mydomain.it.      IN      A       192.168.83.5
storage2.dc1.mydomain.it.      IN      A       192.168.83.6

Etc..

/etc/bind/zones/db.192.168

;
; BIND reverse data file for local loopback interface
;
$TTL    604800
@       IN      SOA     dc1.mydomain.it. admin.dc1.mydomain.it. (
                              3         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
        IN      NS      ns1.dc1.mydomain.it.

4.83    IN      PTR     ns1.dc1.mydomain.it.
3.83    IN      PTR     www.dc1.mydomain.it.
5.83    IN      PTR     storage1.dc1.mydomain.it.
6.83    IN      PTR     storage2.dc1.mydomain.it.

I state that I am not very experienced with Bind, can anyone tell me where I may have gone wrong?

TheRed27
  • 1
  • 1
  • Your config looks correct to me. What happens when you try to resolve from the server itself? – jabbson Nov 03 '22 at 14:27
  • The code `SERVFAIL` could mean multiple things, including configuration issues and also issues outside of your server. Do the logs give any interesting records on a failed resolution or start-up? – Torin Nov 06 '22 at 23:31
  • At the moment I'm abroad, as soon as I get back I'll try and let you know, thanks for your answer! – TheRed27 Nov 07 '22 at 12:35

0 Answers0