View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions DNS: I'm stumped.
Log in to Ask a Question

DNS: I'm stumped.

networking

Okay, so I'm running FC9, with BIND9.

I got everything installedl.

I'm just stuck on the configuration.

It works locally. I set my resolv.conf servers to 127.0.0.1 just to test it out and it works fine. But whenever I try anything remotely, I get a REFUSED statement.

Local

[root@localhost init.d]# dig @localhost illhosting.com

; <<>> DiG 9.5.1-P2 <<>> @localhost illhosting.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39715
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;illhosting.com.            IN  A

;; ANSWER SECTION:
illhosting.com.        38400   IN  A   127.0.0.1

;; AUTHORITY SECTION:
illhosting.com.        38400   IN  NS  ns1.illhosting.com.
illhosting.com.        38400   IN  NS  ns2.illhosting.com.

;; ADDITIONAL SECTION:
ns1.illhosting.com.    38400   IN  A   127.0.0.1
ns2.illhosting.com.    38400   IN  A   127.0.0.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Sep 23 20:55:52 2009
;; MSG SIZE  rcvd: 116

Remote

[root@li16-248 etc]# dig @74.207.231.192 illhosting.com

; <<>> DiG 9.5.0-P2 <<>> @74.207.231.192 illhosting.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 2344
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;illhosting.com.            IN  A

;; Query time: 1 msec
;; SERVER: 74.207.231.192#53(74.207.231.192)
;; WHEN: Wed Sep 23 20:56:19 2009
;; MSG SIZE  rcvd: 32

Here's my named.conf

key "rndckey" {
    algorithm hmac-md5;
    secret "[my key is here]";
};

options {
    listen-on port 53 { 127.0.0.1; };
    listen-on-v6 port 53 { ::1; };
    directory   "/var/named";
    dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
    allow-query     { any; };
    recursion yes;
};

view localhost_resolver {
        allow-query { any; };
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
    type hint;
    file "named.ca";
};

include "/etc/named.rfc1912.zones";

zone "illhosting.com" {
    type master;
    file "/var/named/illhosting.com.hosts";
    };

Any ideas what could be the problem?

2 Replies

@teeth: 

view localhost_resolver {
        allow-query { any; };
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};


Perhaps try changing those localhosts to any, or add an external view.

Yes, you need to add an external/public view… Don't add public to your existing view without disabling recursion though or you'll be open to abuse.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct