Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: DNS-Server on Ubuntu not responding to queries from other machines.

  1. #1
    Join Date
    Jun 2013
    Beans
    11

    DNS-Server on Ubuntu not responding to queries from other machines.

    Edit: Woops, wrong language. I translated it from german to english now.

    Hello!

    I am trying to setup a small Ubuntu-Server (v12.04.2) to run an Apache. The Apache is up and running, on visiting the IP of the server in a browser on a windows machine in the same network, I receive the "It-Works"-page of apache. So that is not the problem!

    I do not want to type in the IP of the server to access the Apache, neither do I want to edit all the clients hosts-files, so I thought I just run a DNS-Server on the Ubuntu-Server. This should make it possible to access the Server through for example http://advitum, shouldn't it?

    When running
    Code:
    dig A advitum @192.168.2.19
    on the server (192.168.2.19 is the servers IP), I get this:

    Code:
    ; <<>> DiG 9.8.1-P1 <<>> A advitum @192.168.2.19
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 53132
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;advitum.                       IN      A
    
    ;; Query time: 0 msec
    ;; SERVER: 192.168.2.19#53(192.168.2.19)
    ;; WHEN: Sun Jun  9 14:00:48 2013
    ;; MSG SIZE  rcvd: 25
    But when running
    Code:
    nslookup advitum 192.168.2.19
    on the windows-machine in the network, I get:

    Code:
    Server: ns.advitum
    Address: 192.168.2.19
    
    *** advitum wurde von ns.advitum nicht gefunden: Non-existend domain.
    (Translation: advitum was not found at ns.advitum...)

    The DNS is configured like this:

    /etc/bind/named.conf.options
    Code:
    options {
            directory "/var/cache/bind";
    
            // If there is a firewall between you and nameservers you want
            // to talk to, you may need to fix the firewall to allow multiple
            // ports to talk.  See http://www.kb.cert.org/vuls/id/800113
    
            // If your ISP provided one or more IP addresses for stable
            // nameservers, you probably want to use them as forwarders.
            // Uncomment the following block, and insert the addresses replacing
            // the all-0's placeholder.
    
            forwarders {
                    80.69.100.102;
                    80.69.100.230;
            };
    
            //========================================================================
            // If BIND logs error messages about the root key being expired,
            // you will need to update your keys.  See https://www.isc.org/bind-keys
            //========================================================================
            dnssec-validation auto;
    
            auth-nxdomain no;    # conform to RFC1035
            listen-on-v6 { any; };
    };
    As forwarders I inserted the ISPs DNS-Servers, that is correct, isn't it?

    /etc/bind/named.conf.local
    Code:
    zone "advitum" {
            type master;
            file "/etc/bind/db.advitum";
    };
    
    zone "2.168.192.in-addr.arpa" {
            type master;
            notify no;
            file "/etc/bind/db.192";
    };
    /etc/bind/db.advitum
    Code:
    $TTL    604800
    @       IN      SOA     ns.advitum. info.advitum.de. (
                                  4         ; Serial
                             604800         ; Refresh
                              86400         ; Retry
                            2419200         ; Expire
                             604800 )       ; Negative Cache TTL
    ;
    @       IN      NS      ns.advitum.
    @       IN      A       192.168.2.19
    advitum IN      A       192.168.2.19
    /etc/bind/db.192
    Code:
    $TTL    604800
    @       IN      SOA     ns.advitum. info.advitum.de. (
                                  3         ; Serial
                             604800         ; Refresh
                              86400         ; Retry
                            2419200         ; Expire
                             604800 )       ; Negative Cache TTL
    ;
    @       IN      NS      ns.
    19      IN      PTR     ns.advitum.
    I hope, you will be able to help me with this. I am trying for hours now and have no result yet.

    Thanks in advance for your help!
    Last edited by LarsEbert; June 9th, 2013 at 01:23 PM. Reason: Transation from German to English! Sorry!

  2. #2
    Join Date
    Mar 2013
    Beans
    27

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    try this:
    /etc/bind/db.advitum
    Code:
    $TTL    604800
    @       IN      SOA     dns.advitum. root.dns.advitum. (
                                  4         ; Serial
                             604800         ; Refresh
                              86400         ; Retry
                            2419200         ; Expire
                             604800 )       ; Negative Cache TTL
             IN      NS      loalhost.
             IN      A       127.0.0.0
    localhost IN CNAME localhost.
    *       IN      A       192.168.2.19

  3. #3
    Join Date
    Jun 2013
    Beans
    11

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Hi Vitsliputsli,

    I included your changes and now get the following on the Server:

    Code:
    dig advitum @192.168.2.19
    Code:
    ; <<>> DiG 9.8.1-P1 <<>> advitum @192.168.2.19
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18978
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
    
    ;; QUESTION SECTION:
    ;advitum.                       IN      A
    
    ;; ANSWER SECTION:
    advitum.                604800  IN      A       127.0.0.1
    
    ;; AUTHORITY SECTION:
    advitum.                604800  IN      NS      localhost.
    
    ;; ADDITIONAL SECTION:
    localhost.              604800  IN      A       127.0.0.1
    localhost.              604800  IN      AAAA    ::1
    
    ;; Query time: 0 msec
    ;; SERVER: 192.168.2.19#53(192.168.2.19)
    ;; WHEN: Sun Jun  9 15:23:09 2013
    ;; MSG SIZE  rcvd: 108
    That looks much better to me, but on the windows machine, nothing changed! Do I have to change something else?

  4. #4
    Join Date
    Mar 2013
    Beans
    27

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Sorry,
    string
    IN A 127.0.0.0
    must be
    IN A 192.168.2.19
    for resolve advitum.

    /etc/bind/named.conf.local only for local configuration. Use /etc/bind/named.conf

  5. #5
    Join Date
    Jun 2013
    Beans
    11

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Thank you for your answer. I changed 127.0.0.1 to 192.168.2.19 and move the zones from named.conf.local to named.conf. But sadly, the nslookup on the windows machine still returns "advitum was not found by ns.advitum: Non-existent domain." Do I have to configure a something else maybe?

    Edit: Is it correct that we changed ns.advitum to dns.advitum in db.advitum while in db.192 it still says ns.advitum?
    Last edited by LarsEbert; June 9th, 2013 at 03:35 PM.

  6. #6
    Join Date
    Mar 2013
    Beans
    27

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Add into /etc/bind/named.conf, into options:
    allow-query { 0.0.0.0/0; 127.0.01; };
    Correct 0.0.0.0/0 to your sub-net for most security.

    Long time I have not use bind, so I forgot many things.

  7. #7
    Join Date
    Jun 2013
    Beans
    11

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Thank you very much, you have been a great help!
    Here's what I added to named.conf.options:

    Code:
    allow-query { 255.255.255.0/0; 127.0.0.1; };
    I am not entirely sure what to add after the Slash. With the 0 it again gives me the result "Non existent domain", with any other number the nslookup-result changes to "Query refused";

    On the Server, everything seems to be running fine, on running
    Code:
    curl http://advitum
    it outputs the "It-Works"-page the Apache delivers, but it does not work on the windows machine. Do you have any idea why?

  8. #8
    Join Date
    Mar 2013
    Beans
    27

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    0.0.0.0/0 - allow query from all ip. 0.0.0.0 - ip of network, /0 - mask for this network.
    127.0.0.1 - local loop back.

    For example, if you whant to connect only from ip 192.168.1.1 - 192.168.1.255:
    192.168.1.0/24

    from 10.0.0.1 - 10.0.255.255:
    10.0.0.0/16

  9. #9
    Join Date
    Jun 2013
    Beans
    11

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Ah, okay. Understood!

    I now set the value to 192.168.2.0/24 and 127.0.0.1.
    Still I get the response "non-existent domain".

    I guess the problem has to be the server. The query seems to reach it, otherwise the error message would not have changed when I had set allow-query to 255.255.255.0/24. In that case, the Query was rejected with "Query refused". So the query at least reaches the server.

    I appreciate your help very much. Do you (or anyone else) have any more ideas where to check? It has to be possible to set this up the right way!

    Edit: I just discovered by accident that querying for ns.advitum instead of advitum succeeded and delivered the IP of my server, just as well as any other subdomain of advitum. So I guess the problem seems to lie somewhere in /etc/bind/db.advitum (Servers IP was changed from .19 to .2, fyi):

    Code:
                IN    NS        localhost.
                IN    A         192.168.2.2
    localhost   IN    CNAME     localhost.
    *           IN    A         192.168.2.2
    Last edited by LarsEbert; June 10th, 2013 at 05:32 PM.

  10. #10
    Join Date
    Mar 2013
    Beans
    27

    Re: DNS-Server on Ubuntu not responding to queries from other machines.

    Check another time:
    Code:
    $TTL    604800@       IN      SOA     dns.advitum. root.dns.advitum. (
                                  4         ; Serial
                             604800         ; Refresh
                              86400         ; Retry
                            2419200         ; Expire
                             604800 )       ; Negative Cache TTL
             IN      NS      advitum.
             IN      A       192.168.2.19
    *       IN      A       192.168.2.19
    String before last for resolve first domain name: advitum.
    Last string for resolve second domain name: something.advitum.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •