1 |
Hi, |
2 |
|
3 |
There are two DNS server in my local network. |
4 |
|
5 |
server1.guru.com (192.168.0.2) Primary DNS Server |
6 |
server2.guru.com (192.168.0.3) Secondary DNS Server |
7 |
|
8 |
=> Here is my configuration file for server1.guru.com machine. |
9 |
|
10 |
#######################/etc/resolve.conf############################## |
11 |
domain guru.com |
12 |
search server1.guru.com server2.guru.com |
13 |
nameserver 192.168.0.2 |
14 |
nameserver 192.168.0.3 |
15 |
###################################################################### |
16 |
####################/var/named/chroot/etc/named.conf################## |
17 |
options { |
18 |
directory "/var/named"; |
19 |
dump-file "/var/named/data/cache_dump.db"; |
20 |
statistics-file "/var/named/data/named_stats.txt"; |
21 |
allow-transfer { 192.168.0.3; 192.168.0.1; }; |
22 |
allow-query { 192.168.0.0/24; localhost; }; |
23 |
allow-recursion { 192.168.0.0/24; localhost; }; |
24 |
}; |
25 |
|
26 |
controls { |
27 |
inet 127.0.0.1 allow { localhost; } keys { rndckey; }; |
28 |
}; |
29 |
|
30 |
logging { |
31 |
category dnssec { security_log; }; |
32 |
category update { security_log; }; |
33 |
category security { security_log; }; |
34 |
|
35 |
channel security_log { |
36 |
file "/var/named/dns-security.log" versions 5 size 20m; |
37 |
print-time yes; |
38 |
print-category yes; |
39 |
print-severity yes; |
40 |
severity info; |
41 |
}; |
42 |
}; |
43 |
|
44 |
//Root server hints |
45 |
zone "." IN { |
46 |
type hint; |
47 |
file "named.ca"; |
48 |
}; |
49 |
|
50 |
zone "localhost" IN { |
51 |
type master; |
52 |
file "localhost.zone"; |
53 |
}; |
54 |
|
55 |
zone "0.0.127.in-addr.arpa" IN { |
56 |
type master; |
57 |
file "127.0.0.zone"; |
58 |
}; |
59 |
|
60 |
acl "dhcp-clients" { |
61 |
192.168.0/24; |
62 |
}; |
63 |
|
64 |
key rndckey { |
65 |
algorithm hmac-md5; |
66 |
secret |
67 |
"OhoyIvQSE0MULVwlAXJom24RnpFUMhXdwihJHkECEBUQd9MKz0qcHKMphT8o"; |
68 |
}; |
69 |
|
70 |
zone "server1.guru.com" IN { |
71 |
type master; |
72 |
file "server1.guru.com.zone"; |
73 |
allow-query { any; }; |
74 |
allow-update { key rndckey; }; |
75 |
}; |
76 |
|
77 |
zone "0.168.192.in-addr.arpa" IN { |
78 |
type master; |
79 |
file "0.168.192.zone"; |
80 |
allow-query { any; }; |
81 |
allow-update { key rndckey; }; |
82 |
}; |
83 |
|
84 |
#include "/etc/rndc.key"; |
85 |
###################################################################### |
86 |
#######/var/named/chroot/var/named/server1.guru.com.zone############## |
87 |
$TTL 86400 |
88 |
@ IN SOA server1.guru.com. root.server1.guru.com. ( |
89 |
1 ; serial |
90 |
300 ; refresh (5 minutes) |
91 |
10 ; retry (10 seconds) |
92 |
86400 ; expire (1 day) |
93 |
600 ; minimum (10 minutes) |
94 |
) |
95 |
|
96 |
@ IN NS server1.guru.com. |
97 |
@ IN MX 10 server1.guru.com. |
98 |
|
99 |
server1.guru.com. IN A 192.168.0.2 |
100 |
server2.guru.com. IN A 192.168.0.3 |
101 |
win2k.guru.com. IN A 192.168.0.1 |
102 |
|
103 |
www1 CNAME server1.guru.com. |
104 |
www2 CNAME server2.guru.com. |
105 |
www3 CNAME win2k.guru.com. |
106 |
|
107 |
server2 IN MX 0 server1.guru.com. |
108 |
win2k IN MX 0 server1.guru.com. |
109 |
###################################################################### |
110 |
#######/var/named/chroot/var/named/0.168.192.zone##################### |
111 |
$TTL 86400 |
112 |
@ IN SOA server1.guru.com. root.server1.guru.com. ( |
113 |
0 ; serial |
114 |
300 ; refresh (5 minutes) |
115 |
60 ; retry (1 minute) |
116 |
86400 ; expire (1 day) |
117 |
600 ; minimum (10 minutes) |
118 |
) |
119 |
|
120 |
@ IN NS server1.guru.com. |
121 |
|
122 |
2.0.168.192.in-addr.apra. IN PTR server1.guru.com. |
123 |
1.0.168.192.in-addr.arpa. IN PTR win2k.guru.com. |
124 |
3.0.168.192.in-addr.arpa. IN PTR server2.guru.com. |
125 |
###################################################################### |
126 |
|
127 |
==================================================================== |
128 |
|
129 |
=> Here is my configuration file for server2.guru.com machine. |
130 |
|
131 |
#######################/etc/resolve.conf############################## |
132 |
domain guru.com |
133 |
search server1.guru.com server2.guru.com |
134 |
nameserver 192.168.0.2 |
135 |
nameserver 192.168.0.3 |
136 |
###################################################################### |
137 |
####################/var/named/chroot/etc/named.conf################## |
138 |
options { |
139 |
directory "/var/named"; |
140 |
dump-file "/var/named/data/cache_dump.db"; |
141 |
statistics-file "/var/named/data/named_stats.txt"; |
142 |
allow-transfer { none; }; |
143 |
allow-query { 192.168.0.0/24; localhost; }; |
144 |
allow-recursion { 192.168.0.0/24; localhost; }; |
145 |
}; |
146 |
|
147 |
controls { |
148 |
inet 127.0.0.1 allow { localhost; } keys { rndckey; }; |
149 |
}; |
150 |
|
151 |
//Root server hints |
152 |
zone "." IN { |
153 |
type hint; |
154 |
file "named.ca"; |
155 |
}; |
156 |
|
157 |
zone "localhost" IN { |
158 |
type master; |
159 |
file "localhost.zone"; |
160 |
}; |
161 |
|
162 |
zone "0.0.127.in-addr.arpa" IN { |
163 |
type master; |
164 |
file "127.0.0.zone"; |
165 |
}; |
166 |
|
167 |
zone "server1.guru.com" IN { |
168 |
type slave; |
169 |
file "server1.guru.com.zone"; |
170 |
masters { 192.168.0.2; }; |
171 |
allow-query { any; }; |
172 |
}; |
173 |
|
174 |
zone "0.168.192.in-addr.arpa" IN { |
175 |
type slave; |
176 |
file "0.168.192.zone"; |
177 |
masters { 192.168.0.2; }; |
178 |
allow-query { any; }; |
179 |
}; |
180 |
|
181 |
#include "/etc/rndc.key"; |
182 |
###################################################################### |
183 |
#######/var/named/chroot/var/named/server1.guru.com.zone############## |
184 |
$ORIGIN guru.com. |
185 |
$TTL 86400 ; 1 day |
186 |
server1 IN SOA server1 root.server1 ( |
187 |
1 ; serial |
188 |
300 ; refresh (5 minutes) |
189 |
10 ; retry (10 seconds) |
190 |
86400 ; expire (1 day) |
191 |
600 ; minimum (10 minutes) |
192 |
) |
193 |
NS server1 |
194 |
A 192.168.0.2 |
195 |
MX 0 server1 |
196 |
MX 10 server1 |
197 |
$ORIGIN server1.guru.com. |
198 |
server1 MX 0 server1.guru.com. |
199 |
server2 MX 0 server1.guru.com. |
200 |
win2k MX 0 server1.guru.com. |
201 |
www1 CNAME server1.guru.com. |
202 |
www2 CNAME server2.guru.com. |
203 |
www3 CNAME win2k.guru.com. |
204 |
$ORIGIN guru.com. |
205 |
server2 A 192.168.0.3 |
206 |
MX 10 server1 |
207 |
win2k A 192.168.0.1 |
208 |
###################################################################### |
209 |
#######/var/named/chroot/var/named/0.168.192.zone##################### |
210 |
$ORIGIN . |
211 |
$TTL 86400 ; 1 day |
212 |
2.0.168.192.in-addr.apra IN PTR server1.guru.com. |
213 |
0.168.192.in-addr.arpa SOA server1.guru.com. root.server1.guru.com. ( |
214 |
0 ; serial |
215 |
300 ; refresh (5 minutes) |
216 |
60 ; retry (1 minute) |
217 |
86400 ; expire (1 day) |
218 |
600 ; minimum (10 minutes) |
219 |
) |
220 |
NS server1.guru.com. |
221 |
$ORIGIN 0.168.192.in-addr.arpa. |
222 |
1 PTR win2k.guru.com. |
223 |
3 PTR server2.guru.com. |
224 |
###################################################################### |
225 |
|
226 |
=============================================================================== |
227 |
|
228 |
Now I from server1, when I try some commands, following is the results: |
229 |
------------------------------------------------------------------------- |
230 |
#dig server1.guru.com |
231 |
; <<>> DiG 9.2.4 <<>> server1.guru.com |
232 |
;; global options: printcmd |
233 |
;; Got answer: |
234 |
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26610 |
235 |
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 |
236 |
|
237 |
;; QUESTION SECTION: |
238 |
;server1.guru.com. IN A |
239 |
|
240 |
;; ANSWER SECTION: |
241 |
server1.guru.com. 86400 IN A 192.168.0.2 |
242 |
|
243 |
;; AUTHORITY SECTION: |
244 |
server1.guru.com. 86400 IN NS server1.guru.com. |
245 |
|
246 |
;; Query time: 3 msec |
247 |
;; SERVER: 192.168.0.2#53(192.168.0.2) |
248 |
;; WHEN: Sun Mar 26 12:38:00 2006 |
249 |
;; MSG SIZE rcvd: 64 |
250 |
------------------------------------------------------------------------- |
251 |
------------------------------------------------------------------------- |
252 |
#dig server2.guru.com |
253 |
; <<>> DiG 9.2.4 <<>> server2.guru.com |
254 |
;; global options: printcmd |
255 |
;; connection timed out; no servers could be reached |
256 |
------------------------------------------------------------------------- |
257 |
------------------------------------------------------------------------- |
258 |
#nslookup 192.168.0.2 |
259 |
Server: 192.168.0.2 |
260 |
Address: 192.168.0.2#53 |
261 |
|
262 |
** server can't find 2.0.168.192.in-addr.arpa: NXDOMAIN |
263 |
------------------------------------------------------------------------- |
264 |
------------------------------------------------------------------------- |
265 |
#nslookup 192.168.0.3 |
266 |
Server: 192.168.0.2 |
267 |
Address: 192.168.0.2#53 |
268 |
|
269 |
3.0.168.192.in-addr.arpa name = server2.guru.com. |
270 |
------------------------------------------------------------------------- |
271 |
------------------------------------------------------------------------- |
272 |
#ping -c 4 server1.guru.com |
273 |
PING server1.guru.com (192.168.0.2) 56(84) bytes of data. |
274 |
64 bytes from server1.guru.com (192.168.0.2): icmp_seq=0 ttl=64 time=0.041ms |
275 |
64 bytes from server1.guru.com (192.168.0.2): icmp_seq=1 ttl=64 time=0.047ms |
276 |
64 bytes from server1.guru.com (192.168.0.2): icmp_seq=2 ttl=64 time=0.046ms |
277 |
64 bytes from server1.guru.com (192.168.0.2): icmp_seq=3 ttl=64 time=0.050ms |
278 |
|
279 |
--- server1.guru.com ping statistics --- |
280 |
4 packets transmitted, 4 received, 0% packet loss, time 3003ms |
281 |
rtt min/avg/max/mdev = 0.041/0.046/0.050/0.003 ms, pipe 2 |
282 |
------------------------------------------------------------------------- |
283 |
------------------------------------------------------------------------- |
284 |
#ping -c 4 server2.guru.com |
285 |
ping: unknown host server2.guru.com |
286 |
------------------------------------------------------------------------- |
287 |
WHAT IS WRONG IN SETUP? PLEASE HELP ME. |
288 |
|
289 |
IF YOU NEED MORE INFO, LET ME KNOW. |
290 |
|
291 |
TnR, |
292 |
Hiren |