BIND9 will not resolve
12,568
I have not looked into the details yet, but the problem lies in this line:
dnssec-validation auto;
It seems that the version of bind9 in 16.04 enables dnssec-validation by default. Switching to:
dnssec-validation no;
should solve the problem.
Related videos on Youtube
Comments
-
Noah over 1 year
For some reason when I do
nslookup router
ornslookup KLAMESERVER
for my router.Klamenick.com or KLAMESERVER.Klamenick.com internal domain, it always says:Server: 192.168.0.2 Address: 192.168.0.2#53 ** server can't find router.Klamenick.com: SERVFAIL
I checked all of my documents I configured to check if my domains had periods after them and they did. It must be something else.
Below are the files I configured:
/etc/bind/named.conf.options
options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 8.8.8.8; 8.8.8.4; }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; };
/etc/bind/named.conf.local
// // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; zone "Klamenick.com" { type master; file "/etc/bind/db.Klamenick.com"; }; zone "0.168.192.in-addr.arpa" { type master; notify no; file "/etc/bind/db.192"; };
/etc/bind/db.Klamenick.com
; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA KLAMESERVER.Klamenick.com. root.localhost. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS KLAMESERVER.Klamenick.com. @ IN A 127.0.0.1 @ IN AAAA ::1 ; Below are A record Addresses router IN A 192.168.0.1 server IN A 192.168.0.2 ; Below are CNAME Record Addresses (Aliases) - Point to an A Record Address server1 IN CNAME KLAMESERVER.Klamenick.com. router1 IN CNAME router.Klamenick.com.
/etc/bind/db.192
; ; BIND reverse data file for local loopback interface ; $TTL 604800 @ IN SOA KLAMESERVER.Klamenick.com. root.localhost. (( 1 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS localhost. 1 IN PTR router.Klamenick.com. 2 IN PTR KLAMESERVER.Klamenick.com.
/etc/resolv.conf
nameserver 192.168.0.2 search Klamenick.com domain Klamenick.com
Anybody know what's up?