can you help me setup DNS forwarding
5,232
the problem was i had enable dns-sec in the file - i removed all the sec stuff and it worked
thanks
Related videos on Youtube
Author by
mbrambley
Updated on September 18, 2022Comments
-
mbrambley almost 2 years
I have a dns server in a subnet of the corporate network and i want to tell it to forward to the main dns servers when it cannot resolve
this is my file:
// // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { any; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; forwarders { 10.90.0.135; 10.90.0.174; }; forward first; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; zone "appletop.local" IN { type master; file "appletop.local"; allow-update { none; }; };
i know the dns server 10.90.0.35 is good and if i use it to resolve using dig its fine ie
[root@ns1 etc]# dig www.yahoo.com @10.90.0.135 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.0.2.el6_4.6 <<>> www.yahoo.com @10.90.0.135 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24437 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.yahoo.com. IN A ;; ANSWER SECTION: www.yahoo.com. 278 IN CNAME fd-fp3.wg1.b.yahoo.com. fd-fp3.wg1.b.yahoo.com. 278 IN CNAME ds-fp3.wg1.b.yahoo.com. ds-fp3.wg1.b.yahoo.com. 1 IN CNAME ds-eu-fp3-lfb.wa1.b.yahoo.com. ds-eu-fp3-lfb.wa1.b.yahoo.com. 235 IN CNAME ds-eu-fp3.wa1.b.yahoo.com. ds-eu-fp3.wa1.b.yahoo.com. 26 IN A 87.248.122.122 ds-eu-fp3.wa1.b.yahoo.com. 26 IN A 87.248.112.181 ;; Query time: 49 msec ;; SERVER: 10.90.0.135#53(10.90.0.135) ;; WHEN: Thu Sep 12 17:37:15 2013 ;; MSG SIZE rcvd: 167
but i cannot get it to forward any of my normal requests to that server
what have i done wrong im copying the entrys from examples on the net but it doesnt work
thank you
-
Daniel Widrick almost 11 yearstry removing the
recursion
andallow-recursion
lines? It looks like you cannot contact root DNS servers (Network admin likely blocking clients from reaching outside of network for dns).