Getting an error on a simple DNS configuration

2015-06-03 Thread Samad Agha
I put together a simple working DNS server and called it new-dns2 with the IP address of 206.117.115.93. My configuration files follow: [root@new-dns2 ~]# cat /etc/named.conf options { directory /var/named; }; zone 0.0.127.in-addr.arpa { type master; file db.127.0.0; };

Re: Getting an error on a simple DNS configuration

2015-06-03 Thread Samad Agha
Dear Tony, Bob, Matus, Thank you very much for your advice, you guys are awesome. On Wed, Jun 3, 2015 at 1:03 PM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: On 03.06.15 12:34, Samad Agha wrote: So, when I query my new DNS server from itself (206.117.115.93), it resolves the name to an

Re: Getting an error on a simple DNS configuration

2015-06-03 Thread Matus UHLAR - fantomas
On 03.06.15 12:34, Samad Agha wrote: So, when I query my new DNS server from itself (206.117.115.93), it resolves the name to an IP, but when I query my new DNS server from another Linux box, it fails with the following error message. you must allow BIND to provide recursive DNS for other

Re: Getting an error on a simple DNS configuration

2015-06-03 Thread Tony Finch
Samad Agha samad.agha2...@gmail.com wrote: So, when I query my new DNS server from itself (206.117.115.93), it resolves the name to an IP, but when I query my new DNS server from another Linux box, it fails with the following error message. ** server can't find google.com: REFUSED By

GSS-TSIG updates with multiple KSPs on the same BIND server?

2015-06-03 Thread Doug Barton
Folks, Reading through manuals, HOWTOs, etc. on line it SEEMS possible that BIND 9.8+ could be configured to use multiple KSPs. The traditional way of configuring GSS-TSIG is the following in options{}: tkey-domain FOO.BAR; tkey-gssapi-credential DNS/dns1.foo.bar; However that

Re: Getting an error on a simple DNS configuration

2015-06-03 Thread Bob Harold
If you don't specify recursion (or query-cache or allow-query), then the default is: allow-recursion (localnets; localhost;) Which means only things on the connected subnets are allowed to make recursive queries, all others get REFUSED. So add an allow-recursion ( .. subnet list ..); to your

Re: Fwd: Getting an error on a simple DNS configuration

2015-06-03 Thread Alan Clegg
allow-recursion { ... }; not allow-recursion ( ... ); And you need a ; at the end of your list: allow-recursion {207.151.36.0;}; On 6/3/15 5:14 PM, Samad Agha wrote: I put the allow-recursion clause under my options, the #service named restart failed. Where exactly should I place

Fwd: Getting an error on a simple DNS configuration

2015-06-03 Thread Samad Agha
I put the allow-recursion clause under my options, the #service named restart failed. Where exactly should I place this allow-recursion clause? [root@new-dns2 ~]# cat /etc/named.conf options { directory /var/named; allow-recursion (207.151.36.0); }; zone 0.0.127.in-addr.arpa {