0

I'm having troubles configuring BIND with the reverse DNS being made by an external server in the hosting company.

Lets assume i have a domain "server.com" that should contain 2 nameservers: ns1.server.com and ns2.server.com. I want to use ip addresses 123.12.254.123 and 123.12.254.124 the DNS servers from the hosting company are: 124.24.254.124 and 124.24.254.134

so the named.conf has:

options {
    empty-zones-enable no;
    listen-on port 53 { any; };
    listen-on-v6 port 53 { any; };
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";

    forwarders { 124.24.254.124; 124.24.254.134; };
    allow-query {
        any;
    };
    allow-transfer {
        123.12.254.123/16;
    };
    allow-recursion { 123.12.254.123/16; };
};

logging {
    channel default_debug {
        file "data/named.run";
        severity dynamic;
    };
};

view "external" {
    match-clients { any; };
    match-destinations { any; };

    zone "server.com" IN {
        type master;
        file "/var/named/server.com.db";
    };
};

file "/var/named/server.com.db"

$TTL 14400 
server.com. IN  SOA ns1.server.com. mail.server.com. (
            2013050623
            6H
            1H
            5D
            20M )

server.com. IN  A   123.12.254.123

www.server.com. IN  CNAME   server.com

ns1.server.com. IN  A   123.12.254.123
ns2.server.com. IN  A   123.12.254.124

server.com. IN  NS  ns1.server.com.

server.com. IN  NS  ns2.server.com.

mail.server.com   IN    MX     1 server.com.

ftp.server.com. IN  A   123.12.254.123
mail.server.com.    IN  A   123.12.254.123

file /etc/hosts

127.0.0.1   localhost , localhost.localdomain , localhost4 , localhost4.localdomain4
::1 localhost , localhost.localdomain , localhost6 , localhost6.localdomain6
123.12.254.123  ns1.server.com , ns1
123.12.254.124  ns2.server.com , ns2

file /etc/resolv.conf

nameserver 124.24.254.124
nameserver 124.24.254.134
search server.com

dig and nslookup to ns1 or ns1.server.com give SERVFAIL.

What is wrong with this?

Thank you

fukawi2
  • 5,327
  • 3
  • 30
  • 51
Nitrate
  • 1

1 Answers1

1

Your reverse DNS is a completely separate zone to your forward lookups; it doesn't matter that it's hosted on a different server.

The SERVFAIL is because something is wrong with your configuration for the forward zone (server.com) or your bind config. I can't see anything obviously wrong with either. You'll need to examine the logs on the server-side. You might like to start bind with 'named -g' (in the foreground) to see the output while you test.

fukawi2
  • 5,327
  • 3
  • 30
  • 51
  • I have this errors, however folder and files permissions are 770 and owner/group named/named 10-May-2013 07:01:27.406 could not open file '/var/run/named/named.pid': Permission denied 10-May-2013 07:01:27.406 unlink '/var/run/named/named.pid': failed 10-May-2013 07:01:27.406 generating session key for dynamic DNS 10-May-2013 07:01:27.406 could not open file '/var/run/named/session.key': Permission denied 10-May-2013 07:01:27.406 could not create /var/run/named/session.key – Nitrate May 10 '13 at 11:02
  • Edit your original post to add that information; it is difficult to read in a comment. /var/run/named should be owned by named:named with permission 755. Are there existing files in that path? Are you using SELinux? Read-only file-system somehow? – fukawi2 May 12 '13 at 08:03