DNS configuration using bind9

[linuxmodex]

Hello,

I am currently encountering DNS configuration issues with bind9. I have installed bind9 and made the following adjustments to the configuration files:

In the "named.conf.options" file, I added a new access control list block for my trusted clients, like this:

acl "trusted" {
192.168.5.0/24;
localhost;
};

I also allowed specific properties in the "options" section, including recursion, allow-recursion, listen-on 192.168.5.3 (my DNS server), allow-transfer (none), and allow-query (trusted). Additionally, I added forwarders like this:

forwarders {
10.100.0.1;
10.100.0.2;
};

For the forward and reverse zones, I created two files and referenced them in the "named.conf.local".


My reverse zone file:

$TTL 604800
@ IN SOA MyFQDN admin.MyFQDN (
8 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expired
604800 ) ; Negative Cache TTL

1 IN PTR ns2.MyFQDN ; 192.168.5.1
2 IN PTR ns2.MyFQDN ; 192.168.5.2
3 IN PTR ns2.MyFQDN ; 192.168.5.3
4 IN PTR ns2.MyFQDN ; 192.168.5.4


My forward zone file:

$TTL 604800
@ IN SOA MyFQDN admin.MyFQDN (
12 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expired
604800 ) ; Negative Cache TTL

@ IN NS ns1.MyFQDN
@ IN NS ns2.MyFQDN
@ IN MX 0 mail.MyFQDN

ns1 IN A 192.168.5.3
www IN A 192.168.5.2

MyFQDN IN MX 10 mail.MyFQDN
ns1.MyFQDN IN A 192.168.5.3
ns2.MyFQDN IN A 192.168.5.1
www.MyFQDN IN A 192.168.5.2
mail.MyFQDN IN A 192.168.5.4


The DNS entries cannot be resolved.

ns1 could not be resolved right on ns1.
ns2 could not be resolved right on ns1.
www could not be resolved right on ns1.

reverse entry for ns1 could not be resolved right on ns1.
reverse entry for ns2 could not be resolved right on ns1.
reverse entry for www could not be resolved right on ns1.

I would greatly appreciate any assistance or insights you may have regarding these configurations. Thank you in advance!

 

[dos2unix]

What kinds of problems are you having? Any errors?

 

[linuxmodex]

What kinds of problems are you having? Any errors?

The DNS entries cannot be resolved...

ns1 could not be resolved right on ns1.
ns2 could not be resolved right on ns1.
www could not be resolved right on ns1.

reverse entry for ns1 could not be resolved right on ns1.
reverse entry for ns2 could not be resolved right on ns1.
reverse entry for www could not be resolved right on ns1.

 

[dos2unix]

In your reverse zone file, you have multiple PTR records pointing to the same IP address (192.168.5.1, 192.168.5.2, 192.168.5.3, and 192.168.5.4) all pointing to "ns2.MyFQDN." Each PTR record should point to a unique hostname.
Try this.

$TTL 604800
@ IN SOA MyFQDN admin.MyFQDN (
8 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expired
604800 ) ; Negative Cache TTL

1 IN PTR ns1.MyFQDN ; 192.168.5.1
2 IN PTR ns2.MyFQDN ; 192.168.5.2
3 IN PTR ns3.MyFQDN ; 192.168.5.3
4 IN PTR mail.MyFQDN ; 192.168.5.4

In your forward zone file, you have "@" used as a placeholder for the zone name. That will work, but newer versions of BIND prefer it this way.

$TTL 604800
MyFQDN. IN SOA ns1.MyFQDN. admin.MyFQDN. (
12 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expired
604800 ) ; Negative Cache TTL

MyFQDN. IN NS ns1.MyFQDN.
MyFQDN. IN NS ns2.MyFQDN.
MyFQDN. IN MX 10 mail.MyFQDN

ns1.MyFQDN. IN A 192.168.5.3
www.MyFQDN. IN A 192.168.5.2
mail.MyFQDN. IN A 192.168.5.4

Make sure you have properly configured your named.conf.local to reference the forward and reverse zone files. Your named.conf.local should look like this:

zone "MyFQDN" {
type master;
file "/etc/bind/forward.MyFQDN";
};

zone "5.168.192.in-addr.arpa" {
type master;
file "/etc/bind/reverse.MyFQDN";
};

Restart your BIND9 service to apply.

sudo systemctl restart bind9

Once your DNS server is running with the updated configuration, make sure that your DNS clients are configured to use this DNS server (192.168.5.3) for DNS resolution. You can do this in your clients' network settings or router configuration.

Check the BIND9 logs (usually in /var/log/syslog or /var/log/messages) for any error messages that might help diagnose the problem.