DNS For Redhat EL5

ajkannan83 · 09-10-2008, 04:34 AM

Hello Sir,

I have installed Redhat Linux EL5 Server in Server Machine. I should configure DNS Server as Primary Server (Intranet Purpose).

My DNS Name is abc-it.com and IP Address is 180.100.103.1. My network ranges IPs are 180.100.0.0/16.

This DNS is not used for mail server.

I was created many time. But its failue.

How to configure DNS Server as Primary Server.

Please explain step by step.

Advanced Thanks
A.Kannan

billymayday · 09-10-2008, 04:43 AM

Try this http://www.linuxhomenetworking.com/w...onfiguring_DNS

Note that by default, RH uses a chrooted version of bind, so everything is under /var/named/chroot

ajkannan83 · 09-10-2008, 04:59 AM

My /var/named/chroot/etc/named.conf file

zone "abc-it.com" {
type master;
file "abc-it.com.zone";
};
zone "100.180.in-addr.arpa" {
type master;
file "180.100.zone";
};

-------------------------------------------------------------------------

My /var/named/chroot/var/named/abc-it.com.zone file

$TTL 86400
@ IN SOA abc-it.com. root.abc-it.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS abc-it.com.
IN A 180.100.103.62

---------------------------------------------------------------------------

My /var/named/chroot/var/named/180.100.zone file

$TTL 86400
@ IN SOA abc-it.com. root.abc-it.com. (
2004049100 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS abc-it.com.
abc-it.com. IN A 180.100.103.62
------------------------------------------------------------------------
My /etc/resolv.conf file

search abc-it.com
nameserver 180.100.103.62
------------------------------------------------------------------------
[root@A62 ~]# dig abc-it.com
<<>> DiG 9.3.3rc2 <<>> abc-it.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@A62 ~]#

whats wrong!. I can't find please help me.

billymayday · 09-10-2008, 05:02 AM

Can you telnet to the server

telnet 180.100.103.62 53

Try dig from the server itself

ajkannan83 · 09-10-2008, 05:06 AM

I was tried through telnet the same problem is appeared.
-----------------------------------------------------------------
[root@A62 ~]# telnet 180.100.103.62
Trying 180.100.103.62...
Connected to localhost.localdomain (180.100.103.62).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 5 (Tikanga)
Kernel 2.6.18-8.el5xen on an i686
login: root
Password:
Last login: Tue Sep 9 12:28:22 from A62
[root@A62 ~]# dig nec-it.com

; <<>> DiG 9.3.3rc2 <<>> nec-it.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@A62 ~]#
-----------------------------------------------------------------
Please Reply me.

ajkannan83 · 09-10-2008, 05:07 AM

[root@A62 ~]# telnet 180.100.103.62
Trying 180.100.103.62...
Connected to localhost.localdomain (180.100.103.62).
Escape character is '^]'.
Red Hat Enterprise Linux Server release 5 (Tikanga)
Kernel 2.6.18-8.el5xen on an i686
login: root
Password:
Last login: Tue Sep 9 12:28:22 from A62
[root@A62 ~]# dig abc-it.com

; <<>> DiG 9.3.3rc2 <<>> abc-it.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@A62 ~]#

billymayday · 09-10-2008, 05:26 AM

1. - you need to specify the port for telnet, otherwise you are connecting to the telnet server.

2. - why are you running a telnet server, they are security holes.

Is that dig from the dns server itself?

On the server, what does

netstat -alpn | grep :53

show?

ajkannan83 · 09-10-2008, 06:03 AM

Hello Sir

The outputs are
------------------------------------------------------------------------
[root@A62 ~]# telnet 180.100.103.62 53
Trying 180.100.103.62...
Connected to localhost.localdomain (180.100.103.62).
Escape character is '^]'.
Connection closed by foreign host.
[root@A62 ~]#
-----------------------------------------------------------------------------
[root@A62 ~]# netstat -alpn | grep :53
tcp 0 0 180.100.103.62:53 0.0.0.0:* LISTEN 8390/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 8390/named
tcp 0 0 180.100.103.62:53 180.100.103.62:59813 ESTABLISHED 8390/named
tcp 0 0 180.100.103.62:59813 180.100.103.62:53 ESTABLISHED 9626/telnet
udp 0 300 0.0.0.0:53 0.0.0.0:* 8390/named
udp 0 0 180.100.103.62:53 0.0.0.0:* 8390/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 8390/named
udp 0 0 180.100.103.62:32960 180.100.103.62:53 ESTABLISHED 9549/python
udp 0 0 180.100.103.62:32961 180.100.103.62:53 ESTABLISHED 9549/python
udp 0 0 0.0.0.0:5353 0.0.0.0:* 2469/avahi-daemon:
udp 0 0 :::53 :::* 8390/named
udp 0 0 :::5353 :::* 2469/avahi-daemon:
[root@A62 ~]#

billymayday · 09-10-2008, 06:23 AM

So does

dig @180.100.103.62 abc-it.com

work? If so, what is is /etc/resolv.conf?

ajkannan83 · 09-10-2008, 06:41 AM

[root@A62 ~]# dig @180.100.103.62 nec-it.com

; <<>> DiG 9.3.3rc2 <<>> @180.100.103.62 nec-it.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
[root@A62 ~]#

billymayday · 09-10-2008, 07:19 AM

Are you running the dig command on the server that is running the dns?

chort · 09-10-2008, 08:56 AM

Try

Code:

$ dig @127.0.0.1 nec-it.com

does that work?

What is the output from

Code:

# iptables -nL

?

ajkannan83 · 09-11-2008, 02:00 AM

The Outputs are
------------------------------------------------------------------------
[root@A62 ~]# dig @127.0.0.1 nec-it.com

; <<>> DiG 9.3.3rc2 <<>> @127.0.0.1 abc-it.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached

[root@A62 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@A62 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@A62 ~]#
-----------------------------------------------------------------------

billymayday · 09-11-2008, 02:30 AM

Where did nec-it.com come into it (chort, that's not directed at you, it was in post #5)?

Edit - can you post named.conf (that bit at the top isn't the whole thing I assume)?

ajkannan83 · 09-11-2008, 02:55 AM

Sorry Sir. Actually my domain name is abc-it.com

root@A62 ~]# dig @127.0.0.1 abc-it.com

; <<>> DiG 9.3.3rc2 <<>> @127.0.0.1 abc-it.com
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached

[root@A62 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@A62 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@A62 ~]#