I have the following bind9 configuration, and I'm trying to resolve reverse lookup IP address to name.
$ttl 38400
mydomain.org.INSOAmyhosting.com. (
1243281304
10800
[code]...
** server can't find 1.2.3.4.in-addr.arpa: NXDOMAIN
Is my PTR wrong, or what do I need to have the reverse lookup working ?
Note: I replace real IP by 1.2.3.4, same for my domain name.
I'm at a loss to why my reverse lookup zone doesn't work for me.I've got two views. One internal and one external. My domain is isp2.datornatverk.se. Public IP: 130.240.133.81.
dig -x @8.8.8.8 130.240.133.81
gives me:
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2917
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
I've set it up so that the internal subnets gets the domains resolved to the internal IP-addresses. When querying from external addresses I will get public IP.My named.conf.local file:
Code:
acl internals {
127.0.0.0/8;[code]..........
I don't know whether the views has messed something up. It worked before I added the views.
I am using RHEL5. These are my config files:
Code:
options {
listen-on port 53 { 127.0.0.1; 192.168.14.54; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
[code]....
I've got 2 domains:
[URL]
This is how I've configured my resolv.conf file:
[URL]
When I run the host command, it can resolve machines in one.domain.com using both hostname and ipaddress. But when I run the host command for machines in two.domain.com, it only works for hostnames but not ip addresses. The result for ip addresses is:
Host 100.3.2.1.in-addr.arpa not found: 3(NXDOMAIN)
Why doesn't it try the 2nd nameserver in the resolv.conf file when resolving by ip adddress? Reverse pointers are configured for each machine in their respective domain dns servers. O/S is Oracle VM Server 2.2.1 (similar to Red Hat). Kernel is 2.6.18-128.2.1.4.37.el5xen.
Reverse dns lookup in C?
View 3 Replies View RelatedI have a file consisting of unique IP addresses - one per line I want to find the name of the host for each address. I tried the following:
Quote:
nslookup < file_name
This worked except it gives me a lot of extraneous information such as the servers providing the answers. This is too much information for me and would simply like each line of IP numbers to be replaced with a domain name. I tried using the same strategy using host and hostname and dig but I must have given the wrong command as I had no results.
Like many others I'm running into some reverse lookup issues with SSH. Setup is as follows:
localnet setup
myserver - 192.168.0.x
myworkstation - 192.168.0.y
[Code].....
nslookup tests show that my reverse lookup is functioning correctly. However, if I use "myworkstation" to connect to myserver.mydomain.com using an external nameserver SSH says: "Address 84.162.xx.yy maps to myserver.mydomain.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!"
On myserver the /etc/hosts has the internal address for the server which seems the normal way to go to me. Changing this to the servers external address solves the issue.
Apparently a connection originating from myworkstation arrives from/with my external address, and when its reverse is checked by the server it apparently finds its own internal address for that name in /etc/hosts before doing a nameserver query and thus concludes that internaladdress <> externaladdress which gives the error.
Is there any way to have the server check external DNS before /etc/hosts? Another solution would probably be running an internal DNS, so myworkstation doesn't connect through the 'outside'.
I got this message on Friday from just one domain. uote:mailsrv.forthnet.gr #<mailsrv.forthnet.gr #5.5.0 smtp; 554 5.5.0 Your message was considered to be spam by the FORTHnet Antispamming Policy and was not delivered to the recipient. The following spam tests returned positive for this message:FORGED_RCVD_HELO,RCVD_IN_BRBL. For further information visitWe are not a spamming community but it seems we have a statice IP address that has a Reverse lookup to "myipaddress.static.lyse.net" and not my email domain. Would setting a cname mail.mydomain.no -> myipaddress.static.lyse.net cure this problem or are there more tricks to be performedOnce I have cured the FORGED_RCVD_HELO I can move to getting the IP removed from BARACUDA.
View 2 Replies View RelatedI've configured my dhcp server to update dynamically the DNS zones of BIND9 name server. Everything works ok, except for reverse nslookup:
nslookup 10.141.50.3
Server:127.0.0.1
Address:127.0.0.1#53
[code]....
The scenario: We have an external server that runs HTTP/DB servers for out shop system. Then, there's our local, in-house infrastructure that runs a.. yeah... Exchange 2010. The shop system on the external server needs to send mails to customers (order confirmations, invoices, etc.). seing as sending them directly through the local MTA (Postfix) would cause mail delivery problems because of reverse DNS issues, i've set the Postfix MTA to act as a satellite to our in-house Exchange Server, so the Exchange sends the mail instead, giving recipient mail servers a valid reverse DNS lookup.
Now, mails sent by the (proprietary, uneditable) shop system are relayed correctly and sent to the target e-mail address. My problem is: Mails not sent by the shop system, but by our own PHP scripts which run on that same external servers, are NOT relayed properly. So the Exchange is fine with the mails sent by the shop system, but not the mails sent by our scripts. This is what i get in the mail.log: The successfully relayed mail sent by the shop system:
[Code]....
I have a problem in Eclipse for accessing update sites (for plugins). I am behind a NTLM proxy. Strangely, this proxy asks for a password while in Linux but not when in Windows�
To get around this annoying password issue, I already setup a working cntlmd proxy. I can use this proxy for mounting a remote DavFS2 share, for example. But the issue I have with Eclipse seems to involve proxy configuration. So I decided a transparent proxy could solve this issue. I installed tinyproxy on top of cntlmd, and added the following rule to the firewall:
Code:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to 8888
Now, I can configure Firefox for direct access to the Internet, and display a web site only if I give this web site's IP instead of its name! I surmise that it's because when configured for direct access, Firefox performs DNS lookups using the local (intranet) DNS, instead of squeezing its lookups through the proxy and accessing a broader DNS (I wonder which). How can I make all DNS lookups go transparently through the transparent proxy?
For a while now I've got a problem when surfing the internet. Everythings fine for let's say 15 minutes and then all of a sudden it takes about 1 minute to load a -random- page, once it has loaded, everthing's fine again. Transmission does not seem to have this problem. I'll double check this. Looking thru the forum I found the following "solutions". None of which has worked for me up to now:
- disable ipv6 in firefox
- set method under network manager to "Automatic (DHCP) addresses only" and use google or OpenDNS dns servers
- change resolv.conf (comparable to the second one I guess)
I just installed Ubuntu 11.04 in a dual boot environment on a spare laptop( Dell Inspiron 6000 ) I have other machines using older distro's of Ubuntu but do not have them all on line... utility costs are ridiculous here..anyway.... I found some optimization tips for Firefox and those have been done and I did find earlier information about this or a very similar problem but all the suggestions mentioned there are already in place here network wide.. Basically what is happening is this: When a web site is opened from the browser in the lower left hand of the screen it displays "Looking up www.google.com" or what ever url was entered.
I know Win is not a good comparison and I haven't gotten any additional Ubuntu boxes on line yet but Win seem unaffected by this.
Any recommendations as to what I should try next?? I have DNS server information stored in the router using Google Public DNS and Open DNS as a backup and uPNP is disabled. Seems like the program (Ubuntu) is plenty fast even on this Celeron based machine but the time taken to look up DNS data is a lot slower than anticipated.
I have a CentOS 5.5 desktop at work. I can browse the web (we are behind a proxy of course), I can use Yumex perfectly. In a word, every GUI has DNS working correctly. But, as soon as I use a terminal, either within a X session (xterm, konsole...) or in a tty, any DNS lookup will fail. So for instance, yum does not work as it complains about not being able to find the servers, wget doesn' t work... And if I try a nslookup, I get a NX Domain Fail. I feel like the servers are not doing recursion research when using command line nslookups, even if I "force" the option (adding it even if it is the default). Of course, resolv.conf is OK, host.conf as well...
View 8 Replies View RelatedSet up a server with Bind, Dovecote, Apache etc. Registered a domain and made all the necessary things for it to work. The server can send/receive mail on my domain, but when I try to look up the site I have it returns a lookup failure. I know Apache is working as I can browse the site when I used my ip address but I can't when I use the domain name. Anyone got a few tricks I could try to dumb down and find the possible failures I did when setting this up?
View 7 Replies View RelatedI have Ubuntu 9.10 PC on my home network acting as a VPN gateway. It is using vpnc & iptables to provide access to the remote network - other computers on my local network have routing rules in place to go via the Ubuntu gateway if trying to reach an IP on the remote network. This works just fine, except DNS lookups for names on the remote network don't work.
I'm trying to solve this by using Bind9 on the gateway, so it can act as DNS for the local network. I don't want to create excess VPN traffic or load on the remote DNS, so I want the gateway to forward the lookup to my ISPs DNS first and if the name is not found then try the remote network DNS. Is this possible, or is there another (better) way around this? The Bind9 configs seem to admit multiple DNSs, but use them in a failover sense - only using secondary DNSs when the first one in the list is not reachable at all.
when i try to set up bind9 to resolve the top level of the name it cant do it. for current sake of arguement i have 4 servers on the network
192.168.0.200 diana.undernets.lan
192.168.0.201 jen.undernets.lan
192.168.0.202 amanda.undernets.lan
192.168.0.203 alex.undernets.lan
those are the IP addresses of the servers and their respective hostnames
so if i send a request for anything to just undernets.lan it will fail because there is no record for that. so i added this to the bottom of the zone record
Code:
IN CNAME amanda
thinking that a blank would refer to the top of the zone
here is my named.conf.local which is called in my named.conf
Code:
zone "undernets.lan" {
type master;
file "/etc/bind/undernets.db";
};
zone "0.168.192.in-addr.arpa" {
[Code]....
i want to be able to lookup undernets.lan and it give me the IP address of amanda.undernets.lan
I'm trying to configure bind9 to block porn by having it pretend to be authoritative for a list of porn domains. It can then return a "fake" IP for the port sites, which points to a page on my server. So far, the only way I have found to do in this in bind requires a separate zone for each porn domain. This doesn't work because of memory problems - I have 1000's of porn domains to block.
I'd like to instead have bind forward queries to rbldnsd, which can take a list of domains in a "data set" file, and use it to return a single A record (pointing to my "access denied" page). However, I think this will not work because I would still need a separate "zone" for each porn domain name.
Here's my current setup:Ubuntu 10.04
When I go to run it via this command:
I get the following error message:
Quote:
This is my /etc/bind/named.conf.options file:
Code:
I've looked at various solutions already:
[url]
[url]
[url]
[url]
[url]
[url]
Im trying to set up a slave dns to my master, but the problem is that only one of the views is being transferd.
View 1 Replies View RelatedI have installed CentOS 5.5 final on VM ware 7.0 workstation.... and I was trying to install and configure bind9.. it installed alright but it refused to start because named.conf is not in the /etc/ directory. I have copied the template for /usr/share/doc/named/* to (/etc/ and /var/named/) the appropriate directory but it still fails but on it does not gives me any error message. Oh... least I forgot I was trying to configure it as a cache only server for now.
View 1 Replies View RelatedI want to setup bind9 so that IPs from one range will use the Google DNS Servers and IPs from another range will work from Opens DNS but am unable to get it working here are my configs.anyone that can help me please?
View 1 Replies View RelatedI have setup ubuntu server and right now i'm trying to get my DNS server working for my intranet.
I'm using my ubuntu as gateway wo internet and somehow my windows client can't use my DNS service.
when i do nslookup www.google.com from my server (10.0.0.1) it return me answer code...
I am running centos 5.3 with the latest bind, i have made some changes in the config and now it wont start.
Fel i named-konfigurationen:/etc/named.conf:27: unexpected end of input (last line)
My named.conf looks like this:
options { directory "/var/named/";
};
view "externt" {
match-clients { any; };
recursion no;
zone "dala.hk" {
type master;
file "dala.hk";
};
zone "0.0.168.192.in-addr.arpa." {
type master;
file "1.0.168.192.in-addr.arpa";
};
};
view "intern" {
match-clients { 192.168.0.0/8;};
zone "intern" {
type master;
file "intern;
};
};
system: centos 5.5 Kernel 2.6.18-194.el5 freshly installed. bind is configured in chroot environment out of the box. placed named.conf in /var/named/chroot/etc and my zone files in /var/named/chroot/var/named.
[Code]...
v10.4 {I have completely re-edited this thread because I have started over fresh. I am no longer using bind9, but now using the installation-defaults nameserver and dhcp and trying to get a handle on how things ought to be setup properly. My previous attempts was a disaster.}
Coming fresh out of a newly installed 10.4, I obviously was able to get network connectivity but then I ran into trouble the minute that I tried to change eth0/eth1 connections via network-manager's applet. What I found was, that when I attempted to define static connections, all bets were off. It seems that once one attempts to change eth0/eth1 which are wired devices, I was no longer able to recover my network connectivity!
I was however able to setup a wireless connection, so in this way I was able to get back network (and Internet) connectivity, and write this thread on this forum. I notice also, that there is no longer 'Networks' in the System->Administration menus! Geez, what the hell is going on? how to properly configure my static wired connection? Networks in 10.4 have really changed alot!
how to set reverse dns for my IP? I've configured bind with a reverse dns for my IP, but it doesn't work when I test it.
View 2 Replies View RelatedI have a domain and the settings for it are pointed at my IP address. But when I look up my IP address, it does not show my domain as the hostname. What settings do I have to change to make my IP translate into my domain as the hostname?
View 3 Replies View RelatedI want to be able to SSH into my computer that I can't expose port 22 on. I've tried the ssh -R ... several times, but can't manage to make it work.I have my home computer (want to SSH into), server (can SSH into), and some computer I want to SSH from.Do I need to install the sshd on the machine I want to SSH into? What are the commands I need to enter to forward from my server to my home computer?
View 1 Replies View RelatedI have the zone record 0.16.271.in-addr.arpa which is working fine.
The NS for that zone is setup for my own name server.
I however would like to forward requests for 172.16.0.224/28 to another name server. How would I do this?