named; how to make my box a relay for other dns servers?

[invictus]

I am using my box as a gateway to the internet. Before I started using gentoo I used named to make my box act like a dns/name server that again use other dns servers. The problem is that I cant get it to work in gentoo. I have the dns servers defined in resolv.conf, and named is running, but my machine cant resolv websites.

[adaptr]

1. the gentoo box has to use itself exclusively for DNS requests, i.e. only the box's LAN IP in resolv.conf
2. every machine points to the gentoo box (but that was the easy part
3. open up named.conf and set the following:

Code: Select all

forward first;
forwarders { ip.ad.dr.ess; ip.ad.dr.ess; };

Now you're good to go.

(If you only want to forward requests, you might easier run nscd than bind - bind is pure overkill for such a setup)

[invictus]

1) didnt quite understand this...
2) done
3) isnt it possible to make named use the addresses in resolv.conf?

[adaptr]

1. What is so hard to understand ?

If you want to use the gentoo box as a "real" DNS server (real to your clients), you have to enter only its own IP address in resolv.conf.
Any additional addresses may cause it to skip it's own nameserver and go directly to those other nameservers.

Code: Select all

domain whatever.youlike
nameserver 127.0.0.1

2. obviously

3. No.

[invictus]

Well I did as you said, and here is the result:

* Stopping named... [ !! ]

* WARNING: "named" has already been started.

Now I am really confused...doesnt work either

[adaptr]

Well I did as you said,

Obviously not - read on...

and here is the result:
* Stopping named... [ !! ]
* WARNING: "named" has already been started.

Now I am really confused...doesnt work either

What doesn't work ?
I never told you to restart named, how to do that should be in the docs.

First, to make named re-read its config files you do *not* restart named - you run:

Code: Select all

rndc reload

And wait a bit...

Second - why do you say anything went wrong ?
You tried restarting named - without mentioning how - and it failed.
Nothing in there has any bearing on what I told you.

Start by telling exactly what you did that caused this, and we'll see...

[daha]

something has failed, and you have to use that "zap" handle to take this service down manually. actually it's already down, but this is just one of those nasty bugs :-]
/etc/init.d/servicename zap

[invictus]

Sorry for not being as good at this. Well to make it easier I will paste the config files here so you can see for your self if I did as you told me, or if I have done something wrong.

named.conf;

options {
directory "/var/bind";

// uncomment the following lines to turn on DNS forwarding,
// and change the forwarind ip address(es) :
forward first;
forwarders {
128.39.140.7;
128.39.143.2;
};

listen-on-v6 { none; };
listen-on { 192.168.0.1; };

// to allow only specific hosts to use the DNS server:
//allow-query {
// 127.0.0.1;
//};

// if you have problems and are behind a firewall:
//query-source address * port 53;
pid-file "/var/run/named/named.pid";
};

zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "pri/localhost.zone";
allow-update { none; };
notify no;
};

zone "127.in-addr.arpa" IN {
type master;
file "pri/127.zone";
allow-update { none; };
notify no;
};


resolv.conf;

domain hig.no
nameserver 127.0.0.1

[adaptr]

That all looks fine, but you probably didn't understand me - I never told you about restarting the named server, or anything else, yet you report a restart error as if it was part of my advice/instructions.
It wasn't - plain and simple.

[invictus]

yes, sorry about that...thought it was needed.

anyway; it works now on all other computers than the box itself.

[adaptr]

Get rid of the "listen_on" line - it doesn't actually listen to 127.0.0.1, or, alternatively (and more cleanly) change the 127.0.0.1 in resolv.conf to the LAN IP address.

[invictus]

great! it works now. thank you so much for all your help and patience

[adaptr]

Patience? ME ?
Hmm can't say as I've noticed...