Problem with Zones (recursion?)

2017-10-15 Thread Michelle Konzack 
Good day,

I have created a file

[ /etc/bind/db.block ]--
@ 86400 IN SOA   dns1.. hostmaster.. ( a b c d e )

IN NSdns1..

*   IN CNAME block..


[ /etc/bind/named.conf.block ]--
zone "101com.com" {type master; notify no; file "/etc/bind/db.block"; };
zone "101order.com" {type master; notify no; file "/etc/bind/db.block"; };


Since  is my own server, I have it prepend in my dhclient.conf  of
my Laptop but if I now querry

[ command 'nslookup 101com.com' ]---
;; Got recursion not availlable from 7847104.44, trying next server
Server: 192.168.43.1
Address:192.168.43.1#53

Non-authoritative answer:
Name:   101com.com
Address: 66.77.93.51


[ command 'named-checkzone 101com.com db.block' ]---
db.block:3: using RFC1035 TTL semantics
zone 101com.com/IN: loaded serial 1508068518
OK


What I am missing here?

It should point to the server block.

Thanks in avance

-- 
Michelle KonzackMiila ITSystems @ TDnet
GNU/Linux Developer 00372-54541400


signature.asc
Description: Digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Problem with Zones (recursion?)

2017-10-15 Thread Grant Taylor 

On 10/15/2017 06:15 AM, Michelle Konzack wrote:

Good day,


Hi,


I have created a file

[ /etc/bind/db.block ]--
@ 86400 IN SOA   dns1.. hostmaster.. ( a b c d e )

 IN NSdns1..

*   IN CNAME block..


[ /etc/bind/named.conf.block ]--
zone "101com.com" {type master; notify no; file "/etc/bind/db.block"; };
zone "101order.com" {type master; notify no; file "/etc/bind/db.block"; };



Okay.

I've seen this type of thing done a number of times before.  (I think I 
first saw it on FreeBSD.)



Since  is my own server, I have it prepend in my dhclient.conf  of
my Laptop but if I now querry


Do I understand correctly that you are tweaking dhclient to use your 
server before other DNS servers?



[ command 'nslookup 101com.com' ]---
;; Got recursion not availlable from 7847104.44, trying next server
Server: 192.168.43.1
Address:192.168.43.1#53

Non-authoritative answer:
Name:   101com.com
Address: 66.77.93.51



The first thing I see is that you are querying the domain 101com.com 
which does not have an A or  record in your db.block file.


The second thing I notice is that you are not testing directly against 
your server.  (I assume you're relying on dhclient to pick the order.) 
I'd suggest trying "nslookup 101com.com dns1.." to make sure 
that you are testing your DNS config and not hitting a dhclient resolver 
order issue.



[ command 'named-checkzone 101com.com db.block' ]---
db.block:3: using RFC1035 TTL semantics
zone 101com.com/IN: loaded serial 1508068518
OK


What I am missing here?

It should point to the server block.


Your nslookup will very likely not hit the CNAME as you're querying the 
apex of the 101com.com zone.


I would also suggest that you check out Response Policy Zone(s) as they 
may be a better / more scalable way to accomplish what I suspect you are 
after.


You might also want to glance at DNAME as it's closely related and can 
allow you to change the back end name that is queried.



Thanks in avance


You're welcome.

Good luck.



--
Grant. . . .
unix || die
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users