I am trying to set up a DNS server on Amazon Linux using BIND9.
It has to act as a master nameserver for a lot of domains.
I have imported all of the DNS zone files using NamedManager (a web interface that creates bind configration files).
My /etc/named.conf is as follows:
options {
listen-on port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-recursion { 127.0.0.1; };
};
include "/etc/named.namedmanager.conf";
zone "." IN {
type hint;
file "named.ca";
};
My /etc/named.namedmanager.conf (the auto-generated files) is as follows:
zone "mydomain.com.dns" IN {
type master;
file "mydomain.com.dns.zone";
allow-update { none; };
};
zone "myotherdomain.com.dns" IN {
type master;
file "myotherdomain.com.dns.zone";
allow-update { none; };
};
// ... more zones
My /var/named/mydomain.com.zone
$ORIGIN mydomain.com.
$TTL 120
@ IN SOA ns.THISNAMESERVER.com. mymail@mymaindomain.com. (
2013111005 ; serial
21600 ; refresh
3600 ; retry
604800 ; expiry
120 ; minimum ttl
)
; Nameservers
mydomain.com. 86400 IN NS ns.THISNAMESERVER.com.
But when I try to resolve mydomain.com using this DNS server from home I get the following:
[me@myhomepc ~]$ host mydomain.com. ns.MYNAMESERVER.com
Using domain server:
Name: ns.MYNAMESERVER.com
Address: <my-nameserver-ip>#53
Aliases:
Host mydomain.com not found: 5(REFUSED)
I tried disabling recursion for 127.0.0.1 (recursion no; in options{}), as I need to be my nameserver to be serving results. In that case I don't get REFUSED but I don't get any answer!
Best Answer
The name you are looking up is not part of any zone that you have.
The zone that you have configured is named
mydomain.com.dns
but you are trying to look up the namemydomain.com
.In addition to this it looks like there is out of zone data inside the
mydomain.com.dns
zone, but I can only assume that the problem here is actually the zone name.For any additional errors you may want to look at your logs and/or
named-checkconf -zj
output.