NS 127.0.0.1 not reachable

From: Benu (flashl_at_bigfoot.com)
Date: 10/08/04 

Date: Fri, 8 Oct 2004 11:45:57 -0500

I am running Fedora Core 2 and have turned iptables off to troubleshoot DNS.
I have researched and read newgroup messages for the past three weeks and I
am stumped. If there is some glaring error in this configuration, please let
me know.

The DNS files are listed below:

--/var/named/chroot/var/named/named.conf
// generated by named-bootconf.pl
acl my_nets {
 192.168.2.0/24;
 127.0.0.1/24;
 localhost;
};
acl xfer {
 none;
};
acl externals {
 68.105.161.20;
};
acl bogus-net3 {
 208.0.0.0/4;
 200.0.0.0/5;
 196.0.0.0/6;
 194.0.0.0/7;
 193.0.0.0/8;
};
acl bogus-net2 {
 0.0.0.0/3;
 16.0.0.0/3;
 64.0.0.0/3;
 96.0.0.0/3;
 128.0.0.0/3;
 160.0.0.0/3;
};
acl bogus-net1 {
 0.0.0.0/8;
 1.0.0.0/8;
 2.0.0.0/8;
 192.0.2.0/24;
 224.0.0.0/3;
 10.0.0.0/8;
 172.16.0.0/16;
};

logging {
 channel "default_syslog" {
 syslog local2;
 severity debug;
 };
 channel "audit_log" {
 file "/var/named/audit_log";
 severity info;
 print-time yes;
 };

 category default { default_syslog; };
 category general { default_syslog; };
 category security { audit_log; default_syslog; };
 category config { default_syslog; };
 category resolver { audit_log; };
 category xfer-in { audit_log; };
 category xfer-out { audit_log; };
 category notify { audit_log; };
 category client { audit_log; };
 category network { audit_log; };
 category update { audit_log; };
 category queries { audit_log; };
 category lame-servers { audit_log; };
};

options {
 blackhole {
  bogus-net1;
  bogus-net2;
  bogus-net3;
  };
        directory "/var/named/";
 allow-query { my_nets; externals; };
 allow-transfer { xfer; };
 allow-recursion { my_nets; };
 cleaning-interval 30;
 forward first;
 forwarders {
  192.168.2.2; //Local DNS
  68.105.161.20; //Cable DNS
 };
 minimal-responses no;
 notify no;
        //query-source address * port 53;
 transfer-format many-answers;
 version "Guess";
 zone-statistics yes;
};

controls {
 inet 127.0.0.1 allow {
  127.0.0.1;
  }
 keys {
  rndckey;
  };
};

include "/etc/rndc.key";

view "homelan" {
 additional-from-auth yes;
 additional-from-cache yes;
 match-clients { "my_nets"; };
 recursion yes;
zone "2.168.192.in-addr.arpa" in {
 type master;
 file "2.168.192.in-addr.arpa.hosts";
 };
zone "blkdiamonds.lan" in {
 type master;
 file "blkdiamonds.lan.hosts";
 allow-query { any; };
 };
zone "." in {
 type hint;
 file "named.ca";
 };
zone "0.0.127.in-addr.arpa" in {
 type master;
 file "0.0.127.in-addr.arpa.hosts";
 allow-query { any; };
 allow-transfer { none; };
 };
};

view "externals" {
 additional-from-auth no;
 additional-from-cache no;
 match-clients { any; };
 recursion no;
zone "2.168.192.in-addr.arpa" in {
 type master;
 file "2.168.192.in-addr.arpa.hosts";
 allow-query { any; };
 };
zone "blkdiamonds.lan" in {
 type master;
 file "blkdiamonds.lan.hosts";
 allow-query { any; };
 };
zone "." in {
 type hint;
 file "named.ca";
 };
};

view "external-chaos" chaos {
    match-clients { any; };
    recursion no;
      zone "." {
          type hint;
          file "/dev/null";
      };
      zone "bind" {
          type master;
          file "bind.hosts";
          allow-query {
              my_nets;
          };
          allow-transfer {
              none;
          };
      };
};

host files
--127
$TTL 86400
0.0.127.in-addr.arpa. IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
    200410062
    10800
    900
    604800
    3600 )
;
0.0.127.in-addr.arpa. IN NS ns1.blkdiamonds.lan.
1 IN PTR localhost.

--2.168.192
$ORIGIN .
$TTL 86400 ; 1 day
2.168.192.in-addr.arpa IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
    2004100603 ; serial
    10800 ; refresh (3 hours)
    900 ; retry (15 minutes)
    604800 ; expire (1 week)
    3600 ; minimum (1 hour)
    )
   NS ns1.blkdiamonds.lan.
$ORIGIN 2.168.192.in-addr.arpa.
$TTL 21600 ; 6 hours
139 PTR your-790nxtxuoe.blkdiamonds.lan.
$TTL 86400 ; 1 day
2 PTR ftp.blkdiamonds.lan.
   PTR ns1.blkdiamonds.lan.
   PTR www.blkdiamonds.lan.
   PTR roxie.blkdiamonds.lan.

--bind
; @(#)db.bind v1.2 25 JAN 2001 Rob Thomas robt@cymru.com
;
$TTL 1D
$ORIGIN bind.
@ 1D CHAOS SOA localhost. root.localhost. (
                2004100601 ; serial
                3H ; refresh
                1H ; retry
                1W ; expiry
                1D ) ; minimum
        CHAOS NS localhost.
version.bind. CHAOS TXT "BIND 9.1.3+robhacks"
authors.bind. CHAOS TXT "are better coders than I. :)"

--blkdiamonds.lan
$ORIGIN .
$TTL 86400 ; 1 day
blkdiamonds.lan. IN SOA ns1.blkdiamonds.lan. root.blkdiamonds.lan. (
    2004100609 ; serial
    10800 ; refresh (3 hours)
    900 ; retry (15 minutes)
    604800 ; expire (1 week)
    3600 ; minimum (1 hour)
    )
   NS ns1.blkdiamonds.lan.
$ORIGIN blkdiamonds.lan.
ftp CNAME ns1
mail MX 10 mail
ns1 A 192.168.2.2
roxie CNAME ns1
www CNAME ns1
$TTL 21600 ; 6 hours
your-790nxtxuoe A 192.168.2.139

--/etc/resolv.conf
search blkdiamonds.lan
domain blkdiamonds.lan
nameserver 127.0.0.1

--netstat -pan output
tcp 0 0 192.168.2.2:53 0.0.0.0:* LISTEN
1879/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
1879/named
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
1879/named
udp 0 0 0.0.0.0:32769 0.0.0.0:*
1879/named
udp 0 0 192.168.2.2:53 0.0.0.0:*
1879/named
udp 0 0 127.0.0.1:53 0.0.0.0:*
1879/named
udp 0 0 :::32770 :::*
1879/named
unix 2 [ ] DGRAM 2844 1879/named

--dig output
; <<>> DiG 9.2.3 <<>> -x 127.0.0.1 ptr
;; global options: printcmd
;; connection timed out; no servers could be reached

; <<>> DiG 9.2.3 <<>> . ns A.ROOT-SERVERS.NET
;; global options: printcmd
;; connection timed out; no servers could be reached
;; connection timed out; no servers could be reached

Thanks Benus

Relevant Pages