Linode Forum

[teeth]

Okay, so I'm running FC9, with BIND9.
I got everything installedl.
I'm just stuck on the configuration.

It works locally. I set my resolv.conf servers to 127.0.0.1 just to test it out and it works fine. But whenever I try anything remotely, I get a REFUSED statement.

Local
Code: [root@localhost init.d]# dig @localhost illhosting.com

; <<>> DiG 9.5.1-P2 <<>> @localhost illhosting.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39715
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;illhosting.com.         IN   A

;; ANSWER SECTION:
illhosting.com.      38400   IN   A   127.0.0.1

;; AUTHORITY SECTION:
illhosting.com.      38400   IN   NS   ns1.illhosting.com.
illhosting.com.      38400   IN   NS   ns2.illhosting.com.

;; ADDITIONAL SECTION:
ns1.illhosting.com.   38400   IN   A   127.0.0.1
ns2.illhosting.com.   38400   IN   A   127.0.0.1

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Sep 23 20:55:52 2009
;; MSG SIZE  rcvd: 116


Remote
Code: [root@li16-248 etc]# dig @74.207.231.192 illhosting.com

; <<>> DiG 9.5.0-P2 <<>> @74.207.231.192 illhosting.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 2344
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;illhosting.com.         IN   A

;; Query time: 1 msec
;; SERVER: 74.207.231.192#53(74.207.231.192)
;; WHEN: Wed Sep 23 20:56:19 2009
;; MSG SIZE  rcvd: 32


Here's my named.conf
Code: key "rndckey" {
   algorithm hmac-md5;
   secret "[my key is here]";
};

options {
   listen-on port 53 { 127.0.0.1; };
   listen-on-v6 port 53 { ::1; };
   directory    "/var/named";
   dump-file    "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
   allow-query     { any; };
   recursion yes;
};

view localhost_resolver {
        allow-query { any; };
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
   type hint;
   file "named.ca";
};

include "/etc/named.rfc1912.zones";

zone "illhosting.com" {
   type master;
   file "/var/named/illhosting.com.hosts";
   };


Any ideas what could be the problem?

[mjrich]

teeth wrote: Code:
view localhost_resolver {
        allow-query { any; };
        match-clients      { localhost; };
        match-destinations { localhost; };
        recursion yes;
        include "/etc/named.rfc1912.zones";
};

Perhaps try changing those localhosts to any, or add an external view.

[fukawi2]

Yes, you need to add an external/public view... Don't add public to your existing view without disabling recursion though or you'll be open to abuse.