Home / server / Questions / 216437
Accepted
Alex
Asked: 2010-12-28 07:34:56 +0800 CST

DNS caching server config problem

  • 772

I have a Bind DNS caching-only server setup that is working. I am bringing up a new AD domain controller that will also be a DNS server for that AD but I don't want it responding to any DNS queries except those that are AD related. So, my goal is to leave this caching server as the primary DNS server for stations on the network and have it forward requests for the AD domain to the domain controller. My understanding is that I just need a forward zone for that domain pointing to the domain controller. However it does not seem to be working. So that leaves me to think that my caching server is not forwarding properly.

For example, this AD is going to have a naming convention of hostname.mydomain.local. If I do an nslookup and specify the domain controller's IP address as the server, I can query addresses that exist in DNS on that server, such as dc1.mydomain.local. However, queries to my caching server times out (I get a response from the caching server if I query mydomain.local but none of the objects in that domain).

Any suggestions? Here is my named.conf file:

options {
    directory "/var/named";
    listen-on { 192.168.0.14; 127.0.0.1; };
    forwarders {
            <external DNS server IP 1>;
            <external DNS server IP 2>;
            };
    forward first;
};

zone "." in {
type hint;
file "db.cache";
};

zone "0.0.127.in-addr.arpa" in {
type master;
file "db.127.0.0";
};

//forward zone for mydomain.local
zone "mydomain.local" {
    type forward;
    forwarders {
            192.168.1.21;
            };
    };
linux domain-name-system bind

2 Answers

  1. Best Answer

    Please turn on logging on named - edit named.conf:

    logging{ channel simple_log {
    file "/var/log/named/bind.log" versions 3 size 5m;
    severity warning;
    print-time yes;
    print-severity yes;
    print-category yes; };
    category default{ simple_log;
    };
    };

    then:

    1. named-checkconf <path to your named.conf>
    2. rndc reconfig
    3. tail -f /var/log/named/bind.log

    Observe what client is asking for? What server is sending? You have to be sure that AD is configured to receive requests from this server. Good luck!

    • 1

  2. I think you're making it too complicated. By default, AD DNS only does DNS queries within the AD domain, so all you need to do is tell it to automatically forward the remaining queries to your regular DNS server.

    You do this by going into the dnsmgmt tool, select your domain controller, right click on it, and select "properties" then go to the "Forwarders" tab.

    Make sure "DNS Domain" is set to "All other DNS domains" and then add your caching DNS server as a forwarder.

    Should be a lot easier than trying to configure it upstream.

    • 0