[SOLVED] BIND (can't ping hostnames, but can ping IPs)

Jwoolington · Post by **Jwoolington** » 2013/03/29 00:51:12

I am running centOS 6.3 in a virtualized vmware environment.
Host: ESXI 5.1
Using: Vsphere Client

I have installed BIND on my centOS svr.
I have properly edited my iptables to configure port 53 through the firewall with both udp/tcp.
I have edited named.conf and entered my IP and loopback in to "listen-on port 53"
I have also done { localhost; IP/26; }; in the allow-query section

/etc/sysconfig/network-scripts/ifcfg-eth0 looks like this:

DEVICEE="eth0"
BOOTPROTO=none
NM_CONTROLLED="no"
ONBOOT="yes"
TYPE="Ethernet"
DOMAIN=localhost
UUID="blah"
HWADDR=MAC
NETMASK=MASK
IPADDR=IP
PREFIX=26
GATEWAY=GATEWAY
DOMAIN=localhost
DNS1=1...
PEERDNS=no

/etc/resolv.conf looks like this:

domain localhost
nameserver IP of machine

I have restarted everything, but I can't seem to figure out why I cannot dig (google.com) or ping google.com or any other host name for that.

Please help!!!!

drewsymo · Post by **drewsymo** » 2013/03/29 02:52:57

Can you print the contents of the following:

[code]
ping google.com && cat /etc/resolv.conf
[/code]

Edit: Just realised you have already printed the contents of resolv.conf.

Make sure that your resolv.conf looks like the following:

/etc/resolv.conf:

nameserver 8.8.8.8
nameserver 8.8.4.4

Jwoolington · Post by **Jwoolington** » 2013/03/29 18:24:07

[quote]
drewsymo wrote:
Can you print the contents of the following:

[code]
ping google.com && cat /etc/resolv.conf
[/code]

Edit: Just realised you have already printed the contents of resolv.conf.

Make sure that your resolv.conf looks like the following:

/etc/resolv.conf:

nameserver 8.8.8.8
nameserver 8.8.4.4[/quote]

I am using BIND so I want to point everything back to my internal IP of the machine or local loopback.
So therefore I wouldn't want my resolv.conf to point to those DNS servers.
I need to them pointed back to me or 127.0.0.1

Still confused! :-(

Perhaps it may be something in the named.conf that is messed up?!

simon_matthews · Post by **simon_matthews** » 2013/03/29 20:27:35

Maybe you should try what drewsymo suggested? That would help to narrow down the problem. It it works, then your problem is related to your local instance of named.

drewsymo · Post by **drewsymo** » 2013/03/30 03:42:25

Okay, so your setup should be:

/etc/hosts
127.0.0.1 localhost

/etc/resolv.conf
nameserver 127.0.0.1 (or localhost)

/etc/named.conf (in your options {} statement)
listen-on { localhost; };
allow-query { localhost; };
recursion yes;
allow-recursion { localhost; };

service named restart

If this doesn't work directly, try disabling your iptables (service iptables stop) and then do a dig to confirm any rules are not interfering with your setup.

Jwoolington · Post by **Jwoolington** » 2013/03/30 22:05:25

[quote]
drewsymo wrote:
Okay, so your setup should be:

/etc/hosts
127.0.0.1 localhost

/etc/resolv.conf
nameserver 127.0.0.1 (or localhost)

/etc/named.conf (in your options {} statement)
listen-on { localhost; };
allow-query { localhost; };
recursion yes;
allow-recursion { localhost; };

service named restart

If this doesn't work directly, try disabling your iptables (service iptables stop) and then do a dig to confirm any rules are not interfering with your setup.[/quote]

Thanks for all the replies everyone!
I have figured out the problem
NTP was not set up properly!
Solved!

Jwoolington · Post by **Jwoolington** » 2013/03/30 22:16:38

I am actually getting an error though but it seems like DNS is working fine!

Errors look like this when I ping a host:

Mar 30 18:12:52 pcrepair named[2075]: error (network unreachable) resolving ' 39.225.125.74.in-addr.arpa/PTR/IN': 2001:500:13::63#53
Mar 30 18:12:52 pcrepair named[2075]: error (network unreachable) resolving ' 74.in-addr.arpa/DS/IN': 2001:13c7:7010::53#53

I still get data back though, but still getting these errors.
I have read up on it, and I am thinking it has something to do with ipv6.
I may be wrong though.

Any ideas??

Post by **TrevorH** » 2013/03/31 13:04:16

Do you have an ipv6 connection?

Jwoolington · Post by **Jwoolington** » 2013/04/02 19:46:06

[quote]
TrevorH wrote:
Do you have an ipv6 connection?[/quote]

Ok here is what I have done so far:
Disabled ipv6 on esxi host
Disabled ipv6 on centos vm
Disabled ipv6 in named.conf
Disabled ipv6 in /etc/sysconfig/named with OPTIONS="-4"

I am still getting these errors:

Apr 2 15:41:07 pcrepair named[1922]: error (network unreachable) resolving 'google.com/A/IN': 2001:503:231d::2:30#53
Apr 2 15:41:08 pcrepair named[1922]: error (network unreachable) resolving 'com/DS/IN': 2001:500:2f::f#53
Apr 2 15:41:08 pcrepair named[1922]: error (network unreachable) resolving 'r.arin.net/A/IN': 2001:7fd::1#53
Apr 2 15:41:08 pcrepair named[1922]: error (network unreachable) resolving 'r.arin.net/AAAA/IN': 2001:7fd::1#53
Apr 2 15:41:08 pcrepair named[1922]: error (network unreachable) resolving '65.225.125.74.in-addr.arpa/PTR/IN': 2001:500:14:6050:ad::1#53
Apr 2 15:41:09 pcrepair named[1922]: error (network unreachable) resolving 'in-addr.arpa/DS/IN': 2001:500:1::803f:235#53
Apr 2 15:41:09 pcrepair named[1922]: error (network unreachable) resolving '74.in-addr.arpa/DS/IN': 2001:500:13::73#53
Apr 2 15:41:09 pcrepair named[1922]: error (network unreachable) resolving '125.74.in-addr.arpa/DS/IN': 2001:5a0:10::2#53
Apr 2 15:41:09 pcrepair named[1922]: error (network unreachable) resolving '74.in-addr.arpa/DNSKEY/IN': 2001:500:31::63#53

Generated from ping google.com

Jwoolington · Post by **Jwoolington** » 2013/04/03 00:39:33

SOLVED

disabled ipv6 at the kernel and restarted server.

Edit: /etc/grub.conf
ipv6.disable=1

Create this file /etc/modprobe.d/disable-ipv6 and then add in the line: options ipv6 disable=1

Make sure if you are having the same problem as me run ifconfig on restart.

Thank you all.

CentOS