[SOLVED] DHCP, named - nslookup fine, ping not from Windows clients only
Posted: 2011/10/09 20:31:51
Dear all,
Having hard time to get things work:
I have setup DHCP and bind on my server. Linux box is having no problem nslookup short names of my virtual servers, ping them etc. Windows clients can do nslookup of short names, but they can not ping them or show web pages running on my virtual servers.
192.168.66.10 - bind, dhcp, openvpn etc.
192.168.66.11 - application server
here are my configs:
[code]
[root@zoidberg etc]# cat named.conf
# named.custom - custom configuration for bind
#
# Any changes not currently supported by system-config-bind should be put
# in this file.
#acl "adserver" {
# 192.168.66.3;
#};
acl "dhcpserver" {
192.168.66.10;
};
acl "dhcpclient" {
192.168.66/24;
};
options {
query-source port 53;
query-source-v6 port 53;
directory "/var/named";
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
listen-on { 192.168.66.10; 127.0.0.1; };
forwarders { 213.46.172.36; 213.46.172.37; };
allow-query { 127.0.0.1; 192.168.66.0/24; };
};
include "/etc/rndc.key";
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
*/
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.root.hints";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
include "/etc/named.rfc1912.zones";
zone "66.168.192.in-addr.arpa" {
type master;
file "slaves/db.192.168.66";
allow-update { dhcpserver; };
check-names ignore;
};
zone "int.motion.cz" {
type master;
file "slaves/db.int.motion.cz";
allow-update { dhcpserver; };
check-names ignore;
};
};
view "internal"
{
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
zone "66.168.192.in-addr.arpa" {
type master;
file "slaves/db.192.168.66";
allow-update { dhcpserver; };
check-names ignore;
};
zone "int.motion.cz" {
type master;
file "slaves/db.int.motion.cz";
allow-update { dhcpserver; };
check-names ignore;
};
#zone "_msdcs.int.motion.cz" {
# type master;
# file "slaves/db._msdcs.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "_sites.int.motion.cz" {
# type master;
# file "slaves/db._sites.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "_tcp.int.motion.cz" {
# type master;
# file "slaves/db._tcp.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "_udp.int.motion.cz" {
# type master;
# file "slaves/db._udp.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "my.slave.internal.zone" {
# type slave;
# file "slaves/my.slave.internal.zone.db";
# masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
# // put slave zones in the slaves/ directory so named can update them
#};
#zone "my.ddns.internal.zone" {
# type master;
# allow-update { key ddns_key; };
# file "slaves/my.ddns.internal.zone.db";
# // put dynamically updateable zones in the slaves/ directory so named can update them
#};
}; [/code]
[code]
[root@zoidberg slaves]# cat db.192.168.66
$ORIGIN .
$TTL 86400 ; 1 day
66.168.192.in-addr.arpa IN SOA zoidberg.int.motion.cz. root.motion.cz. (
2011102066 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS zoidberg.int.motion.cz.
$ORIGIN 66.168.192.in-addr.arpa.
1 PTR gw.int.motion.cz.
10 PTR zoidberg.int.motion.cz.
11 PTR bender.int.motion.cz.
12 PTR vMA.int.motion.cz.
2 PTR switch.int.motion.cz.
3 PTR t610.int.motion.cz.
4 PTR ups.int.motion.cz.
$TTL 10800 ; 3 hours
53 PTR lt-komarek.int.motion.cz.
54 PTR test-desktop.int.motion.cz.
[root@zoidberg slaves]# [/code]
[code]
[root@zoidberg slaves]# cat db.int.motion.cz
$ORIGIN .
$TTL 86400 ; 1 day
int.motion.cz IN SOA zoidberg.int.motion.cz. root.motion.cz. (
2011102073 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS zoidberg.int.motion.cz.
$ORIGIN int.motion.cz.
bender A 192.168.66.11
dev CNAME bender
$ORIGIN dev.int.motion.cz.
* CNAME dev.int.motion.cz.
$ORIGIN int.motion.cz.
gw A 192.168.66.1
$TTL 10800 ; 3 hours
lt-komarek A 192.168.66.53
TXT "3104a734adc422b84f563c39ce6a7f6828"
$TTL 86400 ; 1 day
stage CNAME bender
$ORIGIN stage.int.motion.cz.
* CNAME stage.int.motion.cz.
$ORIGIN int.motion.cz.
svn CNAME bender
$TTL 10800 ; 3 hours
test-desktop A 192.168.66.54
TXT "006921d2c0445ec8e5b679c8018ef4ceaf"
$TTL 86400 ; 1 day
zoidberg A 192.168.66.10
[root@zoidberg slaves]#
[/code]
[code]
[root@zoidberg dhcp]# cat dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
#
ddns-update-style interim;
ignore client-updates;
authoritative;
subnet 192.168.66.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.66.1;
option subnet-mask 255.255.255.0;
option nis-domain "int.motion.cz";
option domain-name "int.motion.cz";
option domain-name-servers 192.168.66.10;
option time-offset 3600; # GMT+1
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.66.50 192.168.66.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}[root@zoidberg dhcp]#
[/code]
[code]
[root@zoidberg etc]# cat hosts
127.0.0.1 zoidberg zoidberg.int.motion.cz localhost localhost.localdomain
192.168.66.10 zoidberg.int.motion.cz
[root@zoidberg etc]#
[/code]
Any help appreciated, thank you for your time
Having hard time to get things work:
I have setup DHCP and bind on my server. Linux box is having no problem nslookup short names of my virtual servers, ping them etc. Windows clients can do nslookup of short names, but they can not ping them or show web pages running on my virtual servers.
192.168.66.10 - bind, dhcp, openvpn etc.
192.168.66.11 - application server
here are my configs:
[code]
[root@zoidberg etc]# cat named.conf
# named.custom - custom configuration for bind
#
# Any changes not currently supported by system-config-bind should be put
# in this file.
#acl "adserver" {
# 192.168.66.3;
#};
acl "dhcpserver" {
192.168.66.10;
};
acl "dhcpclient" {
192.168.66/24;
};
options {
query-source port 53;
query-source-v6 port 53;
directory "/var/named";
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
listen-on { 192.168.66.10; 127.0.0.1; };
forwarders { 213.46.172.36; 213.46.172.37; };
allow-query { 127.0.0.1; 192.168.66.0/24; };
};
include "/etc/rndc.key";
view "localhost_resolver"
{
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
*/
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
# all views must contain the root hints zone:
include "/etc/named.root.hints";
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
include "/etc/named.rfc1912.zones";
zone "66.168.192.in-addr.arpa" {
type master;
file "slaves/db.192.168.66";
allow-update { dhcpserver; };
check-names ignore;
};
zone "int.motion.cz" {
type master;
file "slaves/db.int.motion.cz";
allow-update { dhcpserver; };
check-names ignore;
};
};
view "internal"
{
match-clients { localnets; };
match-destinations { localnets; };
recursion yes;
// all views must contain the root hints zone:
include "/etc/named.root.hints";
// include "named.rfc1912.zones";
// you should not serve your rfc1912 names to non-localhost clients.
// These are your "authoritative" internal zones, and would probably
// also be included in the "localhost_resolver" view above :
zone "66.168.192.in-addr.arpa" {
type master;
file "slaves/db.192.168.66";
allow-update { dhcpserver; };
check-names ignore;
};
zone "int.motion.cz" {
type master;
file "slaves/db.int.motion.cz";
allow-update { dhcpserver; };
check-names ignore;
};
#zone "_msdcs.int.motion.cz" {
# type master;
# file "slaves/db._msdcs.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "_sites.int.motion.cz" {
# type master;
# file "slaves/db._sites.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "_tcp.int.motion.cz" {
# type master;
# file "slaves/db._tcp.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "_udp.int.motion.cz" {
# type master;
# file "slaves/db._udp.int.motion.cz";
# allow-update { adserver; };
# check-names ignore;
#};
#zone "my.slave.internal.zone" {
# type slave;
# file "slaves/my.slave.internal.zone.db";
# masters { /* put master nameserver IPs here */ 127.0.0.1; } ;
# // put slave zones in the slaves/ directory so named can update them
#};
#zone "my.ddns.internal.zone" {
# type master;
# allow-update { key ddns_key; };
# file "slaves/my.ddns.internal.zone.db";
# // put dynamically updateable zones in the slaves/ directory so named can update them
#};
}; [/code]
[code]
[root@zoidberg slaves]# cat db.192.168.66
$ORIGIN .
$TTL 86400 ; 1 day
66.168.192.in-addr.arpa IN SOA zoidberg.int.motion.cz. root.motion.cz. (
2011102066 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS zoidberg.int.motion.cz.
$ORIGIN 66.168.192.in-addr.arpa.
1 PTR gw.int.motion.cz.
10 PTR zoidberg.int.motion.cz.
11 PTR bender.int.motion.cz.
12 PTR vMA.int.motion.cz.
2 PTR switch.int.motion.cz.
3 PTR t610.int.motion.cz.
4 PTR ups.int.motion.cz.
$TTL 10800 ; 3 hours
53 PTR lt-komarek.int.motion.cz.
54 PTR test-desktop.int.motion.cz.
[root@zoidberg slaves]# [/code]
[code]
[root@zoidberg slaves]# cat db.int.motion.cz
$ORIGIN .
$TTL 86400 ; 1 day
int.motion.cz IN SOA zoidberg.int.motion.cz. root.motion.cz. (
2011102073 ; serial
28800 ; refresh (8 hours)
7200 ; retry (2 hours)
2419200 ; expire (4 weeks)
86400 ; minimum (1 day)
)
NS zoidberg.int.motion.cz.
$ORIGIN int.motion.cz.
bender A 192.168.66.11
dev CNAME bender
$ORIGIN dev.int.motion.cz.
* CNAME dev.int.motion.cz.
$ORIGIN int.motion.cz.
gw A 192.168.66.1
$TTL 10800 ; 3 hours
lt-komarek A 192.168.66.53
TXT "3104a734adc422b84f563c39ce6a7f6828"
$TTL 86400 ; 1 day
stage CNAME bender
$ORIGIN stage.int.motion.cz.
* CNAME stage.int.motion.cz.
$ORIGIN int.motion.cz.
svn CNAME bender
$TTL 10800 ; 3 hours
test-desktop A 192.168.66.54
TXT "006921d2c0445ec8e5b679c8018ef4ceaf"
$TTL 86400 ; 1 day
zoidberg A 192.168.66.10
[root@zoidberg slaves]#
[/code]
[code]
[root@zoidberg dhcp]# cat dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
#
ddns-update-style interim;
ignore client-updates;
authoritative;
subnet 192.168.66.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.66.1;
option subnet-mask 255.255.255.0;
option nis-domain "int.motion.cz";
option domain-name "int.motion.cz";
option domain-name-servers 192.168.66.10;
option time-offset 3600; # GMT+1
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.66.50 192.168.66.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}[root@zoidberg dhcp]#
[/code]
[code]
[root@zoidberg etc]# cat hosts
127.0.0.1 zoidberg zoidberg.int.motion.cz localhost localhost.localdomain
192.168.66.10 zoidberg.int.motion.cz
[root@zoidberg etc]#
[/code]
Any help appreciated, thank you for your time