Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Help with Bind conf files #2

Open
freedombirdone opened this issue Dec 13, 2021 · 4 comments
Open

Help with Bind conf files #2

freedombirdone opened this issue Dec 13, 2021 · 4 comments

Comments

@freedombirdone
Copy link

freedombirdone commented Dec 13, 2021

Can you provide sample zone configuration files that works for bind9? I have the following configurations but I cannot seem to resolve the following queries:

HOST:
$ nslookup ns1
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find ns1: SERVFAIL

HOST.DOMAIN:
$ nslookup ns1.example
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find ns1.example: NXDOMAIN

FQDN:
$ nslookup ns1.example.local
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find ns1.example.local: SERVFAIL

Configurations:

/etc/bind/db.local
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA localhost. root.localhost. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS localhost.
@ IN A 127.0.0.1
@ IN AAAA ::1

/etc/bind/db.example.local
$TTL 604800
@ IN SOA ns1.example.local. root.ns1.example.local. (
4 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.example.local.
ns1 IN A 192.168.110.153
log4jdnsreq 3600 IN NS ns1.example.local.

@bart-roos
Copy link

You don't actually need a zone file. The DNS server is supposed to respond with a SERVFAIL, but the query will still be logged in the query log. The snippets mentioned in the README.md are the only changes to to the default Bind Debian configuration.

@bortzmeyer
Copy link

You can also do it without a DNS server at all, see #4

@freedombirdone
Copy link
Author

freedombirdone commented Dec 14, 2021

You don't actually need a zone file. The DNS server is supposed to respond with a SERVFAIL, but the query will still be logged in the query log. The snippets mentioned in the README.md are the only changes to to the default Bind Debian configuration.

I understand you can use without a DNS server. I'm trying to understand how you get this run with a DNS server.

Where did you put this record? On the DNS callback server (log4jchecker) or on your domain name servers for northwave.nl?

log4jdnsreq 3600 IN NS log4jchecker.northwave.nl.

Is this basically creating a 'stub' zone named 'log4jdnsreq' and says host 'log4jchecker' is the name server for this stub zone? Where do you define the A records for the DNS callback server, on the callback server (log4jchecker) or on the domain name servers for northwave.nl?

@bart-roos
Copy link

Where did you put this record? On the DNS callback server (log4jchecker) or on your domain name servers for northwave.nl?

log4jdnsreq 3600 IN NS log4jchecker.northwave.nl.

You would add this record to the DNS zone of northwave.nl, so on the DNS server that is already running for this domain. This entry makes log4jchecker.northwave.nl. the DNS server for *.log4jdnsreq.northwave.nl.. The host log4jchecker.northwave.nl. is where the script and the dummy DNS server that only does logging both run.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

No branches or pull requests

3 participants