The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

named.conf issues

Discussion in 'General Discussion' started by ewebza, Jan 7, 2013.

  1. ewebza

    ewebza Member

    Joined:
    May 30, 2010
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    I have a primary webserver which also acts as a primary nameserver, lets call it web1.
    There is a VPS that runs WHM DNSOnly which acts only as a secondary nameserver, it is set up a cluster with web1, let's call it dns1.

    On web1, named.conf has no options {} block @ all. I've read some other posts on this forum and I've added the following to my named.conf on web1

    Code:
    acl "trusted_ips" {
            213.239.x.x;
            213.239.x.x;
            127.0.0.1;
            46.4.x.x;
            46.4.x.x;
            46.4.x.x;
            78.46.x.x;
            78.46.x.x;
            78.46.x.x;
            78.46.x.x;
            78.46.x.x;
            78.46.x.x;
            78.46.x.x;
            78.46.x.x;
            198.12.x.x;
    };
    
    options {
    	directory "/var/named";
    #	allow-recursion { trusted_ips; };
    #	allow-notify { trusted_ips; };
    #	allow-transfer { trusted_ips; };
    #	allow-query { trusted_ips; };
    };
    trusted_ips are all the IP's assigned to this box, with the last IP being the VPS (dns1)

    If I uncomment the allow* lines in options {} named restarts without a problem but if I nslookup on the box (web1) it fails

    Code:
    root@digital [/var/log]# nslookup google.co.za
    ;; connection timed out; trying next origin
    Also, when this happens, none of my mail gets delivered to @google.com / @yahoo.com which I would assume is because it can't lookup the domains (web1).

    Any idea how I can fix this? At the moment the NS allows remote queries and recursion which I do not want.
     
  2. hgrg

    hgrg Well-Known Member

    Joined:
    Oct 4, 2010
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    check /etc/resolv.conf for resolvers...
     
  3. ewebza

    ewebza Member

    Joined:
    May 30, 2010
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Thanks, I changed my resolvers to Google's resolvers and replaced the acl variables with a full list of the IP's in each case and that seemed to work.
     
  4. hgrg

    hgrg Well-Known Member

    Joined:
    Oct 4, 2010
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    you are most welcome :)
     
Loading...

Share This Page