Anyway, So I will post a complete analysis here about all my BIND9 configurations, and maybe someone will notice something that I missed. And yeah, this IS the reason why my tutorial in the tut section has been rendered useless ^^ I want to be sure of the problem before it's being put to use.
Anyway, due to my constant reconfiguring of the server the last days, there might be some odd typos or errors in these configs, but according to the logs, it should work anyway.
daemon.log
Aug 30 11:29:52 Teresa named[5280]: shutting down: flushing changes
Aug 30 11:29:52 Teresa named[5280]: stopping command channel on 127.0.0.1#953
Aug 30 11:29:52 Teresa named[5280]: no longer listening on 192.168.0.6#53
Aug 30 11:29:52 Teresa named[5280]: exiting
Aug 30 11:29:54 Teresa named[5338]: starting BIND 9.4.2-P1 -4 -u bind
Aug 30 11:29:54 Teresa named[5338]: found 2 CPUs, using 2 worker threads
Aug 30 11:29:54 Teresa named[5338]: loading configuration from '/etc/bind/named.conf'
Aug 30 11:29:54 Teresa named[5338]: no IPv6 interfaces found
Aug 30 11:29:54 Teresa named[5338]: listening on IPv4 interface eth0, 192.168.0.6#53
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 254.169.IN-ADDR.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: D.F.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 8.E.F.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: 9.E.F.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: A.E.F.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: automatic empty zone: B.E.F.IP6.ARPA
Aug 30 11:29:54 Teresa named[5338]: command channel listening on 127.0.0.1#953
Aug 30 11:29:54 Teresa named[5338]: zone 0.in-addr.arpa/IN: loaded serial 1
Aug 30 11:29:54 Teresa named[5338]: zone 127.in-addr.arpa/IN: loaded serial 1
Aug 30 11:29:54 Teresa named[5338]: /etc/bind/zones/192.168.0.rev:1: no TTL specified; using SOA MINTTL instead
Aug 30 11:29:54 Teresa named[5338]: zone 0.168.192.in-addr.arpa/IN: has no NS records
Aug 30 11:29:54 Teresa named[5338]: zone 255.in-addr.arpa/IN: loaded serial 1
Aug 30 11:29:54 Teresa named[5338]: zone binary/IN: loaded serial 2008092901
Aug 30 11:29:54 Teresa named[5338]: zone localhost/IN: loaded serial 2
Aug 30 11:29:54 Teresa named[5338]: running
named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
include "/etc/bind/named.conf.local";
named.conf.local
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
zone "binary" {
type master;
file "/etc/bind/zones/binary.db";
notify no;
};
zone "0.168.192.in-addr.arpa" {
type master;
file "/etc/bind/zones/192.168.0.rev";
};
named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
//query-source address * port 53;
//notify-source * port 53;
//transfer-source * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
193.111.152.2;
};
listen-on { 192.168.0.6; };
auth-nxdomain no; # conform to RFC1035
#listen-on-v6 { any; };
};
binary.db
$TTL 1d
binary. IN SOA ns1.binary (
admin.binary
2008092901
1h
15m
4w
1h )
teresa IN 2 A 192.168.0.6
10 IN 2 PTR teresa.binary.
ssh IN 2 CNAME teresa.binary.
www IN 2 CNAME teresa.binary.
ns1 IN 2 CNAME teresa.binary.
192.168.0.rev
@ IN SOA teresa. admin.teresa. (
2006081401;
28800;
604800;
604800;
86400 );
IN NS ns1.teresa.
77 IN PTR teresa.
Updated
When I switched to my DNS as the primary DNS on another computer and tried to reach Suck-o, the following three odd things happened.
1: The BIND9 server doesn't seem to work at all, as in it doesn't seem to matter if the zones and records are correct because when I tried to reach Suck-o, it didn't forward the request to my ISP as planned.
2: The following entry appeared in the syslog, and it's odd because that directory all belongs to bind:bind, yet it can't use the file, not even after I created it and set the permissions right.
3: When I tried to reach Suck-o, it created a bunch of these entries in the syslog, which somewhat indicates that it does receive the query.Aug 30 11:58:38 Teresa named[5977]: isc_log_open '/etc/bind/query.log' failed: permission denied
Aug 30 11:58:38 Teresa kernel: [ 8788.313785] audit(1220090318.159:52): type=1503 operation="inode_permission" requested_mask="a::" denied_mask="a::" name="/$