BIND9 dns querys accross subnets?

By onlinegeek101 ·
I am trying to setup a bind 9 dns server. I currently can make it so that I will serve anyone who is in the direct subnet of the server. Example is my dns server. If I make a DNS call from the machine hosting the server It resolves fine. But if I had a machine at and I wanted them to be able to query the server as well how do I manage this. The address of the machines accessing the server can vary in any of the bottom 3 octets so I can't just declare zones for each. Thanks for any help in advance.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -


by yasser_khan In reply to BIND9 dns querys accross ...

Do you have the proper ports opened (53) through your firewall across these different subnets. We have our DNS servers on their own subnet in a separate DMZ. Our webservers are in a different subnet altogether and our office servers are in a thirs zone. We have to have rules within our firewall allowing traffic to pass through on DNS Port across them to get the names resolved.

Also, you may want to look at the BIND concept of creating views if you want to hit the server internally to get the internal IP name resolution but want the DNS to reply with an external or (different) IP if the query is coming from a different network.

Collapse -

Reponse To Answer

by onlinegeek101 In reply to Firewall?

It is still within the overall subnet of the company. It is just an a different address location. Ei. 192.168.2. instead of 192.168.3. I don't know how this comes into play. I don't think its a port issue because I get a response of refused from the DNS server. I think its more a bind configuration issue. You map the incoming request based on the ip of the person requesting I believe and I think currently this is restricted to people whos first 3 octets match. Any ideas?

Collapse -

ACL on Bind

by yasser_khan In reply to BIND9 dns querys accross ...

Do you by any chance have an acl within your named.conf file that is restricting responses to the incoming query. For example:

acl "allowip" {10.0.1/24; 10.2.1/24; 10.3.1/24; 10.5.1/24; 10.0.10/24; 10.7.1/24; 192.168/16; 127/8; 172/8; };

This will restrict replies to only those requests that are generated from within these allowed subnet ranges.

Collapse -

Reponse To Answer

by onlinegeek101 In reply to ACL on Bind

Nope nothing like that.

Related Discussions

Related Forums