Problema de forwarding en bind9 | Algo de Linux

jueves, 30 de octubre de 2014

Problema de forwarding en bind9

Estaba tratando de configurar el forwarding en el servidor bind9 de la subred de los ciclos para que reenviara peticiones a los servidores DNS de la red del centro, y a pesar de que la configuración es sencilla, no funcionaba:

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        recursion yes;
        forwarders { 172.19.144.3; 172.19.144.2; };

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation yes;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};
Buscando un poco, he encontrado que si dejamos dnssec-validation auto, bind9 no realiza las peticiones a los servidores que le hayamos indicado, pero sí funciona cuando el valor es yes o no. Un bug??

Publicado por primera vez en http://enavas.blogspot.com.es

No hay comentarios: