DNS não fuinciona p/ maquinas internas
	
	
		Sera que alguem poderia me ajudar???
Estou tentando montar um DNS usando Fedora Core 2. Acho que já fiz tudo que podia, mas ainda está 
dando problema.
Configurei o arquivos, em /etc e /var/named/chroot/etc:
named.conf
// generated by named-bootconf.pl
options {
	directory "/var/named";
	listen-on { 127.0.0.1; 192.168.0.0/24; 192.168.0.0; };
	allow-query { 192.168.0.0/24; };
	/*
	 * If there is a firewall between you and nameservers you want
	 * to talk to, you might need to uncomment the query-source
	 * directive below.  Previous versions of BIND always asked
	 * questions using port 53, but BIND 8.1 uses an unprivileged
	 * port by default.
	 */
	// query-source address * port 53;
};
// 
// a caching only nameserver config
// 
zone "." IN {
	type hint;
	file "named.ca";
};
zone "localhost" IN {
	type master;
	file "localhost.zone";
	allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
	type master;
	file "named.local";
	allow-update { none; };
};
zone "teste.lab.br" IN {
	type master;
	file "teste.lab.br";
};
zone "0.168.192.in-addr.arpa" IN {
	type master;
	file "teste.lab.br.rev";
};  
Configurei os arquivos, em /var/named e /var/named/chroot/var/named
teste.lab.br
$TTL	86400
$ORIGIN teste.lab.br.
@			IN SOA	fiona.teste.lab.br. root.fiona.teste.lab.br. (
					2005033101;
					3H;
					15M;
					1W;
					1D);
		IN NS	fiona.teste.lab.br.
		IN MX	mail.teste.lab.br.
fiona		IN 	A	192.168.0.1
gerencia	IN	A	192.168.0.10
web	IN	A	192.168.0.53
mail	IN	A	192.168.0.88
aker	IN	A	192.168.0.254	
E também o arquivo, 
teste.lab.br
$TTL	86400
$ORIGIN 0.168.192.in-addr.arpa.
@       IN      SOA     fiona.teste.lab.br. root.fiona.teste.lab.br.  (
                                      2005033101;
                                      28800;
                                      14400;
                                      3600000;
                                      86400);
        IN      NS	fiona.teste.lab.br. 
	IN	MX	mail.teste.lab.br.
	
1       IN      PTR     fiona.teste.lab.br.
10	IN	PTR	gerencia.teste.lab.br.
53	IN	PTR	web.teste.lab.br.
88	IN	PTR	mail.teste.lab.br.
254	IN	PTR	aker.teste.lab.br. 
Ao dar o comando nslookup, a seguinte resposta é obtida:
[root@fiona root]# nslookup mail.teste.lab.br
Server:         192.168.0.1
Address:        192.168.0.1#53
** server can't find mail.teste.lab.br: SERVFAIL
[root@fiona root]# nslookup mail
Server:         192.168.0.1
Address:        192.168.0.1#53
** server can't find mail: NXDOMAIN
Quando dou o comando dig:
[root@fiona root]# dig 192.168.0.1
; <<>> DiG 9.2.3 <<>> 192.168.0.1
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3648
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;192.168.0.1.                   IN      A
;; AUTHORITY SECTION:
.                       10800   IN      SOA     A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 
2005033100 1800 900 604800 86400
;; Query time: 365 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Thu Mar 31 16:50:00 2005
;; MSG SIZE  rcvd: 104
[root@fiona root]# dig teste.lab.br
; <<>> DiG 9.2.3 <<>> teste.lab.br
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23222
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;teste.lab.br.                   IN      A
;; Query time: 1 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Thu Mar 31 16:50:30 2005
;; MSG SIZE  rcvd: 29
Mais ainda, quando dou o comando netstat:
[root@fiona root]# netstat -an | grep 53
tcp        0      0 192.168.0.1:53          0.0.0.0:*               OUÃA       
tcp        0      0 127.0.0.1:53            0.0.0.0:*               OUÃA       
tcp        0      0 127.0.0.1:953           0.0.0.0:*               OUÃA       
tcp        0      0 ::1:953                 :::*                    OUÃA       
udp        0      0 192.168.0.1:53          0.0.0.0:*                           
udp        0      0 127.0.0.1:53            0.0.0.0:*                           
O que eu faço???? Será que alguém poderia me ajudar?
Ps. NÃO TENHO FIREWALL INSTALADO NA MAQUINA, REMOVI O IPTABLES.
RISOS... E PRA FINALIZAR, A BENDITA CONEXÃO COM SSH QUE FICA CAINDO DIREEEEETO!!! RISOS.... 
SERÁ QUE TEM SOLUÇÃO, OU DEVO MANDAR O CARA QUE TA MEXENDO (EU) PRA....... RISOS... .
MAAAAAIS UMA COISA.... PRA FORA O DNS FUNCIONA:
[root@fiona root]# nslookup www.usp.br
Server:         192.168.0.1
Address:        192.168.0.1#53
Non-authoritative answer:
Name:   www.usp.br
Address: 143.107.254.11
AGRADEÇO DESDE JÁ!!!!!!
	 
	
	
	
		DNS não fuinciona p/ maquinas internas
	
	
		Primeiro:
listen-on { 127.0.0.1; 192.168.0.0/24; 192.168.0.0; }; 
isso aqui da para ser:
listen-on { 127.0.0.1; 192.168.0.0/24; }; 
Tente o seguinte:
"Quoted from: http://www.die.net/doc/linux/man/man5/named.conf.5.html"
	Citação:
	
		
		
			Access Control
Access to the server can be restricted based on the IP address of the requesting system or via shared secret keys. See Sx ADDRESS MATCH LISTS for details on how to specify access criteria. 
allow-query 
Specifies which hosts are allowed to ask ordinary questions. allow-query may also be specified in the zone statement, in which case it overrides the options allow-query statement. If not specified, the default is 
allow-recursion 
Specifies which hosts are allowed to ask recursive questions. allow-recursion may also be specified in the zone statement, in which case it overrides the options allow-recursion statement. If not specified, the default is to allow recursive queries from all hosts. 
allow-transfer 
Specifies which hosts are allowed to receive zone transfers from the server. allow-transfer may also be specified in the zone statement, in which case it overrides the options allow-transfer statement. If not specified, the default is to allow transfers from all hosts. 
blackhole 
Specifies a list of addresses that the server will not accept queries from or use to resolve a query. Queries from these addresses will not be responded to.
			
		
	
 
coloque la:
allow-recursion { 192.168.0.0/24; }; 
e teste.
	 
	
	
	
		DNS não fuinciona p/ maquinas internas
	
	
		seguinte
vi /etc/resolv.conf
Coloca ali na primeira linha
nameserver IPDOSERVIDOR
e boa!