Hello,
I'm struggling with this and sor far I haven't being able to set the DNS forwarding, so any helo is really appreciated.
Here's my DNS config:
forwarding {
cache-size 150
listen-on eth2
listen-on eth1.10
listen-on eth1.100
listen-on eth1
name-server 185.83.217.248
name-server 5.9.49.12
}The eth1 is the interface where my hosts are located (under the subnet 192.168/16) , being my router set with IP 192.168.1.1 .
However when I do a DNS query from any of the hosts using the router as a nameserver I simply got no answer:
dig @192.168.1.1 google.com ; <<>> DiG 9.10.4-P3-RedHat-9.10.4-2.P3.fc23 <<>> @192.168.1.1 google.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27556 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; Query time: 14 msec ;; SERVER: 192.168.1.1#53(192.168.1.1) ;; WHEN: Sat Nov 12 13:17:03 CET 2016 ;; MSG SIZE rcvd: 28
The router firewall is currently allowing all UDP and TCP connections to port 53 (LAN represents the zone where the eth1 subnet - 192.168/16 is mapped):
show firewall name LAN-LOCAL
default-action drop
rule 1 {
action accept
description "Allow established connections"
state {
established enable
related enable
}
}
rule 2 {
action drop
description "Drop invalid packets"
state {
invalid enable
}
(...)
rule 53 {
action accept
description "Allow DNS"
destination {
port 53
}
protocol tcp_udp
and the return connection is allowed on the firewall:
show firewall name LOCAL-LAN
default-action drop
rule 1 {
action accept
description "Allow established connections"
state {
established enable
related enable
}
}
rule 2 {
action drop
description "Drop invalid packets"
state {
invalid enable
}
}With all of this set I honest see no reason why this isn't working.
Any help will be really appreciated!!