# [SOLVED]DNS not resolving by names only by IP

## Newbee 12

 *Quote:*   

> I was able to solve the DNS issue by NOT following the the example found in the bind-guide.xml on www.gentoo.org documents 

 

 *Quote:*   

> HI have configured DNS using Bind 9 followed the instructions in the Bind 9 Admin Guide, however I cannot use names to get to websites only IP addresses.  Any help appreciated have I overlooked something? This DNS server goes to our gateway then to the ISP provider.

 

 *Quote:*   

> 
> 
>   GNU nano 2.3.1                                    File: /etc/bind/named.conf
> 
> # named.conf for the pacificcabinets.com domain
> ...

 

 *Quote:*   

> 
> 
>   GNU nano 2.3.1                              File: /etc/bind/pri/PACIFICCABINETS.internal
> 
> $ORIGIN PACIFICCABINETS.COM.
> ...

 

 *Quote:*   

> 
> 
>   GNU nano 2.3.1                              File: /etc/bind/pri/PACIFICCABINETS.external
> 
> $TTL 1D
> ...

 

 *Quote:*   

> 
> 
>   GNU nano 2.3.1                                   File: /etc/bind/pri/192.zone
> 
> $TTL 1D
> ...

 

 *Quote:*   

> 
> 
>   GNU nano 2.3.1                                   File: /etc/bind/pri/127.zone
> 
> $ORIGIN 127.in-addr.arpa.
> ...

 

 *Quote:*   

> I can ping internal and external from dns server host does nothing.

 

----------

## 666threesixes666

try for me....

```

forwarders { 64.126.133.1; 64.126.155.1; 66.82.4.8; 205.162.184.2; }; 

```

to

```

   forwarders {

      x.x.x.x;   // Your ISP NS

      x.x.x.x;   // Your ISP NS

      4.2.2.1;      // Level3 Public DNS

      4.2.2.2;      // Level3 Public DNS

      8.8.4.4;      // Google Open DNS

      8.8.8.8;      // Google Open DNS

   };

```

and change x.x.x.x to your upstream DNS...  if that doesnt work, remove the x.x.x.x lines and try 4.2.2.1 so on.....

here is a copy of my known working config used to resolve only......  (its very generic, and very default)

```

/*

 * Refer to the named.conf(5) and named(8) man pages, and the documentation

 * in /usr/share/doc/bind-9 for more details.

 * Online versions of the documentation can be found here:

 * http://www.isc.org/software/bind/documentation

 *

 * If you are going to set up an authoritative server, make sure you

 * understand the hairy details of how DNS works. Even with simple mistakes,

 * you can break connectivity for affected parties, or cause huge amounts of

 * useless Internet traffic.

 */

acl "xfer" {

   /* Deny transfers by default except for the listed hosts.

    * If we have other name servers, place them here.

    */

   none;

};

/*

 * You might put in here some ips which are allowed to use the cache or

 * recursive queries

 */

acl "trusted" {

   127.0.0.0/8;

   ::1/128;

};

options {

   directory "/var/bind";

   pid-file "/var/run/named/named.pid";

   /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */

   //bindkeys-file "/etc/bind/bind.keys";

   listen-on-v6 { ::1; };

   listen-on { 127.0.0.1; };

   allow-query {

      /*

       * Accept queries from our "trusted" ACL.  We will

       * allow anyone to query our master zones below.

       * This prevents us from becoming a free DNS server

       * to the masses.

       */

      trusted;

   };

   allow-query-cache {

      /* Use the cache for the "trusted" ACL. */

      trusted;

   };

   allow-recursion {

      /* Only trusted addresses are allowed to use recursion. */

      trusted;

   };

   allow-transfer {

      /* Zone tranfers are denied by default. */

      none;

   };

   allow-update {

      /* Don't allow updates, e.g. via nsupdate. */

      none;

   };

   /*

   * If you've got a DNS server around at your upstream provider, enter its

   * IP address here, and enable the line below. This will make you benefit

   * from its cache, thus reduce overall DNS traffic in the Internet.

   *

   * Uncomment the following lines to turn on DNS forwarding, and change

   *  and/or update the forwarding ip address(es):

   */

   forward first;

   forwarders {

      x.x.x.x;   // Your ISP NS

      x.x.x.x;   // Your ISP NS

      4.2.2.1;      // Level3 Public DNS

      4.2.2.2;      // Level3 Public DNS

      8.8.4.4;      // Google Open DNS

      8.8.8.8;      // Google Open DNS

   };

   //dnssec-enable yes;

   //dnssec-validation yes;

   /*

    * As of bind 9.8.0:

    * "If the root key provided has expired,

    * named will log the expiration and validation will not work."

    */

   //dnssec-validation auto;

   /* if you have problems and are behind a firewall: */

   //query-source address * port 53;

};

/*

logging {

   channel default_log {

      file "/var/log/named/named.log" versions 5 size 50M;

      print-time yes;

      print-severity yes;

      print-category yes;

   };

   category default { default_log; };

   category general { default_log; };

};

*/

include "/etc/bind/rndc.key";

controls {

   inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; };

};

zone "." in {

   type hint;

   file "/var/bind/named.cache";

};

zone "localhost" IN {

   type master;

   file "pri/localhost.zone";

   notify no;

};

zone "127.in-addr.arpa" IN {

   type master;

   file "pri/127.zone";

   notify no;

};

/*

 * Briefly, a zone which has been declared delegation-only will be effectively

 * limited to containing NS RRs for subdomains, but no actual data beyond its

 * own apex (for example, its SOA RR and apex NS RRset). This can be used to

 * filter out "wildcard" or "synthesized" data from NAT boxes or from

 * authoritative name servers whose undelegated (in-zone) data is of no

 * interest.

 * See http://www.isc.org/software/bind/delegation-only for more info

 */

//zone "COM" { type delegation-only; };

//zone "NET" { type delegation-only; };

//zone "YOUR-DOMAIN.TLD" {

//   type master;

//   file "/var/bind/pri/YOUR-DOMAIN.TLD.zone";

//   allow-query { any; };

//   allow-transfer { xfer; };

//};

//zone "YOUR-SLAVE.TLD" {

//   type slave;

//   file "/var/bind/sec/YOUR-SLAVE.TLD.zone";

//   masters { <MASTER>; };

   /* Anybody is allowed to query but transfer should be controlled by the master. */

//   allow-query { any; };

//   allow-transfer { none; };

   /* The master should be the only one who notifies the slaves, shouldn't it? */

//   allow-notify { <MASTER>; };

//   notify no;

//};

```

basically im saying document then revert your configurations, and keep introducing information until it stops running 

```
dig google.com
```

 properly, to find your error.

further reading...  https://wiki.archlinux.org/index.php/BIND

http://www.gentoo.org/doc/en/bind-guide.xml

(plz wiki @ wiki.gentoo.org if you get it fixed as you desire)

----------

