I setup the bind9 service and entries in ubuntu for the local office network, I’ve used it multiple times at other locations over the past decade with no problems for small networks like this. Only odd items here is it uses a non-standard domain internally (we will say company.fgh for example), as well as an IP subset assigned to the company that is typically external IPs (Class B, not a standard LAN 10.x or 192.x class A or C, we will use a hypothetical similar Class B address 133.0.0.x), but these IPs are used for LAN addresses (servers) with a few externally used facing the internet (email server for example).
I suspect there is something with the Class B addresses which are being sent out to resolve externally which is causing the failure.
It worked fine for a week or two (or maybe not) but suddenly all the SMB network shares (permissions handled by AD) stopped working and I cannot see why. For this example the SMB shares are at nas.company.fgh using a similar (hypothetical) Class B address 22.214.171.124.
There are no other odd nor unusual entries nor networks added.
I have the db.company.fgh, and formatted properly per every single time I’ve used it before and other instructional sites online. One piece that seems to be an issue is the NS records lines. If I just use:
IN NS ns1.company.fgh IN NS ns2.company.fgh
then when I start bind9 service, it says “skipped db.company.fgh as no NS records exist”.
Yet if I use
company.fgh. IN NS ns1.company.fgh company.fgh. IN NS ns2.company.fgh
then the service starts but the SMB shares are broken/unresolvable. It does have 20+ entries, things like:
ns1.company.fgh IN A 126.96.36.199 ns2.company.fgh IN A 188.8.131.52 nas.company.fgh IN A 184.108.40.206 email.company.fgh IN A 220.127.116.11 scans.company.fgh IN A 18.104.22.168
The named.conf.local does have the “company.fgh” zone with all IP subsets that would use the DNS server, such as 22.214.171.124/24;10.0.0.0/24;10.0.1.0/24, etc. as well as the 0.130.in-addr.arpa zone with all the same entries (and proper alterations needed).
The named.conf.options file has the acl “trusted” with the same list of networks, I have tried the allow-recursion, allow-query, allow-query-cache, and allow-transfer as both “any” and “trusted” which seems to make no difference.
Any ideas or suggestions please.