There is no running Bind and no another DNS service on the LAN.On the machine is running only one resolver present after installation, it is fresh OS installation.
resolv.conf contains only one line: nameserver 31.3.32.1 dig output is below."...That is also normal. What is not normal is for it to time out. Really, it's not "on LAN" that is the issue. It is using RFC1918 addresses rather than globally-valid addresses..."
Let's forget on timeout I mentioned in my first post, I had prohibited public DNS service for some private machines.
If I understand good your answer, the only way how to disallow resolver to query reverse translation for target private IP is to deploy DNS service for machines with private IPs ? I cannot believe it. OS don't need reverse DNS translating for communicating IP1<->IP2.
; <<>> DiG 9.18.24 <<>> -x 192.168.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2386 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;1.1.168.192.in-addr.arpa. IN PTR ;; AUTHORITY SECTION:168.192.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800
;; Query time: 37 msec ;; SERVER: 31.3.32.1#53(31.3.32.1) (UDP) ;; WHEN: Wed Feb 19 18:27:07 CET 2025 ;; MSG SIZE rcvd: 112 On 19-Feb-25 5:19 PM, Greg Troxel wrote:
Peter Skvarka <ps%softinengines.com@localhost> writes:I have simple private LAN with several machines, no DNS service. Machines uses IP address to contact each other and DNS names for internet targets.That sounds normal, except for "no DNS service".Even DNS resolver is setup properly and it is able to translate public names to IPs, still it tries to do reverse query to internet DNS server when target IP is on LAN.That is also normal. What is not normal is for it to time out. Really, it's not "on LAN" that is the issue. It is using RFC1918 addresses rather than globally-valid addresses.Does exist any configuration file where I can put my LAN's IP/netmask and DNS resolver will not try reverse queries ? Or can be DNS resolver configured by this way ?(You can run named (bind) and configure it, yes.) You have not said how things are set up. What is in /etc/resolv.conf? Is it pointing to localhost, or someplace else? Are you running named? If so, what is in /var/log/messages? Are you running some other resolver? Run dig -x 192.168.1.1 and see what you get. You should get NXDOMAIN very quickly. If that uses a nameserver not run by you, and you don't get NXDOMAIN quickly, then either ask the operator to fix it or stop using it.