I'm trying to setup a DNS name server using fedora14.
Everything is working in the LAN, I've no errors in log/messages, but cannot ping outside world. Can ping IP addresses but not domain names.

My config file is:

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//

options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// allow-query { localhost; 192.168.1.195; };
// recursion yes;
allow-recursion { 127.0.0.1; 192.168.1.0/24; };
empty-zones-enable no;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;

bindkeys-file "/etc/named.iscdlv.key";

forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
transfer-format many-answers;
};

zone "." IN {
type hint;
file "named.ca";
};

zone "xpt.com.pt" {
type master;
file "db.xpt.com.pt";
};


include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
// include "/etc/managed-keys.bind";




/etc/resolv.conf :

search xpt.com.pt
nameserver 192.168.1.195




Any ideas?

still no ideas?

Anything in named's log file? Have you turned on debugging? What result do you see if you dig @yournameserver?

In named.run:
zone 0.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
zone xpt.com.pt/IN: loaded serial 1
managed-keys-zone ./IN: loaded serial 5
running
dumping master file: tmp-1MsqgDREt0: open: permission denied
managed-keys-zone ./IN: Unable to fetch DNSKEY set '.': timed out
managed-keys-zone ./IN: Unable to fetch DNSKEY set 'dlv.isc.org': timed out
dumping master file: tmp-BMYF2GLBww: open: permission denied


If I dig the internal domain (xpt.com.pt) it works, if I dig www.yahoo.com got this:
; <<>> DiG 9.7.3-RedHat-9.7.3-1.fc14 <<>> www.yahoo.com
;; global options: +cmd
;; connection timed out; no servers could be reached

cannot ping outside.
In /etc/resolv.conf i have nameserver 127.0.0.1, if i changed it to 208.67.222.222, I can ping outside world.

I'm completly lost.

---------- Post added at 07:15 PM ---------- Previous post was at 07:00 PM ----------

My /var/log/messages:

cat /var/log/messages
Jun 4 20:10:20 xpt named[28274]: starting BIND 9.7.4b1-RedHat-9.7.4-0.1.b1.fc14 -u named -4 -t /var/named/chroot
Jun 4 20:10:20 xpt named[28274]: built with '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-pkcs11=/usr/lib64/pkcs11/PKCS11_API.so' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' 'CPPFLAGS= -DDIG_SIGCHASE'
Jun 4 20:10:20 xpt named[28274]: adjusted limit on open files from 1024 to 1048576
Jun 4 20:10:20 xpt named[28274]: found 1 CPU, using 1 worker thread
Jun 4 20:10:20 xpt named[28274]: using up to 4096 sockets
Jun 4 20:10:20 xpt named[28274]: loading configuration from '/etc/named.conf'
Jun 4 20:10:20 xpt named[28274]: using default UDP/IPv4 port range: [1024, 65535]
Jun 4 20:10:20 xpt named[28274]: using default UDP/IPv6 port range: [1024, 65535]
Jun 4 20:10:20 xpt named[28274]: no IPv6 interfaces found
Jun 4 20:10:20 xpt named[28274]: listening on IPv4 interface lo, 127.0.0.1#53
Jun 4 20:10:20 xpt named[28274]: listening on IPv4 interface eth1, 192.168.10195#53
Jun 4 20:10:20 xpt named[28274]: generating session key for dynamic DNS
Jun 4 20:10:20 xpt named[28274]: using built-in trusted-keys for view _default
Jun 4 20:10:20 xpt named[28274]: set up managed keys zone for view _default, file 'managed-keys.bind'
Jun 4 20:10:20 xpt named[28274]: command channel listening on 127.0.0.1#953
Jun 4 20:10:20 xpt named[28274]: zone 0.in-addr.arpa/IN: loaded serial 0
Jun 4 20:10:20 xpt named[28274]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Jun 4 20:10:20 xpt named[28274]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Jun 4 20:10:20 xpt named[28274]: zone localhost.localdomain/IN: loaded serial 0
Jun 4 20:10:20 xpt named[28274]: zone localhost/IN: loaded serial 0
Jun 4 20:10:20 xpt named[28274]: zone logicworks.com.pt/IN: loaded serial 1
Jun 4 20:10:20 xpt named[28274]: managed-keys-zone ./IN: loaded serial 7
Jun 4 20:10:20 xpt named[28274]: running

I think the problem has to do with dnssec-keys, I need to learn how to create and configure them.