BIND don't resolve Microsoft Teams URL

Propus Gemini · Jul 5, 2021

Can't resolve the webhook MS Teams

On Bind Server nslookup

[root@dns-of-1 ~]# nslookup
> enelcom.webhook.office.com
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
enelcom.webhook.office.com canonical name = outlook.office365.com.
outlook.office365.com canonical name = outlook.ha.office365.com.
outlook.ha.office365.com canonical name = outlook.ms-acdc.office.com.
outlook.ms-acdc.office.com canonical name = ZRH-efz.ms-acdc.office.com.
Name: ZRH-efz.ms-acdc.office.com
Address: 52.97.186.146
Name: ZRH-efz.ms-acdc.office.com
Address: 52.97.201.242
Name: ZRH-efz.ms-acdc.office.com
Address: 52.97.201.194
Name: ZRH-efz.ms-acdc.office.com
Address: 52.97.232.210
Name: ZRH-efz.ms-acdc.office.com
Address: 2603:1026:c0b:22::2
Name: ZRH-efz.ms-acdc.office.com
Address: 2603:1026:c0b:40::2
Name: ZRH-efz.ms-acdc.office.com
Address: 2603:1026:c0b:20::2
Name: ZRH-efz.ms-acdc.office.com
Address: 2603:1026:c0b:21::2
>

My conf:

# BIND named process options
# ~~~~~~~~~~~~~~~~~~~~~~~~~~
#
OPTIONS="-4"
# -- These additional options will be passed to named
# at startup. Don't add -t here, enable proper
# -chroot.service unit file.
# Use of parameter -c is not supported here. Extend
# systemd named*.service instead. For more
# information please read the following KB article:
#

https://access.redhat.com/articles/2986001

#
# DISABLE_ZONE_CHECKING -- By default, service file calls named-checkzone
# utility for every zone to ensure all zones are
# valid before named starts. If you set this option
# to 'yes' then service file doesn't perform those
# checks.
~

options {
listen-on port 53 { any; };
//listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; any; };
allow-transfer{ 10.128.0.112; }; ### Slave DNS IP ###
also-notify{ 10.128.0.112; }; ### Slave DNS IP ###

/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;

dnssec-enable yes;
dnssec-validation yes;

/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";

managed-keys-directory "/var/named/dynamic";

pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};

logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};

//Public DNS
zone "." IN {
type hint;
file "named.ca";
};

zone "loc.mycompany.com" IN {
type master;
file "forward.mycompany.com";
allow-update { none; };
};

//Reverse not in use
/*zone "0.128.10.in-addr.arpa" IN {
type master;
file "loc.mycompany.com";
allow-update { none; };
};*/

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";

iggsterman · Jul 5, 2021

What's wrong with that? It gives you 4 IPv4 and 4 IPv6 addresses. It's resolving alright.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

BIND don't resolve Microsoft Teams URL

Propus Gemini

IS-IT--Management

iggsterman

Technical User

Similar threads

Part and Inventory Search

Sponsor