Bind 8.1.2

Mark_Andrews at isc.org Mark_Andrews at isc.org
Fri Jun 18 00:48:27 UTC 1999 

> I have no problem pinging the ip addr. of the root servers.  When I start
> named server in the debug mode, I can see that it's trying to contact 
> the root servers but could not make connection.  As far as the firewall
> is concern, I did open port 53 for both TCP and UDP.  Also, the cache
> file is the one that we are using on our current DNS server and is up
> to date.
> Thanks for taking the time to response.  I will take your advise and look
> into the firewall to see if it might be the problem.

	Add the following to the options block

		query-source address * port 53;

	This locks the source port to 53 rather than letting the system
	assign a different port every time named starts up.  It does not
	have to be locked to 53 but given you have opened that port up
	for incoming queries you may as well send the outgoing queries
	out the same hole.

	Mark

> 
> At 10:29 AM 6/18/99 +1000, marka at isc.org wrote:
> >
> >	If you are having a problem please state it as the original
> >	question got answered factually and did not indicate a error
> >	condition.
> >
> >	The are many potential reasons why you could not be able to
> >	contact the root servers most of which are not BIND related at
> >	all.
> >
> >	1. can you ping the root servers (use IP addresses)?
> >
> >		Yes - good.
> >		No - routing problem / firewall problem / broken link.
> >
> >	2. if 1 succeeds does "dig +norec ns . @<ip-address>" return the
> >	   list of root servers & their addresses for any / all root
> >	   servers.
> >
> >		Yes - good.
> >		No - firewall problem (you may need to fix the source
> >		port / source address for queries in named.conf).
> >
> >	Does the contents of root.cache contain have the NS and A records
> >	corresponding to the machines queried above?
> >
> >	Mark
> >
> >> I still have problem looking up anything outside of my domain.  It seems
> >> like that
> >> our name server cannot contact the root name server.  Please help.
> >> 
> >> At 02:05 PM 6/17/99 +1000, you wrote:
> >> >
> >> >> What does this error message mean?
> >> >> 
> >> >> np_parent(0x0) couldn't find root entry
> >> >> 
> >> >> Can anyone tell me what I did wrong?
> >> >> 
> >> >> 
> >> >	Nothing.  This is a normal condition. The diagnostic has been
> >> >	removed from later version.
> >> >
> >> >	Mark
> >> >--
> >> >Mark Andrews, Internet Software Consortium
> >> >1 Seymour St., Dundas Valley, NSW 2117, Australia
> >> >PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> >> 
> >> 
> >> =====================================================================
> >> 
> >> Dat Nguyen
> >> UNIX/EDI Administrator
> >> Simple Technology, Inc.
> >> dnguyen at simpletech.com
> >> Phone: (949)476-1180 x8222
> >> Direct:(949)260-8222
> >> Fax: (949)476-1209
> >> 
> >> =====================================================================
> >> 
> >> 
> >--
> >Mark Andrews, Internet Software Consortium
> >1 Seymour St., Dundas Valley, NSW 2117, Australia
> >PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list