BIND 9 on Solaris 8... query failures

Kevin Darcy kcd at daimlerchrysler.com
Thu Sep 28 04:01:30 UTC 2000


Nah, with a relatively-vanilla config like that, the absence of crypto
shouldn't cause any queries to fail. I just brought up an instance of BIND 9 on
a Solaris 7 box and I can even query it remotely using the cruddy old
"nslookup" provided with Solaris 2.5.1. So that can't be it. BIND 9 should be
completely compatible with backlevel resolvers. Even if it were configured to
disallow queries for some reason, it would send back REFUSED responses.

More detail from the "snoop" output would be helpful, and/or start up the
nameserver with debugging enabled.


- Kevin

hume.spamfilter at bofh.halifax.ns.ca wrote:

> I've been trying out BIND 9 on my Solaris 8 box, primarily because I'm
> interested in the split DNS and IPv6 support.  I got it built without a
> hitch, installed it, cured the no-default-TTL problem in my zone files,
> and fired it up.  Unfortunately, nothing could run queries against it,
> not even the host it was running on, except via the nslookup which was
> built with it.
>
> When I run BIND 8 nslookup and sniff the traffic using snoop, I see replies
> going back with bad-format (or thereabouts) errors.
>
> Now, the BIND 9 nslookup claims from the beginning that it has crypto-
> verified the answer from the server.  Is this what is messing up the older
> clients?
>
> This server runs on my workstation, serving a few tiny zones but mostly just
> acting as a general resolver for the workstation itself.  I've included the
> named.conf below.
>
> --
> options {
>         recursion       yes;
>         auth-nxdomain   yes;
>         rfc2308-type1   no;
>         directory       "/etc/namedb";
>         pid-file        "/var/run/named.pid";
>         query-source    address 129.173.46.183 port 53;
>         allow-query     {       any;    };
>         allow-transfer  {       any;    };
> };
>
> zone "." in {
>         type hint;
>         file "named.cache";
> };
>
> zone "0.0.127.in-addr.arpa" in {
>         type master;
>         file "master/127.0.0";
> };
>
> zone "bofh.halifax.ns.ca" in {
>         type master;
>         file "master/bofh.halifax.ns.ca";
> };
>
> --
>
> --
> Brandon Hume    - hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
>                        -> Solaris Snob and general NOCMonkey






More information about the bind-users mailing list