Can't communicate with certain nameservers
js
jason at med-web.com
Thu Sep 7 21:03:45 UTC 2000
There are certain hostnames that my BIND nameserver cannot resolve. It
seems to be totally unable to communicate with certain other nameservers
(although 99.8% of them work fine). It just hangs and eventually times
out. Some that don't work are:
205.180.59.31 dd1-ca.su-colo.bbnplanet.com (psw.fidelity.com)
207.46.138.6 dd.microsoft.com (download.microsoft.com)
208.158.245.135 ddcw1.barnesandnoble.com (www.bn.com)
141.242.9.50 OCR.FREEDOM.COM (www.freedom.com)
192.193.195.247 md38-01-i-dd1.citicorp.com (www.accountonline.com)
192.151.11.205 paldd1.external.hp.com (register.hp.com)
With a packet sniffer, I can see a packet returning from the remote
server, but BIND does not seem to see the packet at all, and doesn't log
anything even at the highest debug level.
I can't help but notice that most of the hostnames contain "dd". Does
that suggest they are using Cisco's "DistributedDirector" product?
The router between my nameserver and the internet does not do
firewalling, but it does do address translation for the nameserver,
using static NAT. As far as I can tell, that is the only thing even
slightly unusual about my configuration.
I've tried several versions of BIND (8.x and 4.x) on several different
Unix and Linux systems, with exactly the same result.
Any idea what is going on here? A nameserver behind NAT does not
necessarily cause problems, does it? Could my router be mishandling
something that DistributedDirector depends on? If so, what?
More information about the bind-users
mailing list