servfail, but on only one interface

Kevin Darcy kcd at daimlerchrysler.com
Tue Jan 30 03:58:00 UTC 2001


nslookup sucks. One of its more annoying "features" is that it aborts if it
can't reverse-resolve the address of the nameserver it is trying to use.
Apparently your nameserver can reverse-resolve 216.128.200.2 but not
206.154.2.1. In fact, it would appear that the nameserver is returning
SERVFAIL for the latter address, which is something you should look into.

But even if you get the reverse lookup fixed, and nslookup starts
"working" again, you should consider using a real lookup tool like "dig".
nslookup has plenty of other "features" in addition to
abort-on-reverse-lookup-failure which complicate and obstruct the task of
troubleshooting DNS. This is why the regulars on this list have pretty much
unanimously given it up in disgust.


- Kevin

Chad Miller wrote:

> Hi.  I'm relatively experienced with bind, and have recently upgraded to
> 9.1.0.
>
> Upon running the new binary, I can query to one interface, 'dummy0', and
> get expected results, but querys to the 'eth0' interface return
> ServFails, and I can't determine why.
>
> The configuration file is relatively clean (quoted by '#'):
>
> # options {
> #     directory "/var/named/zones";
> #     // ** an 'allow-transfer' list edited out **
> #     files 128;
> # };
> #
> #
> # logging {
> #     channel syslogd {
> #         syslog local0;
> #     };
> #     channel logfile {
> #         file "/var/named/named.log";
> #         print-time yes;
> #     };
> #     category config { syslogd; };
> # };
> #
> # zone "." {
> #     type hint;
> #     file "zoneinfo";
> # };
> #
> # include "/var/named/generated_named.conf";
> # // this has nothing but zone declarations.
>
> ...and the log file yields at startup:
>
> # Jan 29 19:34:05 erin named[15313]: starting BIND 9.1.0
> # Jan 29 19:34:05 erin named[15313]: using 1 CPU
> # Jan 29 19:34:05 erin named[15315]: loading configuration from \
>   '/etc/named.conf'
> # Jan 29 19:34:06 erin named[15315]: the default for the 'auth-nxdomain' \
>   option is now 'no'
> # Jan 29 19:34:06 erin named[15315]: no IPv6 interfaces found
> # Jan 29 19:34:06 erin named[15315]: listening on IPv4 interface lo, \
>   127.0.0.1#53
> # Jan 29 19:34:06 erin named[15315]: listening on IPv4 interface eth0, \
>   206.154.2.1#53
> # Jan 29 19:34:06 erin named[15315]: listening on IPv4 interface dummy0, \
>   216.128.200.2#53
> [...]
> # Jan 29 19:34:10 erin named[15315]: running
>
> >From another host, I run nslookup to those addresses:
>
> # cmiller at canard:~$ nslookup canard 216.128.200.2
> # Server:  ns.surfsouth.com
> # Address:  216.128.200.2
> #
> # Name:    canard.surfsouth.com
> # Address:  216.128.143.37
> #
> # cmiller at canard:~$ nslookup canard 206.154.2.1
> # *** Can't find server name for address 206.154.2.1: Server failed
> # *** Default servers are not available
>
> Nothing interesting turns up in the logs, AFAICT.  I hope someone has
> more clue than I do about this.  Any suggestions?  Ideas?
>
>                                                 - chad
>
> --
> Chad Miller <cmiller at surfsouth.com>   URL: http://web.chad.org/   (GPG)
>
>                    |
>         Ceci n'est pas une pipe            -- Daniel Case





More information about the bind-users mailing list