server will only answer for it's own zones

James Ervin listuser at kites.org
Sun Jan 13 13:59:06 UTC 2002


Hello:

I have a server that will not answer for any zone other than one in which 
it is authoritative.  I have tried this with recursive on or left out of 
the config with no change in behavior.  I have ensured that there is no 
packet filtering involved as I have removed the firewall for all testing 
sessions.  The named.conf is at the end of the email.  This really looks 
like it has a bum named.root cache, but I am no expert.  Here is a dig that 
will show my point (the first is for a zone that it is authoritative for 
and the second is not):

[root at kites net]# dig @ns2.ci.bedford.va.us kites.org. any

; <<>> DiG 9.1.3 <<>> @ns2.ci.bedford.va.us kites.org. any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63979
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;kites.org.                     IN      ANY

;; ANSWER SECTION:
kites.org.              900     IN      SOA     kites.kites.org. 
james.kites.org. 200201071 900 300 2592000 900
kites.org.              900     IN      NS      kites.kites.org.
kites.org.              900     IN      NS      ns2.ci.bedford.va.us.
kites.org.              900     IN      MX      5 kites.kites.org.

;; AUTHORITY SECTION:
kites.org.              900     IN      NS      ns2.ci.bedford.va.us.
kites.org.              900     IN      NS      kites.kites.org.

;; ADDITIONAL SECTION:
ns2.ci.bedford.va.us.   900     IN      A       24.197.31.131
kites.kites.org.        900     IN      A       24.197.0.67

;; Query time: 58 msec
;; SERVER: 24.197.31.131#53(ns2.ci.bedford.va.us)
;; WHEN: Sun Jan 13 08:45:26 2002
;; MSG SIZE  rcvd: 199

[root at kites net]# dig @ns2.ci.bedford.va.us hp.com. any

; <<>> DiG 9.1.3 <<>> @ns2.ci.bedford.va.us hp.com. any
;; global options:  printcmd
;; connection timed out; no servers could be reached

Here is the named.conf (with many zones deleted for brevity):

logging {
              category lame-servers { null; };
              category default { default_syslog; default_debug; };
              channel default_debug {
              file "/var/log/named";    # write to named.run in the working 
directory
                                   # Note: stderr is used instead of 
"named.run"
                                   # if the server is started with the -f 
option.
              severity dynamic;    # log at the server's current debug level
          };
};

options {
        allow-recursion {
        any;
        };
         notify no;
         directory "/etc/dns";
        query-source address * port 53;
         forwarders {
                 198.6.1.122;
                 198.6.1.142;
                 198.6.1.146;
         };
};

zone "0.0.127.IN-ADDR.ARPA" {
         type master;
         file "named.local";
};

zone "ci.bedford.va.us" {
         type slave;
         file "db.ci.bedford.va.us";
         masters { 24.197.0.67; };
};

zone "kites.org" {
         type slave;
         file "db.kites.org";
         masters { 24.197.0.67; };
};

zone "." IN {
         type hint;
         file "named.root";
         }



More information about the bind-users mailing list