server will only answer for it's own zones
James Ervin
listuser at kites.org
Sun Jan 13 13:59:06 UTC 2002
Hello:
I have a server that will not answer for any zone other than one in which
it is authoritative. I have tried this with recursive on or left out of
the config with no change in behavior. I have ensured that there is no
packet filtering involved as I have removed the firewall for all testing
sessions. The named.conf is at the end of the email. This really looks
like it has a bum named.root cache, but I am no expert. Here is a dig that
will show my point (the first is for a zone that it is authoritative for
and the second is not):
[root at kites net]# dig @ns2.ci.bedford.va.us kites.org. any
; <<>> DiG 9.1.3 <<>> @ns2.ci.bedford.va.us kites.org. any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63979
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;kites.org. IN ANY
;; ANSWER SECTION:
kites.org. 900 IN SOA kites.kites.org.
james.kites.org. 200201071 900 300 2592000 900
kites.org. 900 IN NS kites.kites.org.
kites.org. 900 IN NS ns2.ci.bedford.va.us.
kites.org. 900 IN MX 5 kites.kites.org.
;; AUTHORITY SECTION:
kites.org. 900 IN NS ns2.ci.bedford.va.us.
kites.org. 900 IN NS kites.kites.org.
;; ADDITIONAL SECTION:
ns2.ci.bedford.va.us. 900 IN A 24.197.31.131
kites.kites.org. 900 IN A 24.197.0.67
;; Query time: 58 msec
;; SERVER: 24.197.31.131#53(ns2.ci.bedford.va.us)
;; WHEN: Sun Jan 13 08:45:26 2002
;; MSG SIZE rcvd: 199
[root at kites net]# dig @ns2.ci.bedford.va.us hp.com. any
; <<>> DiG 9.1.3 <<>> @ns2.ci.bedford.va.us hp.com. any
;; global options: printcmd
;; connection timed out; no servers could be reached
Here is the named.conf (with many zones deleted for brevity):
logging {
category lame-servers { null; };
category default { default_syslog; default_debug; };
channel default_debug {
file "/var/log/named"; # write to named.run in the working
directory
# Note: stderr is used instead of
"named.run"
# if the server is started with the -f
option.
severity dynamic; # log at the server's current debug level
};
};
options {
allow-recursion {
any;
};
notify no;
directory "/etc/dns";
query-source address * port 53;
forwarders {
198.6.1.122;
198.6.1.142;
198.6.1.146;
};
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "named.local";
};
zone "ci.bedford.va.us" {
type slave;
file "db.ci.bedford.va.us";
masters { 24.197.0.67; };
};
zone "kites.org" {
type slave;
file "db.kites.org";
masters { 24.197.0.67; };
};
zone "." IN {
type hint;
file "named.root";
}
More information about the bind-users
mailing list