No name resolution

Barry Margolin barmar at genuity.net
Thu Mar 21 22:56:08 UTC 2002


In article <a7dnv9$7dk at pub3.rc.vix.com>,
David Du SERRE-TELMON <NOSPAMdaviddst at netcourrier.com> wrote:
>Hi,
>
>I've got a very curious pb, I'm using bind 9.3.1.
>
>My DNS server can't contact root server or my ISP DNS servers (if I put them
>in forward). It can't locate DNS Server for any zone, this is the tcpdump
>trace :
>
>Name resolution using root server
>20:29:03.368886 router206.orsay.iscio.com.domain > 192.112.36.4.domain:
>[udp sum ok] 31764 [1au] A? www.yahoo.fr. . OPT  UDPsize=2048 (41) (DF) (ttl
>64, id 0, len 69)
>20:29:03.378886 router206.orsay.iscio.com.domain > 192.112.36.4.domain:
>[udp sum ok] 40810 [1au] NS? . . OPT  UDPsize=2048 (28) (DF) (ttl 64, id 0,
>len 56)
>20:29:03.378886 router206.orsay.iscio.com.domain > 192.112.36.4.domain:
>[udp sum ok] 26526 [1au] PTR? 4.36.112.192.in-addr.arpa. . OPT  UDPsize=2048
>(54) (DF) (ttl 64, id 0, len 82)
>...
>
>Internet connectivity is ok. No firewall pb...

It looks like you're using the 'query-source' option to force source port
53 on the recursive queries.  Are you sure your firewall is allowing
inbound packets to port 53, so that the replies can get through?

>Another thing very strange, if I put in forward options, a DNS present on a
>remote site link with a remote site, resolution is OK.

I'm having trouble parsing this sentence.  Does "remote site link with a
remote site" mean you have a private connection (or a VPN) to this site,
rather than going through the Internet?  If so, this supports the theory
that the problem is with your Internet firewall.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list