Problem with BIND 9 and OpenBSD 3.4

Mark_Andrews at isc.org Mark_Andrews at isc.org
Tue Dec 9 22:52:54 UTC 2003


> 
> <Mark_Andrews at isc.org> wrote in message news:br2ut5$1h9m$1 at sf1.isc.org...
> >
> > > I figured I'd finally get around to upgrading OpenBSD to 3.4 from 3.2
> and
> > > left BIND for last since I figured it would be trivial to get going.
> I'd
> > > never had any problems with BIND 4 or 8 in the past but I sure am having
> > > trouble now.   Queries from my internal network (listed in the acl
> clients)
> > > work fine.   Here's my named.conf with only the rndc.key changed (let me
> > > know if you'd like to see my zone files, too):
> > >
> > > acl clients {
> > >          192.168/16;
> > >          localhost;
> > >          ::1;
> > > };
> >
> > > view "authoritative" {
> > >          match-clients { !clients; };
> >
> > This is "deny clients;" (explicit) "deny everyone;" (implicit).
> >
> > You want
> >
> > match-clients { !client; any; };
> >
> > or given that the internal view is before this view and will
> > collect all the clients you can remove the !clients.
> >
> > match-clients { any; };
> >
> 
> Thanks for looking.
> 
> Originally I had { any; }; there.  So I switched back in case there were
> other things wrong in previous versions of my named.conf.  But I'm still
> seeing the same problems.  If I use www.dsnreport.com for troubleshooting
> the parent server stuff comes out fine but when it gets to my ns section it
> says:  "None of your nameservers returned your NS records; they could be
> down
>  or unreachable, or could all be lame nameservers".  And I see the following
> in my logs after turning on querylog:
> 
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1642: query:
> 2fortheroad.net IN NS
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1643: query:
> version.bind CH TXT
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1644: query:
> 2fortheroad.net IN SOA
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1645: query:
> 2fortheroad.net IN MX
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1646: query:
> www.2fortheroad.net IN A
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1647: query:
> 2fortheroad.net IN CNAME
> Dec  8 20:50:35 grits named[19328]: client 69.2.200.182#1648: query:
> ns1.2fortheroad.net IN CNAME
> 
> Again, I've turned off pf and still no go.  I had changed my host record
> with network solutions last week but per dnsreport.com they are seeing the
> new ip, 67.127.23.18.
> 
> Any other ideas?  My zones check out with named-checkzone and my internal
> zone works fine.
> 
> Greg

	This is symtomatic of a error detected at load time.

	named-checkzone 2fortheroad.net master/2fortheroad.net

	Also add a directory clause to options.

	Mark

; <<>> DiG 8.3 <<>> 2fortheroad.net @67.127.23.18 +norec 
; (1 server found)
;; res options: init defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14253
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;	2fortheroad.net, type = A, class = IN

;; Total query time: 179 msec
;; FROM: drugs.dv.isc.org to SERVER: 67.127.23.18
;; WHEN: Wed Dec 10 09:49:24 2003
;; MSG SIZE  sent: 33  rcvd: 33

--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org


More information about the bind-users mailing list