Problem with BIND 9 and OpenBSD 3.4
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue Dec 9 22:52:54 UTC 2003
>
> <Mark_Andrews at isc.org> wrote in message news:br2ut5$1h9m$1 at sf1.isc.org...
> >
> > > I figured I'd finally get around to upgrading OpenBSD to 3.4 from 3.2
> and
> > > left BIND for last since I figured it would be trivial to get going.
> I'd
> > > never had any problems with BIND 4 or 8 in the past but I sure am having
> > > trouble now. Queries from my internal network (listed in the acl
> clients)
> > > work fine. Here's my named.conf with only the rndc.key changed (let me
> > > know if you'd like to see my zone files, too):
> > >
> > > acl clients {
> > > 192.168/16;
> > > localhost;
> > > ::1;
> > > };
> >
> > > view "authoritative" {
> > > match-clients { !clients; };
> >
> > This is "deny clients;" (explicit) "deny everyone;" (implicit).
> >
> > You want
> >
> > match-clients { !client; any; };
> >
> > or given that the internal view is before this view and will
> > collect all the clients you can remove the !clients.
> >
> > match-clients { any; };
> >
>
> Thanks for looking.
>
> Originally I had { any; }; there. So I switched back in case there were
> other things wrong in previous versions of my named.conf. But I'm still
> seeing the same problems. If I use www.dsnreport.com for troubleshooting
> the parent server stuff comes out fine but when it gets to my ns section it
> says: "None of your nameservers returned your NS records; they could be
> down
> or unreachable, or could all be lame nameservers". And I see the following
> in my logs after turning on querylog:
>
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1642: query:
> 2fortheroad.net IN NS
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1643: query:
> version.bind CH TXT
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1644: query:
> 2fortheroad.net IN SOA
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1645: query:
> 2fortheroad.net IN MX
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1646: query:
> www.2fortheroad.net IN A
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1647: query:
> 2fortheroad.net IN CNAME
> Dec 8 20:50:35 grits named[19328]: client 69.2.200.182#1648: query:
> ns1.2fortheroad.net IN CNAME
>
> Again, I've turned off pf and still no go. I had changed my host record
> with network solutions last week but per dnsreport.com they are seeing the
> new ip, 67.127.23.18.
>
> Any other ideas? My zones check out with named-checkzone and my internal
> zone works fine.
>
> Greg
This is symtomatic of a error detected at load time.
named-checkzone 2fortheroad.net master/2fortheroad.net
Also add a directory clause to options.
Mark
; <<>> DiG 8.3 <<>> 2fortheroad.net @67.127.23.18 +norec
; (1 server found)
;; res options: init defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 14253
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; 2fortheroad.net, type = A, class = IN
;; Total query time: 179 msec
;; FROM: drugs.dv.isc.org to SERVER: 67.127.23.18
;; WHEN: Wed Dec 10 09:49:24 2003
;; MSG SIZE sent: 33 rcvd: 33
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list