Weird DNS Problems

D McDonald renski at
Wed Dec 15 11:55:00 UTC 2004

Sorry if this is a repeat, I signed up with renski at, and then tried to send it out as renski at sdf

Hi All,

About a week ago we switched the DNS server of our domain to It's a redhat
machine running bind 9.2.3. However it now seems that on some DNS servers are unable to resolve some addresses.
For example on one isp works fine (non-auth), but doesnt work. It appears
that some of these servers are running on cache alone, im not sure. This is only the second BIND server ive set
up, and the first was a internal server. Below is my config file..

// generated by
// edited by Darren on Sept 9th, 2004
//      added logging
//      changed security slightly
// edited by Lee on 9/14/04
//      added fordwarding
// editedby Darren on 1st of Dec, '04
//      added SOA tweaks
//      added localhost domain (Apprently this is 'required')
//      added PID file path

// To begin with, define groups of IPs for reference later
//   perhaps as zone transfer peers or something
// Trusted (for updates later on)
acl trusted_ips {

acl users {

// Now define specific options for the DNS system
options {

        /* forwarding */
        /* this is where you put the ISP's DNS systems ... best to use root servers */
        forwarders {;; };

        /* this means anybody can query us */
        allow-query { users; };

        /* Don't reply to version queries, none of anybody's business */
        version "Not Currently Available";

        /*Limits Caching, apprently required for a SOA server*/
        recursion no;

        /*PID file (Process ID file*/
        pid-file "/var/named/";

logging {
  channel default_syslog {
    /* this means create 20 log files that are 1MB in size before rolling over and updating */
    /* most current would then be /var/named/log/log, oldest would be /var/named/log/log.020 */
    file "/var/named/log/log" versions 20 size 1M;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;
  channel query_log {
    file "/var/named/log/qlog" versions 5 size 1M;
    severity info;
    print-time yes;
    print-severity yes;
    print-category yes;

  category lame-servers {null;}; //might want to turn this on later
  category config   {default_syslog;};
  category update   {default_syslog;};
  category xfer-in  {default_syslog;};
  category xfer-out {default_syslog;};
  category security {default_syslog;};
  category queries  {query_log;};

// Zone Records

zone "" IN {
        type master;
        file "/var/named/";

// required localhost
zone "localhost" IN {
        type master;
        file "/var/named/";

Here is

$TTL 43200
@ IN    SOA sysop at      (
                                14 ; serial
                                600 ; refresh, 2 minutes (TEMP VALUE FOR TESTING)
                                60 ; retry (TEMP)
                                3600000 ; expire
                                43200 ; ttl, 12 hours MAX for caching (TEMP)
@               IN      A
                IN      NS
                IN      MX      1
saturn3         IN      A
saturn4         IN      A  ; this is not a typo
; saturn1               ; internal use only
; WVC WWW             
www             IN      A
smartsystem     IN      A
ns              IN      A
ns2             IN      A
webplus2        IN      A
webplus3        IN      A
; lpar3 also          
lpar3           IN      A
lpar4           IN      A
lpar1ftp        IN      A
lpar3ftp        IN      A
lpar4ftp        IN      A
ftp3            IN      A
ftp2            IN      A
lpar1           IN      A
ftp             IN      A
vr              IN      A

If you set the server as your dns server it works fine, and ive checked the domain under whois,
and the first listed server is I just dont get it. If anyone can see
something im doing wrong, id be most grateful.


renski at
SDF Public Access UNIX System -

More information about the bind-users mailing list