rndc confusion.

[Simon Waters]

Ian Diddams wrote:
> Scenario :  sol9, bind 9.2.3, system named t101-nic1, ip x.x.x.x
> Requirement : external resolver
> 
> I can do it with bind 8, but rndc is causing me so much hassle I can't
> make it work under bind 9.  I've read until my eyes bleed but it ain;t
> not making not no difference guvnor!
My guess is it isn't rndc.

rndc is a control channel issue - I believe BIND 9 works as a resolver
fine without rndc properly configured - but since I have a scripted
install it has been a while.

Of course you might have no supported way of stopping named if rndc
doesn't work, but that is another issue.

> when I try to actually use the service though...
> 
> root at t101 # nslookup
> Note:  nslookup is deprecated and may be removed from future releases.
> Consider using the `dig' or `host' programs instead.

Is this hint not big enough ;)

what does "dig @127.0.0.1" www.cisco.com show ?

Try also "dig +trace www.cisco.com" (should list in turn "." (root)
servers "com." servers, "cisco.com" servers and then an answer).

>>www.cisco.com
> 
> ;; connection timed out; no servers could be reached

Network connectivity? Do you have a firewall? Have you checked it is
configured right, BIND 9 uses a port from the anonymous port range by
default for initiating queries (not source port 53, but it is configurable).


-- Attached file included as plaintext by Ecartis --
-- File: signature.asc
-- Desc: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAUOFSGFXfHI9FVgYRAvduAJkBUXxVMk+L75omlfnatdIOEz8Y+QCePwIM
4bvQD6bpG+HbAAGbYsjlEUU=
=RMpd
-----END PGP SIGNATURE-----