bind server fails to deliver
Barry Margolin
barmar at alum.mit.edu
Sun Feb 27 14:10:04 UTC 2005
In article <cvrgda$2fka$1 at sf1.isc.org>,
Jeff Lasman <blists at nobaloney.net> wrote:
> Scenario:
>
> Running bind:
>
> <snip>
> named 8.2.7-REL Fri Dec 19 02:12:52 PST 2003
>
> admin at indraq4.blr03-01.india.sun.com:/home/redhat/BUILD/bind-8.2.7/src/bin/nam
> ed
> </snip>
>
> No choice in the matter at least for the moment; it's a Sun Cobalt RaQ.
>
> Running it on ns3.dnssys.com and on ns5.dnssys.com.
>
> Running it with exactly the same named.conf file on both machines
> (copied over with scp).
>
> Both nameservers are authoritative for 65.58.240.229.
>
> See:
>
> dig @ns2.level3.net -x 65.58.240.229
>
> But...
>
> ns5.dnssys.com is authoritative and does return a response
> ns3.dnssys.com returns a SERVFAIL
>
> see:
>
> dig @ns5.dnssys.com -x 65.58.240.229
> dig @ns3.dnssys.com -x 65.58.240.229
>
> When we delete the zone file and restart bind, it DOES load a new file
> from the master server (ns1.dnssys.com) but it still continues to
> return a SERVFAIL.
>
> It returns a SERVFAIL for every IP in that in-addr.arpa zone, though it
> does return correct information for another in-addr.arpa zone.
>
> And ns5.dnssys.com works as it should.
Since this reverse domain is implemented using RFC 2317, your server
can't resolve the reverse entries unless it can see the CNAME records in
the parent zone. So it either needs to be a slave for the parent zone
or be able to recurse. You have recursion enabled, but don't seem to
have the root hints loaded, so it doesn't know where to recurse to!
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list