problem with resolving SOME EXTERNAL domains
tsar.peter at gmail.com
Mon Jun 13 05:23:39 UTC 2005
<enesz at bih.net.ba> wrote in message news:<d844sf$1cv$1 at sf1.isc.org>...
> Hi all,
> I am new to this mailing list.
> I administrate two name servers (master and slave).
> Configuration is Solaris 9, Bind 9.2.3.
> When I moved the Bind to new hardware platform (two SPARC machines)
> problems started to hapen.
> I just can not resolve some domais (mail admistrators says that this is
> big amount of domains not resolving - mail communicate with DNS server
> because of SPAMASSASIN).
> DNS server from some other domain CAN resolve those domains
> (www.dnsstuff.com <http://www.dnsstuff.com/> also).
> I am prety much sure that my Bind configuration is fine, i checked
> nsswintch.conf file, DNS servers ARE NOT behind any firewall, i put
> query-source address * port 53; directive in named.conf (in every case),
> BUT NOTHING HELPS.
> TCP and UDP seems works fine. I checked it through SNOOP and netstat -s.
> Do you have some sugestions.
> Thanks in advance.
> P.S I used default installations of Solaris 9 form vendor (Fujitsu
> Siemens). I thinking of new instalation of Solaris 9.
I have read the trhread until 10 june, and also tried a few
'dig's to your nameservers.
And it seems to me that :
1/ your named is working correct
2/ at least "usno.navy.mil"'s nameservers are refusing to communicate
with your ip-range ( or provider)
My observation is based on :
"dig ipsec.se ns @184.108.40.206" ( this works )
"dig usno.navy.mil ns @220.127.116.11" ( end with a refusal)
I would start checking about connectivity and possible change of ISP.
More information about the bind-users