bind problem

Kevin Darcy kcd at daimlerchrysler.com
Thu Sep 7 21:28:16 UTC 2006


re.ivan at gmail.com wrote:
> My network is :
>
>
>
>
>
>   Router ADSL
>           |
>
>    SWITCH |---->   MyFirewall  ----- MyServer (dns+mail+www) ---
> (eth0 )192.168.0
>      |                     eth0    eth1    eth1                     |
>
>      |
>    |-------  (eth2) 192.168.1
>      |--   OldServer (dns+www)
>
> MyFirewall eth0  xx.yy.zz.7
>                  eth1   192.168.5.254
>
> MyServer    eth1  192.168.5.2
>                   eth0   192.168.0.254
>
> Firewall is a debian release with iptables. In this i have activate
> DNAT on port 53 from xx.yy.zz.7 to 192.168.5.2
>
> Myserver is a fedora 5 with bind9
>
> OldServer is a rh 7 with bind
>
> Test:
>
>  dig  miodominio.it  axfr  --> result OK
>
>
>  dig  @dns3.nic.it   myfirewall.miodominio.it
>
>
> result:
> ; <<>> DiG 9.3.2 <<>> @dns3.nic.it myfirewall.miodominio.it
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20760
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> myfirewall.miodominio.it .        IN      A
>
> ;; AUTHORITY SECTION:
> miodominio.it. 86400   IN      SOA     oldserver.miodominio.it.
> root.dns.miodominio.it. 2001120701 86400 3600 604800 86400
>
> ;; Query time: 78 msec
> ;; SERVER: 193.205.245.66#53(193.205.245.66)
> ;; WHEN: Wed Sep  6 12:26:06 2006
> ;; MSG SIZE  rcvd: 93
>
> °°°°°°°°°°°°°°°°°°°°
> I would like to replace OldServer with Myserver when new dns is right.
> Whereis the problem??
>   
What is dns3.nic.it and why are you querying it? When I try to query it 
I just get timeouts. Despite what one may assume, dns3.nic.it is *not* a 
delegated nameserver for the .it TLD.

In any case, the name myfirewall.miodominio.it does not exist. NXDOMAIN 
is therefore the correct response to a query of that name. What seems to 
be the problem here?

                                                                         
                             - Kevin



More information about the bind-users mailing list