Name Resolve

Wael Shahin wael.shahin at gmail.com
Thu Mar 15 11:02:16 UTC 2007 

Hello

> As you can see here, your DNS server returns SERVFAIL (server
> failure), which can be caused by many things. It's hard to tell
> without looking at the configuration file, IMO.

Here is the conf file
options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        version "Get Lost";
        allow-query { trusted; localhost; };
        allow-recursion { localhost; trusted; };
        minimal-responses yes;
        blackhole { badguys;  };
        notify yes;
//      max-ncache-ttl 1;
        allow-transfer { secondaries; };
        also-notify {192.168.1.101; 192.168.10.9;}; // all zones
        allow-notify { secondaries; };
        recursive-clients 30000;
};


logging {





        channel default_debug {
                file "/var/log/named/named.log" size 5m;
                severity critical;
                };
        category security {
                null;
                };
        category client {
                null;
                };
        category lame-servers {
                null;
                };
        category queries {
                null;
                };
};

//
// a caching only nameserver config
//
controls {
        inet 192.168.1.102 allow { 192.168.1.102; } keys { "rndckey"; };
};


>> i have tried to flush the dns cache and i end up with the same result,
>> I have another DNS server BIND 9.3.2
>> and it is resolving just fine
> 
> Well, I would look for differences in the way the two servers are set up.
Well, the other server is views and it is not complex at all

options {
        directory "/var/named/";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        version "Get Lost";
        datasize default;
        querylog no;
        recursive-clients 30000;
        edns-udp-size 512;
        pid-file "/var/named/named.pid";
        /*
         * If there is a firewall between you and nameservers you want
         * to talk to, you might need to uncomment the query-source
         * directive below.  Previous versions of BIND always asked
         * questions using port 53, but BIND 8.1 uses an unprivileged
         * port by default.
         */
         // query-source address * port 53;
};


View 1
acl internal { 192.168.0.0/16; };
view "internal" {
        match-clients { internal; };
        recursion yes;    



>>
>>
>>

More information about the bind-users mailing list