domain names not resolving

Mark Andrews Mark_Andrews at isc.org
Wed Mar 21 06:13:50 UTC 2007 

> I have a feeling this question is going to have a very obvious answer, 
> but I have searched hi and low for the last 5 hours and have not found it. 

	Fix your firewall.  You are blocking both udp and tcp connections
	to the nameserver.  

# tcpdump -n -p -i iwi0 port 53 or icmp 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on iwi0, link-type EN10MB (Ethernet), capture size 96 bytes
17:11:39.287680 IP 130.129.22.115.53838 > 207.228.252.47.53: S 3556135795:3556135795(0) win 65535 <mss 1460,nop,wscale 1,nop,nop,timestamp 166498454 0,sackOK,eol>
17:11:39.399853 IP 207.228.252.47 > 130.129.22.115: ICMP host 207.228.252.47 unreachable - admin prohibited, length 72
17:12:08.050693 IP 130.129.22.115.56558 > 207.228.252.47.53:  39434+ A? kirkyonline.com. (33)
17:12:08.158057 IP 207.228.252.47 > 130.129.22.115: ICMP host 207.228.252.47 unreachable - admin prohibited, length 69

> 
> I've got a new server installation, BIND 9.4 on Fedora Core 6.  It loads 
> fine and says its loaded 39 zones and I cannot find any error messages:
> /etc/init.d/named status
> number of zones: 39
> debug level: 0
> xfers running: 0
> xfers deferred: 0
> soa queries in progress: 0
> query logging is OFF
> recursive clients: 0/1000
> tcp clients: 0/100
> server is up and running
> 
> However, none of my domain name resolve at all, I cannot connect to 
> anything except an ip, and any other programs like sendmail don't work 
> either.
> 
> I'm using old config files so they are likely to be the source of the 
> problem.  eg
> 
>  cat /var/named/chroot/var/named/kirkyonline.com
> ;
> ; Zone file for kirkyonline.com
> ;
> 
> $TTL 3D
> @       IN      SOA     ns0.kirkyonline.com. dkirk.bigpond.net.au. (
>                         2007032004
>                         8H
>                         2H
>                         4W
>                         1D )
> ;
>                 NS      ns0.kirkyonline.com. ; Inet Address of name server
>                 NS      ns1.kirkyonline.com. ; Inet Address of name server
>                 MX      10 mail.kirkyonline.com. ; Primary Mail Exchanger
> ;
> localhost       A       207.228.252.47
> ns0             A       207.228.252.47
> ns1             A       207.228.252.194
> www             A       207.228.252.47
> mail            A       207.228.252.47
> 
>  dig +trace www.kirkyonline.com
> 
> ; <<>> DiG 9.3.4 <<>> +trace www.kirkyonline.com
> ;; global options:  printcmd
> ;; connection timed out; no servers could be reached
> 
> the name servers for the domain registration kirkyonline.com are 
> ns0.kirkyonline.com and ns1.kirkyonline.com
> 
> I've just about reached the end of my tether (no sleep for 30 hours is 
> hard) so if anyone can help me I'll give you a big kiss.
> 
> thanks
> 
> Daniel Kirk
> Managing Editor
> -~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-
> web:  http://www.sportspunter.com
>       http://www.toptipper.com
>       http://www.pickswarehouse.com
> email : editor at sportspunter.com
> phone : +61(0)410 409 237
> fax : +61(0)2 66462847
> Internet Digital Media Australia
> ABN : 51275059681
> -~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~- 
> 
> 
> 
> 
> >  
> >
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list