Problems with upgrade to 9.5.1b1
Chris Buxton
cbuxton at menandmice.com
Tue Jul 15 17:54:12 UTC 2008
Rob,
This change was made at 9.4: The default for "allow-recursion" is no
longer "{ any; }". It's now "{ localhost; localnets; }".
To fix this, set your allow-recursion explicitly to permit recursive
queries from your subnets.
Chris Buxton
Professional Services
Men & Mice
On Jul 15, 2008, at 9:34 AM, Rob Tanner wrote:
> I'm running bind 9.3.4 (a Fedora Core distro version) and trying to
> upgrade to (technically, replace it with) 9.5.1b1. I simply ran
> configure (no options) and make and then installed it. Since it
> installs in /usr/local, that doesn't create a problem as I can run one
> version of the other.
> I'm doing initial testing with nslookup and the problem I'm seeing
> with
> 9.5.1b1 is that while it correctly resolves in all cases for host
> names
> and IP addresses that are local (i.e., names/addresses for which it's
> authoritative), when I try other lookups, for instance, www.cnn.com,
> nslookup I get different results, depending on whether or not the
> query
> is coming from a machine in the same address segment is the DNS
> server.
> Queries coming from machine within the same IP segment as the DNS
> server
> work fine. Queries coming from machines in different address segments
> get th response:
>
> ** server can't find <host name>: REFUSED
>
> At the same time I get a log entry like:
>
> client 10.219.255.250#39750: view internal: query (cache)
> 'www.cnn.com/A/IN' denied
>
> I get this using the same db files and named.conf file that 9.3.4 runs
> against and I don't have this problem with 9.3.4. I'm assuming that
> it's some sort of configuration issue, but I don't know what. Any
> ideas? Would it help if I posted my named.conf file (or would I
> becreating an issue for mself by making that file public).
>
> Thanks,
>
> Rob Tanner
> UNIX Service Manager
> Linfield College
>
>
>
>
More information about the bind-users
mailing list