ip forwarding DNS 9.6.0

myron kowalskM at cs.moravian.edu
Mon Apr 6 16:00:55 UTC 2009


I upgraded from 9.2.3.

I can't seem to do forwarding from a browser.

Everything works from 9.2.3. When I swap out to 9.6.0, from a command  
line I
can do: nslookup; ping outside the domain; traceroute outside the  
domain.

 From a web browser I can get out if I use the ip address. However,  
when I
put in a canonical name get an rcode 5.

There's a barracuda spam firewall in the path. If I take it out, then  
everything works.
There's really nothing to change on the barracuda as far as dns is  
concerned, other
than pointing to a dns server.

snoop on the wire:
9.6.0
barracuda -> ns     DNS C www22.verizon.com. Internet Addr ?
    ns -> barracuda DNS R  Error: 5(Refused)

9.2.3
barracuda -> ns     DNS C www22.verizon.com. Internet Addr ?
    ns -> barracuda DNS R www22.verizon.com. Internet CNAME  
www22.verizon.com.edgekey.net.

I glanced through the archives and found some suggestions about  
recursions to ip forwarding. I think the
conf is set up correctly. At least, it works fine with 9.2.3.

Here's some of my named.conf edited.

acl mylab {
        10.0.0.0/8;
};
options {
        directory       "/etc/dns";
        auth-nxdomain   yes;
};
view "trusted" {
  match-clients { mylab; };
  recursion yes;
  zone "moravian.edu" in {
        type forward;
        forwarders { 10.22.5.32; 10.22.5.38; };
  };

Any help appreciated.

--myron
=================================
Myron Kowalski
MoCoSIN Network/Systems Administrator
Moravian College
myron at cs.moravian.edu






More information about the bind-users mailing list