strange dig behavior
Barry Margolin
barmar at alum.mit.edu
Mon Dec 21 03:59:12 UTC 2009
In article <mailman.18.1261358139.21153.bind-users at lists.isc.org>,
Pamela Rock <prock111 at yahoo.com> wrote:
> I've got the following three scenarios
>
> The client can query a domain A residing on a recursive name server.
What do you mean by a domain "residing" on a recursive nameserver? If a
domain resides on a server, the server should be authoritative for that
domain.
>
> The client can query a domain B on an authratative name server.
>
> When client queries domain B through the RNS, a Status: refused results.
>
> I don't know what is causing the refused. IP tables is off everywhere, and
> there are no ACL's on routers or firewalls.
>
> The only error I'm seeing is the following in the debug log
>
> 20-Dec-2009 19:21:09.443 query-errors: debug 3: client 172.16.0.5#41484:
> query failed (REFUSED) for test.com/IN/A at query.c:3882
>
> I'm running bind 9.6.1 on RH ES 5 64 bit O/S. Any ideas? Thanks!!
Is that log on the recursive nameserver or the authoritative nameserver?
If it's on the recursive server, is the client in the allow-recursion
ACL on the server?
If it's on the authoritative server, is the recursive server in the
allow-query ACL?
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list