forward only not
Len Conrad
lconrad at Go2France.com
Wed Sep 29 13:58:13 UTC 2010
FreeBSD 7.2-RELEASE
BIND 9.6.0-P1
resolv.conf:
nameserver 127.0.0.1
machine is postfix MX relay-only gateway
on a separate machines, zen.dnsbld.domain.net on IPs 10.1.60.1 & 10.1.60.2, rbldnsd is running a local copy of zen.spamhaus
nmap shows 10.1.60.1 and 10.1.60.2 with port 53 UDP open.
dig @10.1.60.1 or .2 d.c.b.a.zen.dnsbld.domain.net works.
named.conf:
zone "zen.dnsbld.domain.net" { type forward; forwarders { 10.1.60.1 ; 10.1.60.2 ; }; forward only; };
and no other forwarding statements.
named query logging shows client 127.0.0.1 (postfix/postscreen) sending queries to 127.0.0.1
tshark capture shows the BIND machine sending queries to the NSs authoritative for domain.net, rather than forwarding to the above forwarders.
The above situation on 3 different MXs. The weirdest is that when we fired up private zen and forwarding on the 3 MXs, they all worked immediately, perfectly, for about 24 hours, millions of queries, then within a few minutes, they all stopped working with the zen servers, and haven't worked since. stop/start postfix and named has not effect.
What is overriding the zone forwarding?
Len
More information about the bind-users
mailing list