new bind 9.9 and root NS
Michael Hoskins (michoski)
michoski at cisco.com
Mon Aug 6 17:56:38 UTC 2012
From: Doug O'Leary <dkoleary at olearycomputers.com>
Date: Monday, August 6, 2012 9:58 AM
To: 'Doug Barton' <dougb at dougbarton.us>, Mike Hoskins <michoski at cisco.com>
Cc: "comp-protocols-dns-bind at isc.org" <comp-protocols-dns-bind at isc.org>
Subject: RE: new bind 9.9 and root NS
>After the network admin verified there was no firewall rule differences,
>powered off the old secondary server and re-IPed the new one with the old
>secondary. The old secondary is able to get to the root nameservers w/o
>issue. Once we re-IPed the new one, it still was unable to get to the
>nameservers via dig.
Just checking the obvious; no host-based firewall on the new box? Is it
the same OS?
>I also downloaded and installed lft - layer four traceroute (wonderful
>program, that one is). Lft was unable to get *anywhere* using udp
>regardless of what the IP address of the new system is. So, there's
>something with the virtualization software, vmware, which is preventing
>packets. There are some web sites saying the same thing so this isn't
>completely out of the blue. The client's opening a service call with
>to see if there's a resolution.
I'm serving several thousand clients using VMware + BIND, so I'm curious
to see where this goes. :-)
Which VMware product are you using, and what host platform?
More information about the bind-users