Bind configuration and log error

Mike Hoskins michoski at cisco.com
Wed May 23 16:38:52 UTC 2012


-----Original Message-----
From: Matus UHLAR - fantomas <uhlar at fantomas.sk>
Date: Wednesday, May 23, 2012 4:04 AM
To: <bind-users at lists.isc.org>
Subject: Re: Bind configuration and log error

>On 23.05.12 12:56, Amira Othman wrote:
>>I have in my messages log file many lines as follows but with different
>>domains unreachable what does this mean:
>>
>>named[15490]: network unreachable resolving
>>'platinum.cs.umanitoba.ca/A/IN'
>>
>>also I can't dig or nslookup or ping my DNS server remotely what should
>>I do
>>to enable that?
>
>your server has apparently problems with internet conectivity. Is it
>behind firewall?

i suppose it could be peering or some other internet anomaly as well,
anything affecting connectivity?

i'm in the middle of migrating several large sites from tiny to bind and
had to work through errors in logs with firewall admins...  allowing
general 'any 53 udp/tcp' access and adjusting permissible udp payload size
for edns are the two main examples which are well understood.  that said,
even after the firewall admins opened up access to any on 53 udp/tcp from
the name servers i still see these in my logs...but only occasionally and
typicaly for hosts that are "far away" geographically.

after having the firewall configuration shown to me in plain text, i
mostly wrote it off...how often do others see this?

thanks!





More information about the bind-users mailing list