First usage of BIND9

Phil Mayers p.mayers at
Sun Nov 25 17:07:30 UTC 2012

On 11/25/2012 04:33 PM, Phil Mayers wrote:
> On 11/25/2012 04:12 PM, Daniele Imbrogino wrote:
>> Using Wireshark I can see that there are queries from my IP to a
>> root-server and replies in the reverse way, but then dig always fails
>> with a SERVFAIL. Why?
> iptables?

It has been pointed out to me off-list that iptables should not cause 
SERVFAIL - my mistake.

So, advice to OP stands: use a known-good caching nameserver config 
appropriate for your version of bind, as previously recommended in the 
thread. If that still fails, search the logs or run in debug mode e.g. 
"named -g -d 10" and see if the cause is obvious. If not, come back with 
the named.conf.

More information about the bind-users mailing list