bind not getting out of my LAN?
LuKreme
kremels at kreme.com
Sun Aug 18 14:44:23 UTC 2013
If I try to check my dns from inside my LAN (on either ns1 or ns2), everything seems fine:
# dig webmail.covisp.net | grep -A1 ";; ANSWER" | tail -1
webmail.covisp.net. 86400 IN CNAME www.covisp.net.
# dig www.covisp.net | grep -A1 ";; ANSWER" | tail -1
www.covisp.net. 86400 IN A 75.148.117.90
# dig @ns1.covisp.net mail.covisp.net | grep -A1 ";; ANSWER" | tail -1
mail.covisp.net. 86400 IN A 75.148.117.91
But If I try to use an external server:
# dig @8.8.8.8 mail.covisp.net
; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 mail.covisp.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 10140
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.covisp.net. IN A
;; Query time: 4085 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Aug 18 08:36:34 2013
;; MSG SIZE rcvd: 33
# dig @75.75.75.75 mail.covisp.net
; <<>> DiG 9.8.3-P1 <<>> @75.75.75.75 mail.covisp.net
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Here's the top of my named.conf:
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
listen-on { 75.148.117.93; 75.148.117.91; 127.0.0.1; };
statistics-file "/var/stats/named.stats";
dnssec-enable yes;
dnssec-validation yes;
};
key "rndc-key" { algorithm hmac-md5; secret "keykeykey="; };
controls { inet 127.0.0.1 allow { 127.0.0.1; } keys { "rndc-key"; }; };
managed-keys {
"." initial-key 257 3 8
"AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF
FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX
bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD
X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz
W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS
Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq
QxA+Uk1ihz0=";
};
zone "0.0.127.IN-ADDR.ARPA" { type master; file "localhost.rev"; };
zone "." { type hint; file "slave/root-nameservers"; };
--
The older you get the more you need the people you knew when you were
young.
More information about the bind-users
mailing list