Diagnostic help part 2

Bill Christensen billc_lists at greenbuilder.com
Wed Oct 1 01:18:54 UTC 2014


On 9/30/14, 5:52 PM, Rich Goodson wrote:
> If named is running and doesn't respond on the external interface, 
> it's possible that your listen-on {}; directive is set to only localhost.

You may have hit on hit there.  It was set to
     listen-on { 127.0.0.1; };

I just changed that to:
     listen-on { 205.238.182.102; };
and it appears to have made all the difference.

I'm no longer seeing the errors from (at least, some of) the online DNS 
tests that 102 doesn't respond.  I'm guessing the others have cached 
info from lookups earlier today.

Please let me know if you see otherwise.

Now to get on with some of the other cleanup tasks.

Thanks for the help.
>
> TCP connections to 205.238.182.102 come back "Connection refused", so 
> it's possible that BIND just isn't listening on the interface or 
> perhaps you're filtering the inbound queries.   Do you see the queries 
> come in to the box, either via packet dump or query logs?
>
>
> -Rich
>
>
> On Sep 30, 2014, at 5:30 PM, Bill Christensen 
> <billc_lists at greenbuilder.com <mailto:billc_lists at greenbuilder.com>> 
> wrote:
>
>> On 9/30/14, 4:15 PM, Charles Swiger wrote:
>>> Hi--
>>>
>>> On Sep 30, 2014, at 1:59 PM, Bill Christensen 
>>> <billc_lists at greenbuilder.com <mailto:billc_lists at greenbuilder.com>> 
>>> wrote:
>>>> Fair enough.
>>>>
>>>> <http://localhost:10800/bind8/edit_master.cgi?zone=Africabound.org>Africabound.org 
>>>> <http://africabound.org/>
>>>> SustainableSources.com <http://SustainableSources.com>
>>>>
>>>> The server that's giving problems is ns1.sustainablesources.com 
>>>> <http://ns1.sustainablesources.com> 205.238.182.102
>>>
>>> Your 102 box doesn't seem responding to 53/udp or 53/tcp from the 
>>> outside:
>>>
>>> http://www.dnsinspect.com/sustainablesources.com/1412110958
>>>
>>> There's a bunch of other issues.  In particular, BIND 9.6-ESV is the 
>>> oldest version
>>> which anyone should be running on the public internet, and even that 
>>> is sufficiently
>>> obsolete that I think support for that ended this year.
>>>
>>> Regards,
>>> -- 
>>> -Chuck
>>>
>> I'm aware that the BIND 9.6 on the other machine is rather ancient, 
>> and have plans to move off it in the reasonably near future.  And the 
>> other issues.  Trying to clean them all up.
>>
>> But I still have the initial problem of getting 
>> ns1.sustainablesources.com <http://ns1.sustainablesources.com> 
>> 205.238.182.102 to answer.  This is a clean install of the latest 
>> BIND available, after a system upgrade, so there's probably something 
>> wrong with my config. Problem is, I don't know what.  I've been over 
>> it dozens of times and am stuck, otherwise I wouldn't have posted here.
>>
>> Is it kosher to post the config file here?
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org <mailto:bind-users at lists.isc.org>
>> https://lists.isc.org/mailman/listinfo/bind-users
>
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140930/18e3e07a/attachment-0001.html>


More information about the bind-users mailing list