debug SERVFAIL
Anand Buddhdev
anandb at ripe.net
Sun Oct 2 15:51:16 UTC 2016
On 02/10/16 17:22, Per olof Ljungmark wrote:
Hello Per,
Please see my answers below. You appear to have a bad configuration.
> Hmmm, looks like I've found something here. The default named.conf on
> FreeBSD has the following section on the root servers. If I comment out
> the "traditional" root hints and instead use what is recommended below,
> all reverse lookups will generate a SERVFAIL.
>
> This is in the log:
> zone in-addr.arpa/IN: refresh: non-authoritative answer from master
> 192.5.5.241#53 (source 0.0.0.0#0)
This line indicates that your BIND server tried to XFR the in-addr.arpa
zone from f.root-servers.net (192.5.5.241). However, none of the root
servers are authoritative for the in-addr.arpa zone. Have you also
configured your BIND server to slave this from 192.5.5.241? If so, then
it's a misconfiguration.
I would also add that you should NOT slave the root and arpa zones,
unless you fully understand what you're doing. I suggest that you stop
doing it.
Just use the "hint" type configuration. This is just fine for most users.
Regards,
Anand
More information about the bind-users
mailing list