I am posting here as a last resort and hope someone can help me.<br><br>I am running RHEL6 and installed bind-chroot package. I have tried everything, and even posted to a linux forum I belong to for help. After three pages and a boat load of troubleshooting no resolution.<br>
<br>Here is a link to the 3 page forum thread if your interested in seeing all that we tried to do. There is debug information and even tcpdump info in there.<br><a href="http://www.linuxquestions.org/questions/linux-server-73/bind-dns-recursion-now-working-924978/">http://www.linuxquestions.org/questions/linux-server-73/bind-dns-recursion-now-working-924978/</a><br>
<br>If anyone can help it would be greatly appreciated. If you need any more information please let me know.<br><br><br>This DNS server does not answer recursive queries. Here is my config.<br><br>options {<br> directory "/var/named";<br>
allow-query { any; };<br> recursion yes;<br> edns-udp-size 512;<br> listen-on-v6 { none; };<br>};<br>logging{<br> channel query_log {<br> file "ns1-bind.log" versions unlimited size 100m;<br>
severity info;<br> print-time yes;<br> print-severity yes;<br> print-category yes;<br> };<br> category xfer-in{ query_log; };<br> category xfer-out{ query_log; };<br> category update{ query_log; };<br>
category general{ query_log; };<br> category queries{ query_log; };<br> channel default_debug {<br> file "data/named.run";<br> severity dynamic;<br> };<br>
};<br><br>key "dnsadmin" {<br> algorithm hmac-md5;<br> secret "pjbruihfeuhruehferfw=";<br>};<br><br>controls {<br> inet 127.0.0.1 allow { localhost; } keys { dnsadmin; };<br>};<br><br><br>zone "." IN {<br>
type hint;<br> file "<a href="http://named.ca">named.ca</a>";<br>};<br><br>include "/etc/named.rfc1912.zones";<br><br><br><br><br>When I try to query <a href="http://google.com">google.com</a> it just hangs then returns a servfail:<br>
# dig @localhost <a href="http://google.com">google.com</a><br><br>; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @localhost <a href="http://google.com">google.com</a><br>; (2 servers found)<br>
;; global options: +cmd<br>;; Got answer:<br>;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58542<br>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0<br><br>;; QUESTION SECTION:<br>;<a href="http://google.com">google.com</a>. IN A<br>
<br>;; Query time: 2695 msec<br>;; SERVER: 127.0.0.1#53(127.0.0.1)<br>;; WHEN: Mon Jan 23 16:01:27 2012<br>;; MSG SIZE rcvd: 28<br><br><br>If I do a dig with +trace at the end it works:<br>[root@ns1 etc]# dig @localhost <a href="http://google.com">google.com</a> +trace<br>
<br>; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @localhost <a href="http://google.com">google.com</a> +trace<br>; (2 servers found)<br>;; global options: +cmd<br>. 518342 IN NS <a href="http://d.root-servers.net">d.root-servers.net</a>.<br>
. 518342 IN NS <a href="http://c.root-servers.net">c.root-servers.net</a>.<br>. 518342 IN NS <a href="http://b.root-servers.net">b.root-servers.net</a>.<br>. 518342 IN NS <a href="http://a.root-servers.net">a.root-servers.net</a>.<br>
. 518342 IN NS <a href="http://l.root-servers.net">l.root-servers.net</a>.<br>. 518342 IN NS <a href="http://f.root-servers.net">f.root-servers.net</a>.<br>. 518342 IN NS <a href="http://g.root-servers.net">g.root-servers.net</a>.<br>
. 518342 IN NS <a href="http://j.root-servers.net">j.root-servers.net</a>.<br>. 518342 IN NS <a href="http://e.root-servers.net">e.root-servers.net</a>.<br>. 518342 IN NS <a href="http://h.root-servers.net">h.root-servers.net</a>.<br>
. 518342 IN NS <a href="http://i.root-servers.net">i.root-servers.net</a>.<br>. 518342 IN NS <a href="http://m.root-servers.net">m.root-servers.net</a>.<br>. 518342 IN NS <a href="http://k.root-servers.net">k.root-servers.net</a>.<br>
;; Received 340 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms<br><br>com. 172800 IN NS <a href="http://a.gtld-servers.net">a.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://b.gtld-servers.net">b.gtld-servers.net</a>.<br>
com. 172800 IN NS <a href="http://c.gtld-servers.net">c.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://d.gtld-servers.net">d.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://e.gtld-servers.net">e.gtld-servers.net</a>.<br>
com. 172800 IN NS <a href="http://f.gtld-servers.net">f.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://g.gtld-servers.net">g.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://h.gtld-servers.net">h.gtld-servers.net</a>.<br>
com. 172800 IN NS <a href="http://i.gtld-servers.net">i.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://j.gtld-servers.net">j.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://k.gtld-servers.net">k.gtld-servers.net</a>.<br>
com. 172800 IN NS <a href="http://l.gtld-servers.net">l.gtld-servers.net</a>.<br>com. 172800 IN NS <a href="http://m.gtld-servers.net">m.gtld-servers.net</a>.<br>;; Received 488 bytes from 199.7.83.42#53(<a href="http://l.root-servers.net">l.root-servers.net</a>) in 42 ms<br>
<br><a href="http://google.com">google.com</a>. 172800 IN NS <a href="http://ns2.google.com">ns2.google.com</a>.<br><a href="http://google.com">google.com</a>. 172800 IN NS <a href="http://ns1.google.com">ns1.google.com</a>.<br>
<a href="http://google.com">google.com</a>. 172800 IN NS <a href="http://ns3.google.com">ns3.google.com</a>.<br><a href="http://google.com">google.com</a>. 172800 IN NS <a href="http://ns4.google.com">ns4.google.com</a>.<br>
;; Received 164 bytes from 192.54.112.30#53(<a href="http://h.gtld-servers.net">h.gtld-servers.net</a>) in 97 ms<br><br><a href="http://google.com">google.com</a>. 300 IN A 74.125.115.99<br><a href="http://google.com">google.com</a>. 300 IN A 74.125.115.106<br>
<a href="http://google.com">google.com</a>. 300 IN A 74.125.115.104<br><a href="http://google.com">google.com</a>. 300 IN A 74.125.115.103<br><a href="http://google.com">google.com</a>. 300 IN A 74.125.115.105<br>
<a href="http://google.com">google.com</a>. 300 IN A 74.125.115.147<br>;; Received 124 bytes from 216.239.32.10#53(<a href="http://ns1.google.com">ns1.google.com</a>) in 30 ms<br><br>You have new mail in /var/spool/mail/root<br>
<br><br>