<div class="gmail_quote">2012/4/19 Ellad G. Yatsko <span dir="ltr"><<a href="mailto:eyatsko@ngs.ru" target="_blank">eyatsko@ngs.ru</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
Nope. FreeBSD is not the master for <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>. It
delegates zone sokol.msk only. <br>
Not more.Master for <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a> is
<a href="http://srvgate.sokol.msk.united-networks.ru" target="_blank">srvgate.sokol.msk.united-networks.ru</a> (Ubuntu<br>
server).<br>
<br>
Indeed, now when I try nslookup <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a> - it
returns me its IP. FreeBSD asks for zone<br>
information Ubuntu. Ubuntu answers. But when I try to resolve what
is "<a href="http://ap-1131.sokol.msk.united-networks.ru" target="_blank">ap-1131.sokol.msk.united-networks.ru</a>" <br>
FreeBSD is silent as before. It does not ask Ubuntu. It does not
return any IP: NXDOMAIN.<br>
<br>
Kind regards,<br>
Ellad<br></div></blockquote><div><br>Is zone <a href="http://sokol.msk.united-networks.ru/" target="_blank">united-networks.ru</a> listed in external view? If so has it records for sokol.msk.<a href="http://sokol.msk.united-networks.ru/" target="_blank">united-networks.ru</a>? Is option "recursion yes" global or view-specific? Could you provide configuration details for recursing and forwarding?<br>
</div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000">
<blockquote type="cite"><br>
<div class="gmail_quote"><div>2012/4/19 Ellad G. Yatsko <span dir="ltr"><<a href="mailto:eyatsko@ngs.ru" target="_blank">eyatsko@ngs.ru</a>></span><br>
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><div> Hello!<br>
Here is output:<br>
/etc/namedb> dig @<a href="http://172.16.0.1" target="_blank">172.16.0.1</a> <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.
NS +norec<br>
<br></div>
; <<>> DiG 9.4.3-P2 <<>> @<a href="http://172..16.0.1" target="_blank">172.16.0.1</a> <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>.
NS +norec<div><br>
; (1 server found)<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id: 14255<br>
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
ADDITIONAL: 2<br>
<br>
;; QUESTION SECTION:<br>
;<a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.
IN NS<br>
<br>
;; AUTHORITY SECTION:<br>
</div><a href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>.
3600 IN NS <a href="http://srvgate.sokol.msk.united-networks.ru" target="_blank">srvgate.sokol.msk.united-networks.ru</a>.<div><br>
<br>
;; ADDITIONAL SECTION:<br>
<a href="http://srvgate.sokol.msk.united-networks.ru" target="_blank">srvgate.sokol.msk.united-networks.ru</a>.
3359 IN A 172.31.16.16<br>
<a href="http://srvgate.sokol.msk.united-networks.ru" target="_blank">srvgate.sokol.msk.united-networks.ru</a>.
3359 IN A 172.16.16.1<br>
<br>
;; Query time: 0 msec<br>
;; SERVER: 172.16.0.1#53(172.16.0.1)<br>
;; WHEN: Thu Apr 19 14:08:55 2012<br>
;; MSG SIZE rcvd: 100<br>
</div></div>
</blockquote>
<div><br>
Looks good for me. <br>
<br>
</div>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> <br>
I noticed that after some time FreeBSD still tried to ask
for <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>
from Ubuntu (srvgate.sokol.msk).<div><div><br>
It happened after 2-3 minutes after "named" was restarted on
FreeBSD. But now FreeBSD doesn't ask for hosts in this zone.<br>
All what I was doing during this time period - I restarted
freevrrp-daemon on FreeBSD machine. Could it be related to
issue?<br>
</div></div></div>
</blockquote><div><div>
<div><br>
Is FreeBSD a master for <a href="http://sokol.msk.united-networks.ru/" target="_blank">sokol.msk.united-networks.ru</a>?
Looks like it is trying to send notifies.<br>
<br>
</div>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> <br>
Something very strange.. Another FreeBSD (9.0) works fine
in the same (or much like) conditions...<br>
<br>
Kind regards,<br>
Ellad
<div>
<div><br>
<blockquote type="cite">Hi,<br>
<br>
First of all, nslookup isn't a good tool for debug DNS
problems. Use dig instead.<br>
<br>
Could you show the output of "dig @freebsdbox <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>. NS
+norec" run from freebsd box itself?<br>
<br>
<br>
<div class="gmail_quote">2012/4/19 Ellad G. Yatsko <span dir="ltr"><<a href="mailto:eyatsko@ngs.ru" target="_blank">eyatsko@ngs.ru</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Hello!<br>
<br>
I have FreeBSD 7.2 x64 installed. And Bind
9.4:<br>
<br>
/etc/namedb> named -v<br>
BIND 9.4.3-P2<br>
<br>
I have zone "/<a href="http://united-networks.ru/" target="_blank">united-networks.ru/</a>" and I
try to do the following:<br>
...<br>
$ORIGIN <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.<br>
@ IN NS srvgate<br>
srvgate IN A 172.31.16.16<br>
$ORIGIN <a href="http://united-networks.ru" target="_blank">united-networks.ru</a>.<br>
...<br>
<br>
As I understand I delegated the SOA (IN NS)
to server with name<br>
<a href="http://srvgate.sokol.msk.united-networks.ru" target="_blank">srvgate.sokol.msk.united-networks.ru</a>
("srvgate" has no tailing "dot"<br>
so domain "<a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>"
from $ORIGIN operator will be<br>
appended), then I placed "glue"-record with
srvgate.sokol.msk's address.<br>
It is because as I understood nameserver of
delegated zone is in it.<br>
<br>
From here I thought on the server
172.31.16.16 (it's Ubuntu) I must<br>
receive DNS-requests related to zone <a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.
For<br>
example if I try do nslookup <a href="http://sokol.msk..united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>
on FreeBSD<br>
7.2 x64. But:<br>
<br>
/etc/bind# hostname -f<br>
<a href="http://srvgate.sokol.msk.united-networks.ru" target="_blank">srvgate.sokol.msk.united-networks.ru</a><br>
/etc/bind# tshark -ta -ni tun0 -R dns<br>
Running as user "root" and group "root". This
could be dangerous.<br>
Capturing on tun0<br>
<br>
...there is nothing! And FreeBSD issues
NXDOMAIN. I say more - FreeBSD<br>
tries to resolve name "<a href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>"
through its forwarder in<br>
external world!<br>
<br>
Where am I wrong? I simulated this situation
with the same configurations<br>
on Ubuntu (Bind 9.7.0-P1) and fresh-installed
FreeBSD 9.0 x64 (Bind 9.8.1-P1).<br>
All works fine!<br>
<br>
--------------------------------------
related portion of named.conf
--------------------------------------<br>
options {<br>
directory "/etc/namedb";<br>
pid-file
"/var/run/named/pid";<br>
dump-file
"/var/dump/named_dump.db";<br>
statistics-file
"/var/stats/named.stats";<br>
<br>
listen-on {<br>
....<br>
127.0.0.1;<br>
172.16.0.1;<br>
172.16.1.1;<br>
172.16.2.1;<br>
172.31.0.1;<br>
};<br>
<br>
forwarders {<br>
89.222.167.2;<br>
8.8.8.8;<br>
};<br>
recursion yes;<br>
allow-recursion {0/0;};<br>
};<br>
<br>
...<br>
<br>
view internal {<br>
match-clients {<br>
<a href="http://127.0..0.0/8" target="_blank">127.0.0.0/8</a>;<br>
<a href="http://172.16.0.0/12" target="_blank">172.16.0.0/12</a>;<br>
};<br>
...<br>
zone "<a href="http://united-networks.ru" target="_blank">united-networks.ru</a>" {<br>
type master;<br>
file
"master/forward/united-networks.ru.internal";<br>
allow-transfer {<br>
172.16.0.2;<br>
172.16.16.2;<br>
172.31.16.16;<br>
172.31.17.0;<br>
172.31.18.0;<br>
};<br>
};<br>
...<br>
};<br>
...<br>
-----------------------------------------------------------------------------------------------------------<br>
<br>
Kind regards,<br>
Ellad<br>
</blockquote>
<br>
_______________________________________________<br>
Please visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
AP<br>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div></div></div>
<br>
<br clear="all"><span><font color="#888888">
<br>
-- <br>
AP<br>
</font></span></blockquote>
<br>
</div>
</blockquote></div><br><br clear="all"><br>-- <br>AP<br>