<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Nope. FreeBSD is not the master for sokol.msk.united-networks.ru. It
    delegates zone sokol.msk only. <br>
    Not more.Master for sokol.msk.united-networks.ru is
    srvgate.sokol.msk.united-networks.ru (Ubuntu<br>
    server).<br>
    <br>
    Indeed, now when I try nslookup sokol.msk.united-networks.ru - it
    returns me its IP. FreeBSD asks for zone<br>
    information Ubuntu. Ubuntu answers. But when I try to resolve what
    is "ap-1131.sokol.msk.united-networks.ru" <br>
    FreeBSD is silent as before. It does not ask Ubuntu. It does not
    return any IP: NXDOMAIN.<br>
    <br>
    Kind regards,<br>
    Ellad<br>
    <blockquote
cite="mid:CAE_wXn2--XgjwVjdE4jswr8CxnF8o5DJE-pxTTpu0SOZwHu-eQ@mail.gmail.com"
      type="cite"><br>
      <div class="gmail_quote">2012/4/19 Ellad G. Yatsko <span
          dir="ltr"><<a moz-do-not-send="true"
            href="mailto:eyatsko@ngs.ru">eyatsko@ngs.ru</a>></span><br>
        <blockquote class="gmail_quote" style="margin:0 0 0
          .8ex;border-left:1px #ccc solid;padding-left:1ex">
          <div bgcolor="#FFFFFF" text="#000000"> Hello!<br>
            Here is output:<br>
            /etc/namedb> dig @<a moz-do-not-send="true"
              href="http://172.16.0.1" target="_blank">172.16.0.1</a> <a
              moz-do-not-send="true"
              href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.
            NS +norec<br>
            <br>
            ; <<>> DiG 9.4.3-P2 <<>> @<a
              moz-do-not-send="true" href="http://172..16.0.1"
              target="_blank">172.16.0.1</a> <a moz-do-not-send="true"
              href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>.
            NS +norec<br>
            ; (1 server found)<br>
            ;; global options:  printcmd<br>
            ;; Got answer:<br>
            ;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
            id: 14255<br>
            ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
            ADDITIONAL: 2<br>
            <br>
            ;; QUESTION SECTION:<br>
            ;<a moz-do-not-send="true"
              href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>. 
            IN      NS<br>
            <br>
            ;; AUTHORITY SECTION:<br>
            <a moz-do-not-send="true"
              href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>.
            3600 IN   NS      <a moz-do-not-send="true"
              href="http://srvgate.sokol.msk.united-networks.ru"
              target="_blank">srvgate.sokol.msk.united-networks.ru</a>.<br>
            <br>
            ;; ADDITIONAL SECTION:<br>
            <a moz-do-not-send="true"
              href="http://srvgate.sokol.msk.united-networks.ru"
              target="_blank">srvgate.sokol.msk.united-networks.ru</a>.
            3359 IN A 172.31.16.16<br>
            <a moz-do-not-send="true"
              href="http://srvgate.sokol.msk.united-networks.ru"
              target="_blank">srvgate.sokol.msk.united-networks.ru</a>.
            3359 IN A 172.16.16.1<br>
            <br>
            ;; Query time: 0 msec<br>
            ;; SERVER: 172.16.0.1#53(172.16.0.1)<br>
            ;; WHEN: Thu Apr 19 14:08:55 2012<br>
            ;; MSG SIZE  rcvd: 100<br>
          </div>
        </blockquote>
        <div><br>
          Looks good for me. <br>
          <br>
        </div>
        <blockquote class="gmail_quote" style="margin:0pt 0pt 0pt
          0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
          <div bgcolor="#FFFFFF" text="#000000"> <br>
            I noticed that after some time FreeBSD still tried to ask
            for <a moz-do-not-send="true"
              href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>
            from Ubuntu (srvgate.sokol.msk).<br>
            It happened after 2-3 minutes after "named" was restarted on
            FreeBSD. But now FreeBSD doesn't ask for hosts in this zone.<br>
            All what I was doing during this time period - I restarted
            freevrrp-daemon on FreeBSD machine. Could it be related to
            issue?<br>
          </div>
        </blockquote>
        <div><br>
          Is FreeBSD a master for <a moz-do-not-send="true"
            href="http://sokol.msk.united-networks.ru/" target="_blank">sokol.msk.united-networks.ru</a>?
          Looks like it is trying to send notifies.<br>
          <br>
        </div>
        <blockquote class="gmail_quote" style="margin:0pt 0pt 0pt
          0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
          <div bgcolor="#FFFFFF" text="#000000"> <br>
            Something very strange..  Another FreeBSD (9.0) works fine
            in the same (or much like) conditions...<br>
            <br>
            Kind regards,<br>
            Ellad
            <div>
              <div class="h5"><br>
                <blockquote type="cite">Hi,<br>
                  <br>
                  First of all, nslookup isn't a good tool for debug DNS
                  problems. Use dig instead.<br>
                  <br>
                  Could you show the output of "dig @freebsdbox <a
                    moz-do-not-send="true"
                    href="http://sokol.msk.united-networks.ru"
                    target="_blank">sokol.msk.united-networks.ru</a>. NS
                  +norec" run from freebsd box itself?<br>
                  <br>
                  <br>
                  <div class="gmail_quote">2012/4/19 Ellad G. Yatsko <span
                      dir="ltr"><<a moz-do-not-send="true"
                        href="mailto:eyatsko@ngs.ru" target="_blank">eyatsko@ngs.ru</a>></span><br>
                    <blockquote class="gmail_quote" style="margin:0 0 0
                      .8ex;border-left:1px #ccc solid;padding-left:1ex">
                      <br>
                      <blockquote class="gmail_quote" style="margin:0 0
                        0 .8ex;border-left:1px #ccc
                        solid;padding-left:1ex">    Hello!<br>
                        <br>
                           I have FreeBSD 7.2 x64 installed. And Bind
                        9.4:<br>
                        <br>
                           /etc/namedb> named -v<br>
                           BIND 9.4.3-P2<br>
                        <br>
                           I have zone "/<a moz-do-not-send="true"
                          href="http://united-networks.ru/"
                          target="_blank">united-networks.ru/</a>" and I
                        try to do the following:<br>
                           ...<br>
                           $ORIGIN <a moz-do-not-send="true"
                          href="http://sokol.msk.united-networks.ru"
                          target="_blank">sokol.msk.united-networks.ru</a>.<br>
                           @                       IN NS   srvgate<br>
                           srvgate                 IN A    172.31.16.16<br>
                           $ORIGIN <a moz-do-not-send="true"
                          href="http://united-networks.ru"
                          target="_blank">united-networks.ru</a>.<br>
                           ...<br>
                        <br>
                           As I understand I delegated the SOA (IN NS)
                        to server with name<br>
                           <a moz-do-not-send="true"
                          href="http://srvgate.sokol.msk.united-networks.ru"
                          target="_blank">srvgate.sokol.msk.united-networks.ru</a>
                        ("srvgate" has no tailing "dot"<br>
                           so domain "<a moz-do-not-send="true"
                          href="http://sokol.msk.united-networks.ru"
                          target="_blank">sokol.msk.united-networks.ru</a>"
                        from $ORIGIN operator will be<br>
                           appended), then I placed "glue"-record with
                        srvgate.sokol.msk's address.<br>
                           It is because as I understood nameserver of
                        delegated zone is in it.<br>
                        <br>
                           From here I thought on the server
                        172.31.16.16 (it's Ubuntu) I must<br>
                           receive DNS-requests related to zone <a
                          moz-do-not-send="true"
                          href="http://sokol.msk.united-networks.ru"
                          target="_blank">sokol.msk.united-networks.ru</a>.
                        For<br>
                           example if I try do nslookup <a
                          moz-do-not-send="true"
                          href="http://sokol.msk..united-networks.ru"
                          target="_blank">sokol.msk.united-networks.ru</a>
                        on FreeBSD<br>
                           7.2 x64. But:<br>
                        <br>
                           /etc/bind# hostname -f<br>
                           <a moz-do-not-send="true"
                          href="http://srvgate.sokol.msk.united-networks.ru"
                          target="_blank">srvgate.sokol.msk.united-networks.ru</a><br>
                           /etc/bind# tshark -ta -ni tun0 -R dns<br>
                           Running as user "root" and group "root". This
                        could be dangerous.<br>
                           Capturing on tun0<br>
                        <br>
                           ...there is nothing! And FreeBSD issues
                        NXDOMAIN. I say more - FreeBSD<br>
                           tries to resolve name "<a
                          moz-do-not-send="true"
                          href="http://sokol.msk.united-networks.ru"
                          target="_blank">sokol.msk.united-networks.ru</a>"
                        through its forwarder in<br>
                           external world!<br>
                        <br>
                           Where am I wrong? I simulated this situation
                        with the same configurations<br>
                           on Ubuntu (Bind 9.7.0-P1) and fresh-installed
                        FreeBSD 9.0 x64 (Bind 9.8.1-P1).<br>
                           All works fine!<br>
                        <br>
                           --------------------------------------
                        related portion of named.conf
                        --------------------------------------<br>
                           options {<br>
                                    directory       "/etc/namedb";<br>
                                    pid-file      
                         "/var/run/named/pid";<br>
                                    dump-file      
                        "/var/dump/named_dump.db";<br>
                                    statistics-file
                        "/var/stats/named.stats";<br>
                        <br>
                                    listen-on       {<br>
                                            ....<br>
                                            127.0.0.1;<br>
                                            172.16.0.1;<br>
                                            172.16.1.1;<br>
                                            172.16.2.1;<br>
                                            172.31.0.1;<br>
                                    };<br>
                        <br>
                                    forwarders {<br>
                                            89.222.167.2;<br>
                                            8.8.8.8;<br>
                                    };<br>
                                    recursion yes;<br>
                                    allow-recursion {0/0;};<br>
                           };<br>
                        <br>
                           ...<br>
                        <br>
                           view internal {<br>
                                    match-clients {<br>
                                            <a moz-do-not-send="true"
                          href="http://127.0..0.0/8" target="_blank">127.0.0.0/8</a>;<br>
                                            <a moz-do-not-send="true"
                          href="http://172.16.0.0/12" target="_blank">172.16.0.0/12</a>;<br>
                                    };<br>
                           ...<br>
                                    zone "<a moz-do-not-send="true"
                          href="http://united-networks.ru"
                          target="_blank">united-networks.ru</a>" {<br>
                                            type master;<br>
                                            file
                        "master/forward/united-networks.ru.internal";<br>
                                            allow-transfer {<br>
                                                    172.16.0.2;<br>
                                                    172.16.16.2;<br>
                                                    172.31.16.16;<br>
                                                    172.31.17.0;<br>
                                                    172.31.18.0;<br>
                                            };<br>
                                    };<br>
                           ...<br>
                           };<br>
                           ...<br>
                         
 -----------------------------------------------------------------------------------------------------------<br>
                        <br>
                           Kind regards,<br>
                           Ellad<br>
                      </blockquote>
                      <br>
                      _______________________________________________<br>
                      Please visit <a moz-do-not-send="true"
                        href="https://lists.isc.org/mailman/listinfo/bind-users"
                        target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a>
                      to unsubscribe from this list<br>
                      <br>
                      bind-users mailing list<br>
                      <a moz-do-not-send="true"
                        href="mailto:bind-users@lists.isc.org"
                        target="_blank">bind-users@lists.isc.org</a><br>
                      <a moz-do-not-send="true"
                        href="https://lists.isc.org/mailman/listinfo/bind-users"
                        target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
                    </blockquote>
                  </div>
                  <br>
                  <br clear="all">
                  <br>
                  -- <br>
                  AP<br>
                </blockquote>
                <br>
              </div>
            </div>
          </div>
        </blockquote>
      </div>
      <br>
      <br clear="all">
      <br>
      -- <br>
      AP<br>
    </blockquote>
    <br>
  </body>
</html>