<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Nope. FreeBSD is not the master for sokol.msk.united-networks.ru. It
delegates zone sokol.msk only. <br>
Not more.Master for sokol.msk.united-networks.ru is
srvgate.sokol.msk.united-networks.ru (Ubuntu<br>
server).<br>
<br>
Indeed, now when I try nslookup sokol.msk.united-networks.ru - it
returns me its IP. FreeBSD asks for zone<br>
information Ubuntu. Ubuntu answers. But when I try to resolve what
is "ap-1131.sokol.msk.united-networks.ru" <br>
FreeBSD is silent as before. It does not ask Ubuntu. It does not
return any IP: NXDOMAIN.<br>
<br>
Kind regards,<br>
Ellad<br>
<blockquote
cite="mid:CAE_wXn2--XgjwVjdE4jswr8CxnF8o5DJE-pxTTpu0SOZwHu-eQ@mail.gmail.com"
type="cite"><br>
<div class="gmail_quote">2012/4/19 Ellad G. Yatsko <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:eyatsko@ngs.ru">eyatsko@ngs.ru</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Hello!<br>
Here is output:<br>
/etc/namedb> dig @<a moz-do-not-send="true"
href="http://172.16.0.1" target="_blank">172.16.0.1</a> <a
moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.
NS +norec<br>
<br>
; <<>> DiG 9.4.3-P2 <<>> @<a
moz-do-not-send="true" href="http://172..16.0.1"
target="_blank">172.16.0.1</a> <a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>.
NS +norec<br>
; (1 server found)<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id: 14255<br>
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
ADDITIONAL: 2<br>
<br>
;; QUESTION SECTION:<br>
;<a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru" target="_blank">sokol.msk.united-networks.ru</a>.
IN NS<br>
<br>
;; AUTHORITY SECTION:<br>
<a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>.
3600 IN NS <a moz-do-not-send="true"
href="http://srvgate.sokol.msk.united-networks.ru"
target="_blank">srvgate.sokol.msk.united-networks.ru</a>.<br>
<br>
;; ADDITIONAL SECTION:<br>
<a moz-do-not-send="true"
href="http://srvgate.sokol.msk.united-networks.ru"
target="_blank">srvgate.sokol.msk.united-networks.ru</a>.
3359 IN A 172.31.16.16<br>
<a moz-do-not-send="true"
href="http://srvgate.sokol.msk.united-networks.ru"
target="_blank">srvgate.sokol.msk.united-networks.ru</a>.
3359 IN A 172.16.16.1<br>
<br>
;; Query time: 0 msec<br>
;; SERVER: 172.16.0.1#53(172.16.0.1)<br>
;; WHEN: Thu Apr 19 14:08:55 2012<br>
;; MSG SIZE rcvd: 100<br>
</div>
</blockquote>
<div><br>
Looks good for me. <br>
<br>
</div>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> <br>
I noticed that after some time FreeBSD still tried to ask
for <a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru" target="_blank">sokol..msk.united-networks.ru</a>
from Ubuntu (srvgate.sokol.msk).<br>
It happened after 2-3 minutes after "named" was restarted on
FreeBSD. But now FreeBSD doesn't ask for hosts in this zone.<br>
All what I was doing during this time period - I restarted
freevrrp-daemon on FreeBSD machine. Could it be related to
issue?<br>
</div>
</blockquote>
<div><br>
Is FreeBSD a master for <a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru/" target="_blank">sokol.msk.united-networks.ru</a>?
Looks like it is trying to send notifies.<br>
<br>
</div>
<blockquote class="gmail_quote" style="margin:0pt 0pt 0pt
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> <br>
Something very strange.. Another FreeBSD (9.0) works fine
in the same (or much like) conditions...<br>
<br>
Kind regards,<br>
Ellad
<div>
<div class="h5"><br>
<blockquote type="cite">Hi,<br>
<br>
First of all, nslookup isn't a good tool for debug DNS
problems. Use dig instead.<br>
<br>
Could you show the output of "dig @freebsdbox <a
moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru"
target="_blank">sokol.msk.united-networks.ru</a>. NS
+norec" run from freebsd box itself?<br>
<br>
<br>
<div class="gmail_quote">2012/4/19 Ellad G. Yatsko <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:eyatsko@ngs.ru" target="_blank">eyatsko@ngs.ru</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
<blockquote class="gmail_quote" style="margin:0 0
0 .8ex;border-left:1px #ccc
solid;padding-left:1ex"> Hello!<br>
<br>
I have FreeBSD 7.2 x64 installed. And Bind
9.4:<br>
<br>
/etc/namedb> named -v<br>
BIND 9.4.3-P2<br>
<br>
I have zone "/<a moz-do-not-send="true"
href="http://united-networks.ru/"
target="_blank">united-networks.ru/</a>" and I
try to do the following:<br>
...<br>
$ORIGIN <a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru"
target="_blank">sokol.msk.united-networks.ru</a>.<br>
@ IN NS srvgate<br>
srvgate IN A 172.31.16.16<br>
$ORIGIN <a moz-do-not-send="true"
href="http://united-networks.ru"
target="_blank">united-networks.ru</a>.<br>
...<br>
<br>
As I understand I delegated the SOA (IN NS)
to server with name<br>
<a moz-do-not-send="true"
href="http://srvgate.sokol.msk.united-networks.ru"
target="_blank">srvgate.sokol.msk.united-networks.ru</a>
("srvgate" has no tailing "dot"<br>
so domain "<a moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru"
target="_blank">sokol.msk.united-networks.ru</a>"
from $ORIGIN operator will be<br>
appended), then I placed "glue"-record with
srvgate.sokol.msk's address.<br>
It is because as I understood nameserver of
delegated zone is in it.<br>
<br>
From here I thought on the server
172.31.16.16 (it's Ubuntu) I must<br>
receive DNS-requests related to zone <a
moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru"
target="_blank">sokol.msk.united-networks.ru</a>.
For<br>
example if I try do nslookup <a
moz-do-not-send="true"
href="http://sokol.msk..united-networks.ru"
target="_blank">sokol.msk.united-networks.ru</a>
on FreeBSD<br>
7.2 x64. But:<br>
<br>
/etc/bind# hostname -f<br>
<a moz-do-not-send="true"
href="http://srvgate.sokol.msk.united-networks.ru"
target="_blank">srvgate.sokol.msk.united-networks.ru</a><br>
/etc/bind# tshark -ta -ni tun0 -R dns<br>
Running as user "root" and group "root". This
could be dangerous.<br>
Capturing on tun0<br>
<br>
...there is nothing! And FreeBSD issues
NXDOMAIN. I say more - FreeBSD<br>
tries to resolve name "<a
moz-do-not-send="true"
href="http://sokol.msk.united-networks.ru"
target="_blank">sokol.msk.united-networks.ru</a>"
through its forwarder in<br>
external world!<br>
<br>
Where am I wrong? I simulated this situation
with the same configurations<br>
on Ubuntu (Bind 9.7.0-P1) and fresh-installed
FreeBSD 9.0 x64 (Bind 9.8.1-P1).<br>
All works fine!<br>
<br>
--------------------------------------
related portion of named.conf
--------------------------------------<br>
options {<br>
directory "/etc/namedb";<br>
pid-file
"/var/run/named/pid";<br>
dump-file
"/var/dump/named_dump.db";<br>
statistics-file
"/var/stats/named.stats";<br>
<br>
listen-on {<br>
....<br>
127.0.0.1;<br>
172.16.0.1;<br>
172.16.1.1;<br>
172.16.2.1;<br>
172.31.0.1;<br>
};<br>
<br>
forwarders {<br>
89.222.167.2;<br>
8.8.8.8;<br>
};<br>
recursion yes;<br>
allow-recursion {0/0;};<br>
};<br>
<br>
...<br>
<br>
view internal {<br>
match-clients {<br>
<a moz-do-not-send="true"
href="http://127.0..0.0/8" target="_blank">127.0.0.0/8</a>;<br>
<a moz-do-not-send="true"
href="http://172.16.0.0/12" target="_blank">172.16.0.0/12</a>;<br>
};<br>
...<br>
zone "<a moz-do-not-send="true"
href="http://united-networks.ru"
target="_blank">united-networks.ru</a>" {<br>
type master;<br>
file
"master/forward/united-networks.ru.internal";<br>
allow-transfer {<br>
172.16.0.2;<br>
172.16.16.2;<br>
172.31.16.16;<br>
172.31.17.0;<br>
172.31.18.0;<br>
};<br>
};<br>
...<br>
};<br>
...<br>
-----------------------------------------------------------------------------------------------------------<br>
<br>
Kind regards,<br>
Ellad<br>
</blockquote>
<br>
_______________________________________________<br>
Please visit <a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:bind-users@lists.isc.org"
target="_blank">bind-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
AP<br>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
AP<br>
</blockquote>
<br>
</body>
</html>