Problem resolving a domain
Rainer Duffner
rainer at ultra-secure.de
Fri May 13 11:54:20 UTC 2022
Hi,
at work, I have a problem resolving the following domain:
myapplication.international.barclays.com
BIND 9.16.27, FreeBSD 12.3-P5.
2022Q2 ports.
I copied the config to a VM at home - but it did not work there, either.
I believe it must have happened on the update from BIND 9.16.26 to 9.16.27.
options {
directory "/usr/local/etc/namedb/working";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
allow-recursion {"rec";};
allow-query-cache { localhost; "rec" ; };
// CIS recommended:
// serverid none;
// dnssec-enable yes;
// dnssec-validation auto;
// dnssec-accept-expired no;
listen-on { 192.168.1.61; };
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
};
acl rec {
127.0.0.0/8;
192.168.1.0/24;
::1;
};
/* Serving the following zones locally will prevent any queries
for these zones leaving your network and going to the root
name servers. This has two significant advantages:
1. Faster local resolution for your users
2. No spurious traffic will be sent from your network to the roots
*/
// RFCs 1912, 5735 and 6303 (and BCP 32 for localhost)
zone "localhost" { type master; file "/usr/local/etc/namedb/master/localhost-forward.db"; };
zone "127.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
zone "255.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// RFC 1912-style zone for IPv6 localhost address (RFC 6303)
zone "0.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/localhost-reverse.db"; };
// "This" Network (RFCs 1912, 5735 and 6303)
zone "0.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// Private Use Networks (RFCs 1918, 5735 and 6303)
zone "10.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "16.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "17.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "18.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "19.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "20.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "21.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "22.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "23.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "24.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "25.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "26.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "27.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "28.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "29.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "30.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "31.172.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "168.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// Shared Address Space (RFC 6598)
zone "64.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "65.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "66.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "67.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "68.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "69.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "70.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "71.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "72.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "73.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "74.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "75.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "76.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "77.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "78.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "79.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "80.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "81.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "82.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "83.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "84.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "85.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "86.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "87.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "88.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "89.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "90.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "91.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "92.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "93.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "94.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "95.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "96.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "97.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "98.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "99.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "100.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "101.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "102.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "103.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "104.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "105.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "106.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "107.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "108.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "109.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "110.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "111.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "112.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "113.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "114.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "115.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "116.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "117.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "118.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "119.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "120.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "121.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "122.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "123.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "124.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "125.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "126.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "127.100.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// Link-local/APIPA (RFCs 3927, 5735 and 6303)
zone "254.169.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IETF protocol assignments (RFCs 5735 and 5736)
zone "0.0.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// TEST-NET-[1-3] for Documentation (RFCs 5735, 5737 and 6303)
zone "2.0.192.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "100.51.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "113.0.203.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IPv6 Example Range for Documentation (RFCs 3849 and 6303)
zone "8.b.d.0.1.0.0.2.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// Domain Names for Documentation and Testing (BCP 32)
zone "test" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "example" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "invalid" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "example.com" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "example.net" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "example.org" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// Router Benchmark Testing (RFCs 2544 and 5735)
zone "18.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "19.198.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IANA Reserved - Old Class E Space (RFC 5735)
zone "240.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "241.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "242.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "243.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "244.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "245.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "246.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "247.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "248.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "249.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "250.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "251.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "252.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "253.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "254.in-addr.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IPv6 Unassigned Addresses (RFC 4291)
zone "1.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "3.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "4.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "5.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "6.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "7.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "8.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "9.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "a.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "b.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "c.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "d.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "e.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "0.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "1.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "2.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "3.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "4.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "5.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "6.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "7.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "8.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "9.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "a.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "b.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "0.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "1.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "2.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "3.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "4.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "5.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "6.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "7.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IPv6 ULA (RFCs 4193 and 6303)
zone "c.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "d.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IPv6 Link Local (RFCs 4291 and 6303)
zone "8.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "9.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "a.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "b.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IPv6 Deprecated Site-Local Addresses (RFCs 3879 and 6303)
zone "c.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "d.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "e.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
zone "f.e.f.ip6.arpa" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
// IP6.INT is Deprecated (RFC 4159)
zone "ip6.int" { type master; file "/usr/local/etc/namedb/master/empty.db"; };
include "/usr/local/etc/namedb/log.conf“;
(bind-unbound-test <namedb>) 0 # drill @192.168.1.61 myapplication.international.barclays.com
;; ->>HEADER<<- opcode: QUERY, rcode: SERVFAIL, id: 3215
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; myapplication.international.barclays.com. IN A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 10056 msec
;; SERVER: 192.168.1.61
;; WHEN: Fri May 13 13:50:00 2022
;; MSG SIZE rcvd: 58
(bind-unbound-test <namedb>) 0 #
More information about the bind-users
mailing list