Bind 8.2.2-P5 Mystery - HELP

Jim Reid jim at rfc1035.com
Wed Dec 15 18:10:42 UTC 1999 

>>>>> "Mohammed" == Mohammed Ghanawi <mohammed.ghanawi at hct.ac.ae> writes:

    Mohammed> Also now the secondary servers which are running Version
    Mohammed> 4.9.4 of bind, are failing on some zones as a result,
    Mohammed> the outside world can not see our domain anymore, since
    Mohammed> the zones have expired.

Take a look at your name server's logs and those on your slave
(secondary) servers. There should be error messages explaining why the
zone transfers are failing. If you can't work out what those error
messages mean, post them here. It would also help if you supplied the
details of the failing zones: their names, the names and addresses of
their name servers, the relevant entries from named.conf or
named.boot and so on.

    Mohammed> Every now and then my new bind 8.2.2-P5 named just
    Mohammed> refuses to resolve local addresses, it still resolve
    Mohammed> addresses outside our domain with no problem. When this
    Mohammed> problem happen all clients fail to access any Internet
    Mohammed> services. What is more strange, on the server itself I
    Mohammed> can resolve the local domain and remote domain
    Mohammed> addresses. From the clients I can ping machines locally
    Mohammed> by IP address but not by name, and I can ping remote
    Mohammed> machine both by name and IP address. I tried stopping
    Mohammed> named and restarting but no success, I even rebooted the
    Mohammed> whole machine. Plus even more strange, on any client
    Mohammed> that refuses to ping a local machine by name

Enable query logging on your name server. This will show you what
resolvers are sending queries and what names they are asking for. 
Turn up the debugging on your name server and find out what queries it
is making, where it sends them and what replies it gets.

Your difficulties are almost certainly down to the way your name
server(s) and resolvers have been configured. BIND on Solaris "just
works". Unless you can supply more details - log messages, config
files, domain names, etc - there's not much anyone on this list can do
other than make guesses about the source of your problems. Don't
forget about /etc/nsswitch.conf. If this isn't set up to use the DNS,
host lookups won't go to your name server. Perhaps ping is going to a
NIS or NIS+ server for lookups of local names instead of the DNS?

More information about the bind-users mailing list