(9.1.0) Cannot add authorative NS - "unable to verify existence of nameserver"
Michael Kjorling
michael at kjorling.com
Thu Apr 12 00:04:38 UTC 2001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please apologize me if I am in the wrong place - I am not sure if this
is BIND 9-specific or not, but thought there were probably more people
here who could answer my question. If I should go for bind9-users
instead, please let me know (only once, please...)
I am running BIND 9.1.0 with a bunch of zones, of which most are
masters - some local, some public. This setup is behind a firewall
which blocks incoming traffic, but I have allowed incoming to port 53
over both TCP and UDP. Outgoing traffic is unrestricted. Zone
transfers are disallowed in the options{} section of /etc/named.conf
(options{...allow-transfer{none;};...};) and then explicitly granted
to secondaries in the zone sections.
Only one problem - I can query my name server from the outside, and it
returns whatever is the answer (provided queries from the outside are
allowed on that zone of course), and secondaries can receive ZXFRs.
But I cannot add my computer as an authorative name server for any of
my domains. DomainMonger says "unable to add nameserver: unable to
verify existence of nameserver (host)", whether I put in the IP
address in dot-quad or in-addr.arpa notation, or my DNS name (which
resolves through other servers). Register.com provides even less
useful information, just saying "could not add name server. It might
not be properly configured." - or simply not accepting the IP into the
system, silently. There is nothing strange in my logs that I could
possibly relate to this.
Any suggestions as to what to check or where to read are greatly
appreciated! I have tried to get this working for two days by now and
have ran out of things to check after going through both the firewall
and BIND's configuration three times...
Michael Kjörling
- --
Michael Kjörling - michael at kjorling.com - PGP: 8A70E33E
"We must be the change we wish to see" (Mahatma Gandhi)
^..^ Support the wolves in Norway -- go to ^..^
\/ http://home.no.net/ulvelist/protest_int.htm \/
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQA/AwUBOtTxGSqje/2KcOM+EQLkVACfQj0wETx6muTWefRGP8fTQYpNwdcAnj5/
2p2o/hlau6SKyMoRSezURT5r
=BWbh
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list