Upgraded to BIND 8.2.3: Cannot resolve external domains

Mark.Andrews at nominum.com Mark.Andrews at nominum.com
Mon Feb 12 01:20:30 UTC 2001 

> 
> I've recently upgraded BIND from 8.2.2 -> 8.2.3. Domains that are hosted on t
> he server resolve ok. However, I cannot resolve any other domain hosted elsew
> here.
> 
> Running dig with a local domain:
> 
> ; <<>> DiG 8.3 <<>> positivt.net 
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
> ;; QUERY SECTION:
> ;;      positivt.net, type = A, class = IN
> 
> ;; ANSWER SECTION:
> positivt.net.           1D IN A         216.87.215.44
> 
> ;; AUTHORITY SECTION:
> positivt.net.           1D IN NS        ns1.nethut-cblt1.net.
> 
> ;; ADDITIONAL SECTION:
> ns1.nethut-cblt1.net.   1D IN A         64.65.32.34
> 
> ;; Total query time: 9 msec
> ;; FROM: ns1.nethut-cblt1.net to SERVER: default -- 64.65.32.34
> ;; WHEN: Sat Feb 10 16:26:03 2001
> ;; MSG SIZE  sent: 30  rcvd: 93
> 
> Then, on a domain hosted elsewhere:
> 
> ; <<>> DiG 8.3 <<>> telenor.no 
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 4
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;;      telenor.no, type = A, class = IN
> 
> ;; Total query time: 8 msec
> ;; FROM: ns1.nethut-cblt1.net to SERVER: default -- 64.65.32.34
> ;; WHEN: Sat Feb 10 16:25:44 2001
> ;; MSG SIZE  sent: 28  rcvd: 28
> 
> BIND is, admittedly, a big mystery to me (though I find myself learning ever 
> faster under the current pressure...). I'm not sure what information is requi
> red for debugging here. named is of course restarted, and the new version is 
> running:
> 
> ndc> status
> named 8.2.3-REL Tue Jan 30 16:56:25 PST 2001  admin at despair.cobalt.com:/home/
> redhat/BUILD/bind-8.2.3/src/bin/named
> config (/etc/named.conf) lat loaded at age: Wed Feb  7 11:20:48 2001 
> number of zones allocated: 128
> debug level: 0
> xfers running: 0
> xfers deferred: 0
> soa queries in progress: 0
> query logging is OFF
> server is up and running
> 
> 
> Logs are littered with sendmail error messages like these:
> 
> Feb  9 15:01:48 ns1 sendmail[5805]: PAA05805: ruleset=check_mail, arg1=<icnli
> st-bounce at mail.infowar.com>, relay=[198.252.45.164], reject=451
> <icnlist-bounce at mail.infowar.com>... Sender domain must resolve
> Feb  9 15:01:49 ns1 sendmail[5806]: PAA05806: ruleset=check_mail, arg1=<icnli
> st-bounce at mail.infowar.com>, relay=[198.252.45.164], reject=451
> <icnlist-bounce at mail.infowar.com>... Sender domain must resolve
> 
> That is, no outbound mail escapes the server.
> 
> Does anyone have an idea of might be wrong? I haven't included any configurat
> ion files, as I'm not sure which ones are the relevant. In any case, all loca
> l domains resolve ok from anywhere. Its just resolving external domains from 
> the box that persistently fails.
> 
> Advice is greatly appreciated!
> 
> Sincerely,
> Per M 
> 
> 
> 
	Post named.conf and your root hints file.
	Post what named logs.
	Do you have a firewall between this maching and the net?
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com

More information about the bind-users mailing list