ns_req: sendto([A.B.C.150].55337): Permission denied

Mark_Andrews at isc.org Mark_Andrews at isc.org
Fri Nov 2 22:25:21 UTC 2001 

> 
> Dear BIND-users!
> 
> My setup:
> ---------
> 
> Client 1:		Sun Solaris 7 on a Sun Sparc E250
> 			Multiple virtual hosts on one ethernet card
> 			--- ooo ---
> 			ifconfig hme0:1 A.B.C.151 up arp
> 			ifconfig hme0:2 A.B.C.152 up arp
> 			ifconfig hme0:3 A.B.C.153 up arp
> 			--- ooo ---
> 
> Client 2:		Sun Solaris 7 on a Sun Sparc E250
> 			Single IP
> 
> NameServer:		FreeBDS FreeBSD 4.2-RELEASE, BIND 8.2.5
> 			--- ooo ---
> 			The nameserver is caching only
> 			--- ooo ----
> 
> 
> Problem:
> --------
> 
> When trying to lookup a host on the "NameServer" from "Client 2"
> everything works smoothly.
> 
> When trying to lookup a host on the "NameServer" from "Client 1" the
> answer is not received by the client:
> 
> Client 1:
> 
> $ host -t a www.elvis.dk example.host.dk
> Nameserver example.host.dk not responding
> www.elvis.dk A record not found at example.host.dk, try again
> 
> NameServer: (named.run log file)
> 
> datagram from [A.B.C.150].55337, fd 20, len 30
> req: nlookup(www.elvis.dk) id 832 type=1 class=1
> req: found 'www.elvis.dk' as 'www.elvis.dk' (cname=0)
> ns_req: answer -> [A.B.C.150].55337 fd=20 id=832 size=124 rc=0
> ns_req: sendto([A.B.C.150].55337): Permission denied

	Check your firewall log.

> 
> and sometimes only
> 
> datagram from [A.B.C.150].55348, fd 20, len 30
> req: nlookup(www.elvis.dk) id 832 type=1 class=1
> req: found 'www.elvis.dk' as 'www.elvis.dk' (cname=0)
> ns_req: answer -> [A.B.C.150].55348 fd=20 id=832 size=124 rc=0
> 
> One thing that is even more strange is that I have a third client, a
> FreeBSD also with multiple IPs, that acts exactly as "Client 1". It is not
> possible to receive any answers from the "NameServer".
> 
> My guess is, that it has something to do with setting the virtual hosts in
> Solaris (and FreeBSD) or possibly some filter in my ISPs routerconfig.
> 
> Running "ifconfig -a" on "Client 1":
> 
> lo0: flags=849<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232
>         inet 127.0.0.1 netmask ff000000
> hme0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
>         inet A.B.C.150 netmask ffffff00 broadcast A.B.C.255
>         ether 8:0:20:a9:c5:d4
> hme0:1: flags=843<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>         inet A.B.C.151 netmask ffffff00 broadcast A.B.C.255
> hme0:2: flags=843<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>         inet A.B.C.152 netmask ffffff00 broadcast A.B.C.255
> hme0:3: flags=843<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
>         inet A.B.C.153 netmask ffffff00 broadcast A.B.C.255
> 
> Running "netstat -nr" on "Client 1":
> 
> Routing Table:
>   Destination           Gateway           Flags  Ref   Use   Interface
> -------------------- -------------------- ----- ----- ------ ---------
> A.B.C.0              A.B.C.150             U        6  56682  hme0
> A.B.C.0              A.B.C.151             U        6      0  hme0:1
> A.B.C.0              A.B.C.152             U        6      0  hme0:2
> A.B.C.0              A.B.C.153             U        6      0  hme0:3
> 224.0.0.0            A.B.C.150             U        6      0  hme0
> default              A.B.C.1               UG       046252852
> 127.0.0.1            127.0.0.1             UH       014711435  lo0
> 
> Thank you for any help!
> 
> Kind regards
> Niels Haarbo
> 
> -- 
> -------------------------------------------------------------------------
>  Niels Haarbo * System Administrator @ DK Hostmaster A/S * +45 7730 0670
> -------------------------------------------------------------------------
> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list