BIND resolves everything to my own IP
Brian Salomaki
brian at gambitdesign.com
Wed Sep 26 20:35:21 UTC 2001
CISCO routers have a wonderful reputation to completely munge DNS packets
when doing NAT. I haven't ever seen a way around that posted on this list,
but there may be something that you could find out from Cisco, otherwise
you'll need a different setup, I expect.
On Wednesday 26 September 2001 10:58 am, you wrote:
> It was in fact a Cisco 675 doing NAT. What's the impact?
>
> The set up is quite simple. I've stripped all of my zones down to one, and
> get the same behavior. I've included the pertinent info below.
>
> ##### named.conf #####
> options {
> directory "/usr/local/named";
> };
>
> zone "." {
> type hint;
> file "db.cache";
> };
>
> zone "0.0.127.in-addr.arpa"{
> type master;
> file "db.127.0.0";
> };
>
> zone "fishigula.org" {
> type master;
> file "db.fishigula_org";
> };
>
> #### db.fishigula_org ####
> fishigula.org. IN SOA darwin.fishigula.org. dnorwood.darwin.fishigula.org.
> (
> 1 ; Serial
> 86400 ; Refresh after 24 hours
> 7200 ; Retry after 2 hour
> 2592000 ; Expire after 30 days
> 345600) ; Minimum TTL of 4 days
>
> ;--------------------------------------------------------------------------
>-----
>
> ; Name servers
> ;--------------------------------------------------------------------------
>-----
>
> fishigula.org. IN NS darwin.fishigula.org.
>
> ;--------------------------------------------------------------------------
>-----
>
> ; Host addresses
> ;--------------------------------------------------------------------------
>-----
>
> localhost.fishigula.org. IN A 127.0.0.1
> darwin.fishigula.org. IN A 208.42.90.14
>
> ;--------------------------------------------------------------------------
>-----
>
> ; Aliases
> ;--------------------------------------------------------------------------
>-----
>
> www.fishigula.org. IN CNAME darwin.fishigula.org.
> darwin-0.fishigula.org. IN A 208.42.90.14
>
> Michael Kjorling wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > This DSL... it isn't a Cisco doing NAT by any chance? Just a thought.
> >
> > Other than that I second what Simon said.
> >
> > Michael Kjörling
> >
> > On Sep 26 2001 00:03 -0500, Dwan Norwood wrote:
> > > My environment is Linux 2.2.14, BIND 8.2.2_P5, and a small lan behind
> > > a DSL. This
> > > set up has been running well for several months. Now however, my
> > > name server will
> > > resolve all domain names to my own IP address.
> > >
> > > Example:
> > > # nslookup www.berkeley.edu
> > >
> > > Server: dnorwood.dsl.visi.com
> > > Address: 208.42.90.14
> > >
> > > Name: amber.berkeley.edu
> > > Address: 208.42.90.14
> > > Aliases: www.berkeley.edu
> > >
> > > The name server appeared to resolve the Alias, or CNAME, information
> > > correctly, but
> > > returned my IP as the address. Restarting the server does not solve
> > > the problem.
> > >
> > > Any ideas? Any help is greatly appreciated.
> > >
> > > Dwan Norwood
> > > dnorwood at visi.com
> >
> > - --
> > Michael Kjörling - michael at kjorling.com - PGP: 8A70E33E
> > Manager Wolf.COM -- Programmer -- Network Administrator
> > "We must be the change we wish to see" (Mahatma Gandhi)
> >
> > ^..^ Support the wolves in Norway -- go to ^..^
> > \/ http://home.no.net/ulvelist/protest_int.htm \/
> >
> > ***** Please only send me emails which concern me *****
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.0.6 (GNU/Linux)
> > Comment: For my PGP key: http://michael.kjorling.com/contact/pgp.html
> >
> > iD8DBQE7sca0KqN7/Ypw4z4RAqN1AKD8YH75Ut7R16StS+48NdsG0UFLiACeMFT6
> > PA0mTm5uzZHWcv4FNFh57cQ=
> > =1lY8
> > -----END PGP SIGNATURE-----
--
Brian Salomaki
Gambit Design Internet Services
110 E. State St., Suite 18, Kennett Square, PA 19348
DNSbox: http://gambitdesign.com
More information about the bind-users
mailing list