Two BIND 9.2.1 questions
Martin McCormick
martin at dc.cis.okstate.edu
Wed Jun 5 22:26:35 UTC 2002
Look at your named.conf file and see if you may have
statements like these near the beginning which will make your dns
deny any query from someforeign.spammer.com to
someother.foreign.domain.com using your name server. They will,
however, allow anybody in the networks shown here to fully use
the dns.
allow-query { 139.78.0.0/16;
127.0.0.1;
192.168.4.0/24;
192.168.5.0/24;
192.168.6.0/24;
192.168.7.0/24;
192.168.83.0/24;
192.168.12.0/24;
};
Then, you put a statement like the following in to all
the domains you are either master or slave for so as to let the
world use your name server to access your domains.
allow-query { any; };
It sounds as if you may already have a setup like this
whether you meant to or not. If that is not what you want, then
don't limit allowed queries.
"FEEB" writes:
>
>I would appreciate any advice on the following:
>
>1.
>I upgraded to BIND 9.2.1 from RH errata RPM on my slave DNS server running
>RH7.2. I was running BIND 8.2.5 before the upgrade.
>Now, when I start named, it spawns 4 additional named's so that 5 named's
>are actually running. Is it normal? If not, why is it happening?
>
>2.
>I get lots of these in /var/log/messages:
>
>named[24826]: client 198.22.121.119#3492: query
>'perfectly.valid.local.address/IN' denied,
>
>where "perfectly.valid.local.address" is an address of some local machine.
>The query looks legitimate to me. Why is it being rejected?
>
>Thanks
>
>
>Frank Bures, <grandial at pons dot cz>
>
>
>
More information about the bind-users
mailing list