Domain Resolving Issue

Mark_Andrews at isc.org Mark_Andrews at isc.org
Sun Sep 22 23:00:50 UTC 2002 

> 
> Hello All -
> 
> I hope that this problem hasn't already been dealt with previously; I
> purveyed the past couple of days' posts and didn't see it anywhere.
> 
> Here's the setup:
> 
> + BIND 9.2.0 on Red Hat Linux 7.3

	BIND 9.2.1 is the current release.

> + 4 workstations (WindowsXP, Windows2000, MacOS X) all configured to
> use the Red Hat Linux box as a DNS server
> + Firewalled gateway to the outside world
> 
> Here's the problem:
> 
> If I try to go to www.progressive.com or www.bn.com from any of the
> client computers, I get a message stating that the browser cannot find
> the server. However, if I use the browser on the server, it resolves
> fine.

	Check the firewall on the nameserver itself.  It's most
	probably blocking queries from (responses to) the DNS clients.
 
> If I do a dig here's what I get:
> 
> 
> [kev at stardust kev]$ dig @stardust www.progressive.com
> 
> ; <<>> DiG 9.2.0 <<>> @stardust www.progressive.com
> ;; global options:  printcmd
> ;; connection timed out; no servers could be reached
> 
> 
> I get the same message when looking up www.bn.com.
> 
> However, if I do a dig on just progressive.com, here's what I get:
> 
> 
> kev at stardust kev]$ dig @stardust progressive.com
> 
> ; <<>> DiG 9.2.0 <<>> @stardust progressive.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20156
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 2
> 
> ;; QUESTION SECTION:
> ;progressive.com.               IN      A
> 
> ;; ANSWER SECTION:
> progressive.com.        85225   IN      A       198.181.158.80
> 
> ;; AUTHORITY SECTION:
> progressive.com.        85225   IN      NS      ns3.cw.net.
> progressive.com.        85225   IN      NS      ns1.progressive.com.
> progressive.com.        85225   IN      NS      ns2.progressive.com.
> 
> ;; ADDITIONAL SECTION:
> ns1.progressive.com.    85225   IN      A       199.244.232.50
> ns3.cw.net.             34013   IN      A       204.70.25.234
> 
> ;; Query time: 4 msec
> ;; SERVER: 10.0.0.5#53(stardust)
> ;; WHEN: Sat Sep 21 21:57:51 2002
> ;; MSG SIZE  rcvd: 141
> 
> 
> If I query my ISP's DNS servers for www.progressive.com, here's what
> they report:
> 
> 
> [kev at stardust kev]$ dig @ns.fast.net www.progressive.com
> 
> ; <<>> DiG 9.2.0 <<>> @ns.fast.net www.progressive.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31803
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL:
> 0
> 
> ;; QUESTION SECTION:
> ;www.progressive.com.           IN      A
> 
> ;; ANSWER SECTION:
> www.progressive.com.    0       IN      A       206.156.186.35
> 
> ;; Query time: 47 msec
> ;; SERVER: 198.69.204.2#53(ns.fast.net)
> ;; WHEN: Sat Sep 21 21:58:46 2002
> ;; MSG SIZE  rcvd: 53
> 
> 
> The only thing that I can think of is that my Red Hat Linux 7.3
> installation is fairly new; I've checked the configuration of BIND to
> make sure I'm not missing anything and it seems okay.
> 
> Has anyone else experienced this sort of problem, and have they
> figured out a way to correct it?
> 
> Thanks,
> 
> Kev Bittner
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list