Can not query remotely
Tommy
tomnospam at lugh.boley.org
Wed Sep 22 16:38:51 UTC 2004
Why would dns queries only work locally?
(SERVICE is up)=20
[root at lugh root]# service named status
number of zones: 5
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
[root at lugh root]#
First Query goes to my secondary probivied by isp and has incorrect
infomaiton.
---------------------------------------
[root at lugh root]# dig puck.boley.org
; <<>> DiG 9.2.1 <<>> puck.boley.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56064
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;puck.boley.org. IN A
;; ANSWER SECTION:
puck.boley.org. 7200 IN A 216.254.88.2
;; Query time: 45 msec
;; SERVER: 216.254.95.2#53(216.254.95.2)
;; WHEN: Wed Sep 22 12:17:42 2004
;; MSG SIZE rcvd: 48
---------------------------
Now I query my server
; <<>> DiG 9.2.1 <<>> @lugh.boley.org puck.boley.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34358
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1
;; QUESTION SECTION:
;puck.boley.org. IN A
;; ANSWER SECTION:
puck.boley.org. 86400 IN A 216.254.88.3
;; AUTHORITY SECTION:
boley.org. 86400 IN NS 216.254.95.2.
boley.org. 86400 IN NS lugh.boley.org.
boley.org. 86400 IN NS 216.254.88.2.
;; ADDITIONAL SECTION:
lugh.boley.org. 86400 IN A 216.254.88.2
;; Query time: 5 msec
;; SERVER: 127.0.0.1#53(lugh.boley.org)
;; WHEN: Wed Sep 22 12:18:21 2004
;; MSG SIZE rcvd: 134
--------------------
Lets just verfify that:
root at lugh root]# dig @216.254.88.2 puck.boley.org
; <<>> DiG 9.2.1 <<>> @216.254.88.2 puck.boley.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60069
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1
;; QUESTION SECTION:
;puck.boley.org. IN A
;; ANSWER SECTION:
puck.boley.org. 86400 IN A 216.254.88.3
;; AUTHORITY SECTION:
boley.org. 86400 IN NS lugh.boley.org.
boley.org. 86400 IN NS 216.254.88.2.
boley.org. 86400 IN NS 216.254.95.2.
;; ADDITIONAL SECTION:
lugh.boley.org. 86400 IN A 216.254.88.2
;; Query time: 5 msec
;; SERVER: 216.254.88.2#53(216.254.88.2)
;; WHEN: Wed Sep 22 12:20:05 2004
;; MSG SIZE rcvd: 134
-----------------------
Notice that the correct IP for puck is given.
Ok now from a romote location
----------------------------------------
shell2.speakeasy.net% dig @lugh.boley.org puck.boley.org
; <<>> DiG 9.2.4rc5 <<>> @lugh.boley.org puck.boley.org
;; global options: printcmd
;; connection timed out; no servers could be reached
shell2.speakeasy.net%
-------------------------------------
Maybe the port is down
[root at lugh root]# nmap lugh.boley.org
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on lugh.boley.org (127.0.0.1):
(The 1589 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open sunrpc
443/tcp open https
631/tcp open ipp
783/tcp open hp-alarm-mgr
953/tcp open rndc
3306/tcp open mysql
6000/tcp open X11
---------------------
My guess is either iptables is blocking the queries even though nmap says
it is open. Or Bind is incorrectly configured to only service local
requests. I am not sure what to look for. any suggestions are welcome
Thank you in advance.
More information about the bind-users
mailing list