help for the bind problem.
CS
shen.chang.cs at gmail.com
Tue Mar 21 03:01:25 UTC 2006
Thanks Kevin. My fault for misspell the file name. I tried dig, still
can not find why. Here is the detail information. I also open
firewall by using ipstables.
I also checked nsswitch.conf. it has line:
hosts: files dns
If in client's resolv.conf, I add one line
nameserver x.y.z.w
in addition to "nameserver 192.168.1.2", here x.y.z.w is my ISP's dns
and 192.168.1.2 is the local dns, then I can use dig to find out
information and got return from internet. If I comment out x.y.z.w,
then I use dig, I did not got anything. So I think the client uses
192.168.1.2 in resolv.conf.
Thanks in advance.
Here is some detail.
////////////////////////////
//from dns self
//dig hp 192.168.1.102
////////////////i///////////
; <<>> DiG 9.2.4 <<>> hp 192.168.1.102
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37367
.......
;; WHEN: Mon Mar 20 21:30:51 2006
;; MSG SIZE rcvd: 106
/////////////////
//cat dns-named.log
/////////////////
Mar 20 21:29:20.012 general: info: zone 0.in-addr.arpa/IN: loaded
serial 42
Mar 20 21:29:20.014 general: info: zone 0.0.127.in-addr.arpa/IN: loaded
serial 1290
Mar 20 21:29:20.016 general: info: zone 1.168.192.in-addr.arpa/IN:
loaded serial 1291
Mar 20 21:29:20.018 general: info: zone 255.in-addr.arpa/IN: loaded
serial 1290
Mar 20 21:29:20.020 general: info: zone
0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN:
loaded serial 1997022700
Mar 20 21:29:20.021 general: info: zone localhost/IN: loaded serial
1290
Mar 20 21:29:20.023 general: info: zone home.net/IN: loaded serial 1290
Mar 20 21:29:20.025 general: info: zone bind/CH: loaded serial 1290
Mar 20 21:29:20.025 general: info: running
Mar 20 21:29:20.026 notify: info: zone bind/CH: sending notifies
(serial 1290)
/////////////////
//cat dns-query.log
/////////////////
Mar 20 21:29:49.879 info: client 127.0.0.1#32860: query: hp IN A
Mar 20 21:29:51.231 info: client 127.0.0.1#32862: query: 192.168.1.102
IN A
Mar 20 21:30:48.091 info: client 127.0.0.1#32863: query: hp IN A
Mar 20 21:30:49.801 info: client 127.0.0.1#32865: query: 192.168.1.102
IN A
///////////////////////////
//check firewall port
//service iptables status
///////////////////////////
Table: filter
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53
dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53
dpts:1024:65535
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
spt:953 dpts:1024:65535
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
spt:953 dpts:1024:65535
...........
///////////////////////
//from client use dig to find out information
//dig hp 192.168.1.2
//////////////////////
;;connection timed out; no server could be reached
/////////////////////////////////////
// check netstat of dns server
//netstat -an
////////////////////////////////////
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State
.................
tcp 0 0 192.168.1.102:53 0.0.0.0:*
LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:*
LISTEN
tcp 0 0 127.0.0.1:953 0.0.0.0:*
LISTEN
.................
udp 0 0 0.0.0.0:53 0.0.0.0:*
udp 0 0 192.168.1.102:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
.................
More information about the bind-users
mailing list