Tired of failing DNS queries

Wael Shahin wael.shahin at gmail.com
Wed Jun 27 09:43:10 UTC 2007 

Hi,

Any advise? Is this a BIND 9.4.1 bug or is it a problem of BIND 9.4.1 on
Debian, or is it something else?


> >>>
> >>> ===========named.conf==============
> >>> acl badguys {
> >>>     0.0.0.0/8;
> >>>     1.0.0.0/8;
> >>>     2.0.0.0/8;
> >>>     5.0.0.0/8;
> >>>     7.0.0.0/8;
> >>>     10.0.0.0/8;
> >>>     23.0.0.0/8;
> >>>     27.0.0.0/8;
> >>>     31.0.0.0/8;
> >>>     36.0.0.0/8;
> >>>     37.0.0.0/8;
> >>>     39.0.0.0/8;
> >>>     42.0.0.0/8;
> >>>     49.0.0.0/8;
> >>>     50.0.0.0/8;
> >>>     94.0.0.0/8;
> >>>     95.0.0.0/8;
> >>>     100.0.0.0/8;
> >>>     101.0.0.0/8;
> >>>     102.0.0.0/8;
> >>>     103.0.0.0/8;
> >>>     104.0.0.0/8;
> >>>     105.0.0.0/8;
> >>>     106.0.0.0/8;
> >>>     107.0.0.0/8;
> >>>     108.0.0.0/8;
> >>>     109.0.0.0/8;
> >>>     110.0.0.0/8;
> >>>     111.0.0.0/8;
> >>>     112.0.0.0/8;
> >>>     113.0.0.0/8;
> >>>     114.0.0.0/8;
> >>>     115.0.0.0/8;
> >>>     169.254.0.0/16;
> >>>     173.0.0.0/8;
> >>>     174.0.0.0/8;
> >>>     175.0.0.0/8;
> >>>     176.0.0.0/8;
> >>>     177.0.0.0/8;
> >>>     178.0.0.0/8;
> >>>     179.0.0.0/8;
> >>>     180.0.0.0/8;
> >>>     181.0.0.0/8;
> >>>     182.0.0.0/8;
> >>>     183.0.0.0/8;
> >>>     184.0.0.0/8;
> >>>     185.0.0.0/8;
> >>>     186.0.0.0/8;
> >>>     187.0.0.0/8;
> >>>     192.0.2.0/24;
> >>>     197.0.0.0/8;
> >>>     223.0.0.0/8;
> >>>     224.0.0.0/3;};
> >>> acl trusted { 212.71.32.0/19; 213.181.160.0/19; 213.210.192.0/18;
> >>> 91.151.160/22; 85.129.128.0/17; 84.9.0.0/15; 84.23.96.0/21;
> >>> 217.145.240.0/20; 81.21.60.0/22; 192.168.1.0/16; 172.16.0.0/16;
> >>> 89.4.0.0/15; 91.147.128.0/23; 91.147.130.0/24; 193.227.127.0/24;
> >>> 193.22.249.0/24; };
> >>> acl secondaries {   192.168.1.101;  192.168.1.102; };
> >>> options {
> >>> 	directory "/var/named";
> >>> 	dump-file "/var/named/data/cache_dump.db";
> >>> 	pid-file "/var/named/named.pid";
> >>> 	statistics-file "/var/named/data/named_stats.txt";
> >>> 	version "Get Lost";
> >>> 	allow-query { trusted; localhost; };
> > on BIND bind-9.2.4-16.EL4 this allow query worked and still working
> > properly. now the same configuration with BIND 9.4.1 and I can  
> > query the
> > DNS from non-trusted sources and of course the DNS will reply with the
> > records if they were cached or refer to the zones name servers if not.
> > on bind-9.2.4-16.EL4 it says query refused

More information about the bind-users mailing list