odd behaviour: BIND 9.3.3rc2
Ralph Young
ralph at f7.net
Mon Nov 26 18:55:42 UTC 2007
Not sure if this one was ever resolved, but I'm seeing similar problems with
Bind 9.4.1p. From limited testing it appears the problem is related to the
query-source port option. Sometimes hosts will be configured to filter
packets that have a source port below 1024, it appears in this case the
query is never making it up to the nameserver when the query-source port is
53, therefore no response. When I comment out the query-source port option,
it works fine.
Unfortunately the query-source port option is necessary to get through the
firewall. Am I understanding this correctly ? - assuming the only way
around it is to configure another nameserver without this query-source port
option ?
On Aug 29, 2007 9:20 AM, Felipe Ceglia - PY1NB <felipe-listas at terenet.com.br>
wrote:
> Hello again, bind gurus,
>
> I am running BIND 9.3.3rc2 on a centos box.
>
> It happens that I cant resolve some hosts, like:
>
> dig redelagos.com.br
> dig teresopolis.unimed.com.br
>
> And I can resolve it from other dns servers.
>
> Surely there is something wrong, but I cant figure what.
>
> Any ideas?
>
>
> My /etc/named.conf looks like:
>
> options
> {
> query-source port 53;
> query-source-v6 port 53;
> directory "/var/named"; // the default
> dump-file "data/cache_dump.db";
> statistics-file "data/named_stats.txt";
> memstatistics-file "data/named_mem_stats.txt";
>
> };
> logging
> {
> channel default_debug {
> file "data/named.run";
> severity dynamic;
> };
> };
> view "internal"
> {
> include "/etc/named.root.hints";
> };
> //
> view "external"
> {
> recursion yes;
> zone "." IN {
> type hint;
> file "named.root";
> };
> zone "domain.com" {
> type master;
> file "named.domain.com";
> };
>
> };
>
>
>
More information about the bind-users
mailing list