Two DNS Servers inside a firewall
ListAcc
listacc at ocosa.com
Thu Sep 4 21:16:19 UTC 2008
Hello,
For the life of me I can not find the details of the problem: I have
two servers in question, both are authoritative/cache servers. One
server is auth for a few zones and the other one for a few zones due to
a split hosting environment. Running Bind 9.3.5-P2 and Bind 9.3.4-P1 on
CentOS. For this example I will identify them as server 1 and server
2. Also I have checked the logs nothing.
Server 1 can not resolve domains at Server 2 and vice versa. It worked
before I am not sure what happed. I thought it was the root hints so I
updated and not the culprit. When I issue a dig here is the output
[root at server2 ~]# dig company.com
; <<>> DiG 9.3.4-P1 <<>> company.com
;; global options: printcmd
;; connection timed out; no servers could be reached
[root at server1 ~]# dig company2.com
; <<>> DiG 9.3.5-P2 <<>> company2.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6067
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 2
;; QUESTION SECTION:
;wizart1.com. IN A
;; AUTHORITY SECTION:
com. 140357 IN NS j.gtld-servers.net.
com. 140357 IN NS k.gtld-servers.net.
com. 140357 IN NS l.gtld-servers.net.
com. 140357 IN NS m.gtld-servers.net.
com. 140357 IN NS a.gtld-servers.net.
com. 140357 IN NS b.gtld-servers.net.
com. 140357 IN NS c.gtld-servers.net.
com. 140357 IN NS d.gtld-servers.net.
com. 140357 IN NS e.gtld-servers.net.
com. 140357 IN NS f.gtld-servers.net.
com. 140357 IN NS g.gtld-servers.net.
com. 140357 IN NS h.gtld-servers.net.
com. 140357 IN NS i.gtld-servers.net.
;; ADDITIONAL SECTION:
h.gtld-servers.net. 52569 IN A 192.54.112.30
m.gtld-servers.net. 108692 IN A 192.55.83.30
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep 4 14:39:35 2008
;; MSG SIZE rcvd: 285
The zones have public IP addresses so the translation should work and
resolve if using either server as a resolver. Both servers will resolve
the domains they are auth for any other domain not hosted on the server
except the ones on each others server if this makes sense.
Thanks in advanced.
Otis
More information about the bind-users
mailing list