Two DNS Servers inside a firewall

ListAcc listacc at ocosa.com
Thu Sep 4 21:16:19 UTC 2008 

Hello,

For the life of me I can not find the details of the problem:  I have 
two servers in question, both are authoritative/cache servers.  One 
server is auth for a  few zones and the other one for a few zones due to 
a split hosting environment.  Running Bind 9.3.5-P2 and Bind 9.3.4-P1 on 
CentOS.  For this example I will identify them as server 1 and server 
2.  Also I have checked the logs nothing.

Server 1 can not resolve domains at Server 2 and vice versa.  It worked 
before I am not sure what happed.  I thought it was the root hints so I 
updated and not the culprit. When I issue a dig here is the output


[root at server2 ~]# dig company.com

; <<>> DiG 9.3.4-P1 <<>> company.com
;; global options:  printcmd
;; connection timed out; no servers could be reached


[root at server1 ~]# dig company2.com

; <<>> DiG 9.3.5-P2 <<>> company2.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6067
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 2

;; QUESTION SECTION:
;wizart1.com.                   IN      A

;; AUTHORITY SECTION:
com.                    140357  IN      NS      j.gtld-servers.net.
com.                    140357  IN      NS      k.gtld-servers.net.
com.                    140357  IN      NS      l.gtld-servers.net.
com.                    140357  IN      NS      m.gtld-servers.net.
com.                    140357  IN      NS      a.gtld-servers.net.
com.                    140357  IN      NS      b.gtld-servers.net.
com.                    140357  IN      NS      c.gtld-servers.net.
com.                    140357  IN      NS      d.gtld-servers.net.
com.                    140357  IN      NS      e.gtld-servers.net.
com.                    140357  IN      NS      f.gtld-servers.net.
com.                    140357  IN      NS      g.gtld-servers.net.
com.                    140357  IN      NS      h.gtld-servers.net.
com.                    140357  IN      NS      i.gtld-servers.net.

;; ADDITIONAL SECTION:
h.gtld-servers.net.     52569   IN      A       192.54.112.30
m.gtld-servers.net.     108692  IN      A       192.55.83.30

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Sep  4 14:39:35 2008
;; MSG SIZE  rcvd: 285


The zones have public IP addresses so the translation should work and 
resolve if using either server as a resolver.  Both servers will resolve 
the domains they are auth for any other domain not hosted on the server 
except the ones on each others server if this makes sense.

Thanks in advanced.

Otis

More information about the bind-users mailing list