BIND9 fails resolving after connecting to VPN
Stacey Marshall
stacey.marshall at gmail.com
Sat Apr 9 20:50:44 UTC 2011
I' wondering if the network your attaching to via VPN allows direct DNS
lookups?
I know of networks where the provided servers have firewall rules that allow
them to make queries but other servers are not.
You could test this theory by trying to connect to a root server with dig
when connected to VPN. For example:
$ dig @h.root-servers.net. www.seznam.cz
Regards, Stace
2011/4/9 kapetr <kapetr at mizera.cz>
> I see the cmd.txt is still ?! empty - so once again.
>
> ?!?! probably apparmor problem with firefox so I have to put the
> text here:
>
>
>
> root at duron650:/etc# dig www.seznam.cz
>
> ; <<>> DiG 9.7.1-P2 <<>> www.seznam.cz
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40867
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL:
> 0
>
> ;; QUESTION SECTION:
> ;www.seznam.cz. IN A
>
> ;; ANSWER SECTION:
> www.seznam.cz. 115 IN A 77.75.72.3
>
> ;; AUTHORITY SECTION:
> . 52889 IN NS h.root-servers.net.
> . 52889 IN NS c.root-servers.net.
> . 52889 IN NS b.root-servers.net.
> . 52889 IN NS l.root-servers.net.
> . 52889 IN NS k.root-servers.net.
> . 52889 IN NS a.root-servers.net.
> . 52889 IN NS j.root-servers.net.
> . 52889 IN NS g.root-servers.net.
> . 52889 IN NS d.root-servers.net.
> . 52889 IN NS m.root-servers.net.
> . 52889 IN NS e.root-servers.net.
> . 52889 IN NS f.root-servers.net.
> . 52889 IN NS i.root-servers.net.
>
> ;; Query time: 76 msec
> ;; SERVER: 194.228.2.1#53(194.228.2.1)
> ;; WHEN: Sat Apr 9 09:55:22 2011
> ;; MSG SIZE rcvd: 258
>
> root at duron650:/etc# dig @localhost www.seznam.cz
> ; <<>> DiG 9.7.1-P2 <<>> @localhost www.seznam.cz
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49592
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.seznam.cz. IN A
>
> ;; Query time: 2372 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Sat Apr 9 09:55:35 2011
> ;; MSG SIZE rcvd: 31
>
> root at duron650:/etc#
>
> hugo at duron650:~$ route -n
> Směrovací tabulka v jádru pro IP
> Adresát Brána Maska Přízn Metrik Odkaz
> Užt Rozhraní
> 217.114.215.250 10.6.6.138 255.255.255.255 UGH 0 0
> 0 eth0
> 10.6.6.0 0.0.0.0 255.255.255.0 U 1 0
> 0 eth0
> 172.31.0.0 0.0.0.0 255.255.0.0 U 0 0
> 0 tap0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0
> 0 eth0
> 0.0.0.0 172.31.255.254 128.0.0.0 UG 0 0
> 0 tap0
> 128.0.0.0 172.31.255.254 128.0.0.0 UG 0 0
> 0 tap0
> 0.0.0.0 10.6.6.138 0.0.0.0 UG 0 0
> 0 eth0
> hugo at duron650:~$
> hugo at duron650:~$
> hugo at duron650:~$ route -n
> Směrovací tabulka v jádru pro IP
> Adresát Brána Maska Přízn Metrik Odkaz
> Užt Rozhraní
> 10.6.6.0 0.0.0.0 255.255.255.0 U 1 0
> 0 eth0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0
> 0 eth0
> 0.0.0.0 10.6.6.138 0.0.0.0 UG 0 0
> 0 eth0
>
>
> --kapetr
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110409/5f1caff2/attachment.html>
More information about the bind-users
mailing list