can't-resolve
Mohammed Ejaz
mejaz at cyberia.net.sa
Thu Dec 25 08:05:53 UTC 2014
Thank you for prompt support really appreciate.
my /etc/named.conf, see recursion are enabled. still I can resolve the
yahoo.com or any outside domains.
=============================================
> set debug
> yahoo.com
Server: 212.119.64.228
Address: 212.119.64.228#53
------------
QUESTIONS:
yahoo.com, type = A, class = IN
ANSWERS:
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
** server can't find yahoo.com: SERVFAIL
==========================================================================
bash-2.03# vi /etc/named.conf
"/etc/named.conf" 63 lines, 1173 characters
options {
directory "/var/named";
listen-on port 53 { 212.119.64.228; 212.119.64.12;};
version "Have a nice day!, Good Bye";
recursion yes;
notify no;
};
logging {
channel querylog{
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;}; };
"/etc/named.conf" 62 lines, 1149 characters
bash-2.03# /usr/sbin/named.reload
server reload successful
bash-2.03# ps -ef | grep -i named
root 497 1 0 10:41:41 ? 0:00 /usr/local/sbin/named -4
bash-2.03# kill -9 497
bash-2.03# ps -ef | grep -i named
bash-2.03# /usr/local/sbin/named -4
bash-2.03# ps -ef | grep -i named
root 517 1 0 10:47:01 ? 0:00 /usr/local/sbin/named -4
bash-2.03# host yahoo.com
;; connection timed out; no servers could be reached
bash-2.03# more /etc/named.conf
options {
directory "/var/named";
listen-on port 53 { 212.119.64.228; 212.119.64.12;};
version "Have a nice day!, Good Bye";
recursion yes;
notify no;
};
logging {
channel querylog{
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;}; };
named.conf (37%)
...skipping...
options {
directory "/var/named";
listen-on port 53 { 212.119.64.228; 212.119.64.12;};
version "Have a nice day!, Good Bye";
recursion yes;
notify no;
};
logging {
channel querylog{
file "/var/log/querylog";
severity debug 10;
print-category yes;
print-time yes;
print-severity yes;
};
category queries { querylog;}; };
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { rndc-key; }; };
//
// boot file for name server
// type domain source host/file backup file
// ---- ------ ------ --------- -----------
zone "." {
type hint;
file "named.root";
};
zone "localhost" {
type master;
file "db.localhost";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "db.localhost.rev";
};
zone "cyberiamall.net" {
type master;
file "cyberiamall.net.hosts";
};
zone "makksab.com" {
type master;
file "makksab.com.hosts";
};
//End
zone "kalam.net.sa." {
type master;
file "kalam.net.sa.hosts";
};
============================================================================
===========================================================================
one of the zone file
bash-2.03# more kalam.net.sa.hosts
$TTL 30
; Addresses and other host information
;
;
@ IN SOA ns4.kalam.net.sa. root.kalam.net.sa. (
2005032202 ; serial
43200 ; refresh every 12 hours
4320 ; retry after 1 hour
1209600 ; expire after 2 weeks
21600 ) ; minimum
; Define the name servers and mail servers
IN NS ns1.kalam.net.sa.
IN NS ns2.kalam.net.sa.
IN MX 10 smtp.cyberia.net.sa.
; Define localhost
localhost IN A 127.0.0.1
; Define hosts in this zone
ejaz IN A 212.119.65.226
ns1 IN A 212.119.64.226
ns2 IN A 212.119.64.228
============================================================================
===============================================================
-----Original Message-----
From: bind-users-bounces at lists.isc.org
[mailto:bind-users-bounces at lists.isc.org] On Behalf Of Steven Carr
Sent: Thursday, December 25, 2014 10:08 AM
To: Bind users
Subject: Re: can't-resolve
Ah so this is to do with recursion.
Check the settings on the 212.119.64.228 server to ensure that recursion is
turned on and allowed for the clients that need to be able to resolve
domains that the server is not authoritative for.
You'll also have to make sure that 212.119.64.228 has unrestricted DNS
access to the Internet so that it can resolve those domains and return them
back to your clients.
Steve
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
More information about the bind-users
mailing list