caching does not seem to be working for internal view

Greg Choules gregchoules+bindusers at googlemail.com
Wed Aug 3 13:39:10 UTC 2022 

Hi Robert.
May we see the file /etc/resolv.conf and your BIND configuration? It's
difficult to guess what might be going on with only a small snippet of
information.
If you "ping somewhere" (or "ssh a-server", or whatever) the OS will
consult resolv.conf to determine where to send DNS queries. If that's not
your local instance of BIND then you could be looking for trouble in the
wrong place.

If you *do* have an address of the local machine as the first 'nameserver'
entry in resolv.conf you will need to know what that query looks like to
determine how BIND is going to handle it.
You also need to know what BIND will try and do when it does receive
queries.

Packet captures are your friend here, using tcpdump (to disk, not to
screen). Gather evidence first, then make theories.

Cheers, Greg

On Wed, 3 Aug 2022 at 14:29, Robert Moskowitz <rgm at htt-consult.com> wrote:

> Part of my problem is that caching does not seem to be working in my
> internal view.
>
> Something is happening such that my internal systems AND the server
> itself cannot resolve names and looses it even 5 min later, indicating
> not caching.
>
> I read https://kb.isc.org/docs/aa-00851
>
> In my include for the internal view (named.internal) I have:
>
>      match-clients        { httnets; };
>      match-destinations    { httnets; };
>      allow-query        { httnets; };
>      allow-query-cache    { httnets; };
>      allow-recursion        { any; };
>      recursion yes;
>      empty-zones-enable yes;
>
> Yet I get on my DNS server:
>
> ping www.google.com
> ping: www.google.com: Name or service not known
>
> Then later it works.
>
> Then later it doesn't again.
>
> Sigh.  If at least caching was working for internal use, I would be able
> to work more smoothy?
>
>
>
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20220803/3df46836/attachment.htm>

More information about the bind-users mailing list