server will only answer for it's own zones
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Sun Jan 13 23:34:49 UTC 2002
>
> For clarity note that the actual named.root entry is:
>
> zone "." IN {
> type hint;
> file "named.root";
> };
Well what do you have in named.root?
>
> Also, named starts with no errors to speak of:
>
> Jan 13 14:14:55 NS2 named[11688]: shutting down
> Jan 13 14:14:55 NS2 named[11688]: no longer listening on 127.0.0.1#53
> Jan 13 14:14:55 NS2 named[11688]: no longer listening on 24.197.31.131#53
Well it looks like you have routing problems. Whether they are
permanent or not I don't know. Check that you can ping the root
servers (use there IP addresses and -n so that the DNS is not
involved). Next use 'dig ns . @<root-server-IP-address>' to
see if you can get DNS answers from the root servers.
traceroute to 24.197.31.131 (24.197.31.131), 64 hops max, 40 byte packets
1 n200 (130.155.191.238) 16.692 ms 18.785 ms 16.746 ms
2 octopus.tip.CSIRO.AU (130.155.192.7) 44.841 ms 33.639 ms 30.540 ms
3 rpl.gw.CSIRO.AU (130.155.192.2) 30.460 ms 30.986 ms 30.486 ms
4 nsw.gw.CSIRO.AU (130.155.1.141) 32.995 ms 32.615 ms 34.665 ms
5 nswrno2-atm4-0-ultimo.nswrno.net.au (203.15.123.37) 31.793 ms 31.910 ms 33.115 ms
6 ATM3-0-0-1.ia4.optus.net.au (202.139.139.121) 36.745 ms 36.070 ms 36.870 ms
...
25 ATM3-0-0-1.ia4.optus.net.au (202.139.139.121) 35.776 ms !H * 125.238 ms !H
> Jan 13 14:14:55 NS2 named[11684]: exiting
> Jan 13 14:14:55 NS2 named: named shutdown succeeded
> Jan 13 14:14:55 NS2 named[13307]: starting BIND 9.1.0 -u named -d3
Please upgrade BIND 9.2.0 is out. BIND 9.1.0 is well past its
"use by" date.
> Jan 13 14:14:55 NS2 named: named startup succeeded
> Jan 13 14:14:55 NS2 named[13307]: using 1 CPU
> Jan 13 14:14:55 NS2 named[13311]: loading configuration from=
> '/etc/named.conf'
> Jan 13 14:14:55 NS2 named[13311]: the default for the 'auth-nxdomain'=20
> option is now 'no'
> Jan 13 14:14:55 NS2 named[13311]: no IPv6 interfaces found
> Jan 13 14:14:55 NS2 named[13311]: listening on IPv4 interface lo,=
> 127.0.0.1#53
> Jan 13 14:14:55 NS2 named[13311]: listening on IPv4 interface eth0,=20
> 24.197.31.131#53
> Jan 13 14:14:55 NS2 named[13311]: running
>
> At 08:59 AM 1/13/2002 -0500, you wrote:
>
> >Hello:
> >
> >I have a server that will not answer for any zone other than one in which
> >it is authoritative. I have tried this with recursive on or left out of
> >the config with no change in behavior. I have ensured that there is no
> >packet filtering involved as I have removed the firewall for all testing
> >sessions. The named.conf is at the end of the email. This really looks
> >like it has a bum named.root cache, but I am no expert. Here is a dig that
> >will show my point (the first is for a zone that it is authoritative for
> >and the second is not):
> >
> >[root at kites net]# dig @ns2.ci.bedford.va.us kites.org. any
> >
> >; <<>> DiG 9.1.3 <<>> @ns2.ci.bedford.va.us kites.org. any
> >;; global options: printcmd
> >;; Got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63979
> >;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 2
> >
> >;; QUESTION SECTION:
> >;kites.org. IN ANY
> >
> >;; ANSWER SECTION:
> >kites.org. 900 IN SOA kites.kites.org.
> >james.kites.org. 200201071 900 300 2592000 900
> >kites.org. 900 IN NS kites.kites.org.
> >kites.org. 900 IN NS ns2.ci.bedford.va.us.
> >kites.org. 900 IN MX 5 kites.kites.org.
> >
> >;; AUTHORITY SECTION:
> >kites.org. 900 IN NS ns2.ci.bedford.va.us.
> >kites.org. 900 IN NS kites.kites.org.
> >
> >;; ADDITIONAL SECTION:
> >ns2.ci.bedford.va.us. 900 IN A 24.197.31.131
> >kites.kites.org. 900 IN A 24.197.0.67
> >
> >;; Query time: 58 msec
> >;; SERVER: 24.197.31.131#53(ns2.ci.bedford.va.us)
> >;; WHEN: Sun Jan 13 08:45:26 2002
> >;; MSG SIZE rcvd: 199
> >
> >[root at kites net]# dig @ns2.ci.bedford.va.us hp.com. any
> >
> >; <<>> DiG 9.1.3 <<>> @ns2.ci.bedford.va.us hp.com. any
> >;; global options: printcmd
> >;; connection timed out; no servers could be reached
> >
> >Here is the named.conf (with many zones deleted for brevity):
> >
> >logging {
> > category lame-servers { null; };
> > category default { default_syslog; default_debug; };
> > channel default_debug {
> > file "/var/log/named"; # write to named.run in the=
> working
> >directory
> > # Note: stderr is used instead of
> >"named.run"
> > # if the server is started with the -f
> >option.
> > severity dynamic; # log at the server's current debug=
> level
> > };
> >};
> >
> >options {
> > allow-recursion {
> > any;
> > };
> > notify no;
> > directory "/etc/dns";
> > query-source address * port 53;
> > forwarders {
> > 198.6.1.122;
> > 198.6.1.142;
> > 198.6.1.146;
> > };
> >};
> >
> >zone "0.0.127.IN-ADDR.ARPA" {
> > type master;
> > file "named.local";
> >};
> >
> >zone "ci.bedford.va.us" {
> > type slave;
> > file "db.ci.bedford.va.us";
> > masters { 24.197.0.67; };
> >};
> >
> >zone "kites.org" {
> > type slave;
> > file "db.kites.org";
> > masters { 24.197.0.67; };
> >};
> >
> >zone "." IN {
> > type hint;
> > file "named.root";
> > }
>
> ..........__o
> ... ..... \<
> ..... (_)/(_)
>
> James Ervin
> "When I see an adult on a bicycle, I do not despair for the future of
> the human race." =97H. G. Wells
>
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list