In article <[email protected]>, Nelson Vale <[email protected]> wrote:
> I've been facing a problem in my private network which I was not able to fix > yet. > > In my gateway (linux debian alike) I have bind 9.5 installed and running, > and I have one IPSec tunnel to another gateway over the internet. It also > has configured a forward zone with the name server being the other gateway > internal address (accessibly through the IPSec tunnel only). > > Recently the other IPSec endpoint was shutdown and, of course, my queries to > the forward domain started failling. Nothing strange here... > > The real problem is that I suddendly were not able to resolve any other DNS > queries, like www.google.com, from inside my network: > > "host www.google.com > ;; connection timed out; no servers could be reached" > > I took a look at the named daemon and I see that it does not respond to > anything as long as the IPSec tunnel is down, but only if it's the other > endpoint that is down. I've tried stopping my endpoint and this problem do > not occur as long as I restart named. I think this happens because as long > as my endpoint is up the routes to the other endpoint are set, and named > trys to querie the forward domain name server. The problem is that the > queries do not timeout and named hangs there: I recall a thread about a similar problem a year or two ago, I suggest you search the comp.protocols.dns.bind archives in Google Groups. -- Barry Margolin, [email protected] Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
