Scott Haneda wrote: > $dig sugardimplesdesigns.com SOA @ns1.hostwizard.com +short
Do you block 53/tcp anywhere on the path to your nameserver? It rejects TCP queries: | dig +tcp sugardimplesdesigns.com SOA @ns1.hostwizard.com +short | ;; Connection to 64.84.37.14#53(64.84.37.14) for sugardimplesdesigns.com failed: connection refused. This matches the error log from your secondary: > Description: > transfer of 'sugardimplesdesigns.com/IN' from 64.84.37.14#53: failed to > connect: connection refused You must allow TCP to port 53 for DNS to function properly. > Appears to me I am refusing them, I do not see it in my logs, what logs > would be it in, or what logging statements would I turn on to be able to > diagnose this? I would probably first check if the server actually listens on 53/tcp (with fuser, netstat or similar) and then use tcpdump. Hauke.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
