Part of this fixed itself when I power cycled the darn gateway router. I have no idea what happened there. I feel like a dog chasing my tail today. Thank you Warren and Alan for helping me out.
On Sun, Mar 21, 2010 at 3:47 PM, Warren Kumari <war...@kumari.net> wrote: > wkum...@lisa:~$ ping 71.12.99.115 > PING 71.12.99.115 (71.12.99.115) 56(84) bytes of data. > > --- 71.12.99.115 ping statistics --- > 5 packets transmitted, 0 received, 100% packet loss, time 4016ms > > wkum...@lisa:~$ dig SOA castor.lazarusalliance.com @71.12.99.115 > > ; <<>> DiG 9.7.0-P1 <<>> SOA castor.lazarusalliance.com @71.12.99.115 > ;; global options: +cmd > ;; connection timed out; no servers could be reached > wkum...@lisa:~$ > > > Cannot get there? > > route-views>sho ip route 71.12.99.115 > % Network not in table > route-views>sho ip bgp 71.12.99.115 > BGP routing table entry for 71.12.96.0/20, version 4184824908 > Paths: (34 available, no best path) > Flag: 0x820 > Not advertised to any peer > 701 3356 20115, (aggregated by 20115 172.31.148.182) > 157.130.10.233 (inaccessible) from 157.130.10.233 (137.39.3.60) > Origin IGP, localpref 100, valid, external, atomic-aggregate > 3277 3216 19151 20115, (aggregated by 20115 172.31.148.182) > 194.85.102.33 (inaccessible) from 194.85.102.33 (194.85.4.16) > Origin IGP, localpref 100, valid, external, atomic-aggregate > Community: 210766776 210766877 214764688 1255080936 1255140942 > 1255144956 1318259640 1318319642 > 7500 2516 19151 20115, (aggregated by 20115 172.31.148.182) > 202.249.2.86 (inaccessible) from 202.249.2.86 (203.178.133.115) > Origin IGP, localpref 100, valid, external, atomic-aggregate > 1239 19151 20115, (aggregated by 20115 172.31.148.182) > 144.228.241.130 (inaccessible) from 144.228.241.130 (144.228.241.130) > Origin IGP, localpref 100, valid, external, atomic-aggregate > 3333 3356 20115, (aggregated by 20115 172.31.148.182) > [SNIP] > > W > > > > > > On Mar 21, 2010, at 12:41 PM, michael peters wrote: > > Here is more information. >> >> I'm testing my external BIND 9.6.1 systems with >> http://www.checkdns.net/powercheck.aspx. Outbound resolution is fine. >> Internal resolution is fine. External resolution seems to be the problem. My >> firewall allows port 53 UDP and TCP. >> >> The messages I get are: >> >> Found NS record: castor.lazarusalliance.com[71. >> 12.99.115], was resolved to IP address by G.GTLD-SERVERS.NET >> Found NS record: pollux.lazarusalliance.com[71.12.99.116], was resolved >> to IP address by G.GTLD-SERVERS.NET >> Domain has 2 DNS server(s) >> >> CheckDNS.NET is verifying if NS are alive >> Error fetching SOA from castor.lazarusalliance.com [71.12.99.115], >> request timed out. Probably DNS server is offline. >> Error fetching SOA from pollux.lazarusalliance.com [71.12.99.116], >> request timed out. Probably DNS server is offline. >> 0 server(s) are alive >> No DNS servers alive, tests stopped >> >> What other information should I provide to be helpful in getting this >> solved? >> >> >> - Show quoted text - >> On Sun, Mar 21, 2010 at 2:03 PM, Alan Clegg <acl...@isc.org> wrote: >> - Show quoted text - >> michael peters wrote: >> > Is it a problem to get a message from a DNS checking tool that indicates >> > "Error fetching SOA from ns1.example.com <http://ns1.example.com>?" >> Both >> > of my external BIND 9.6.1 servers respond the same way and I'm assuming >> > that I need to add something to my configuration. >> >> We know nothing about your configuration, nothing about the zone that >> you are trying to serve, and nothing about the "checking tool" that you >> are using to test. >> >> Not much to go on. Feel free to post configuration information and we >> might be able to help. >> >> AlanC >> >> >> _______________________________________________ >> bind-users mailing list >> bind-users@lists.isc.org >> https://lists.isc.org/mailman/listinfo/bind-users >> >> Reply >> Reply to all >> Forward >> >> >> >> >> >> Reply >> >> | >> >> michael peters ✆ to Alan, Bind >> show details 2:40 PM (0 minutes ago) >> >> Here are the configuration files. >> >> >> # more named.conf >> include "/etc/bind/named.conf.options" >> ; >> >> // prime the server with knowledge of the root servers >> zone "." { >> type hint; >> file "/etc/bind/db.root"; >> }; >> >> // be authoritative for the localhost forward and reverse zones, and for >> // broadcast zones as per RFC 1912 >> >> zone "localhost" { >> type master; >> file "/etc/bind/db.local"; >> }; >> >> zone "127.in-addr.arpa" { >> type master; >> file "/etc/bind/db.127"; >> }; >> >> zone "0.in-addr.arpa" { >> type master; >> file "/etc/bind/db.0"; >> }; >> >> zone "255.in-addr.arpa" { >> type master; >> file "/etc/bind/db.255"; >> }; >> >> >> zone "lazarusalliance.com" { >> type master; >> file "/etc/bind/db.lazarusalliance.com.hosts"; >> allow-update { >> any; >> }; >> allow-transfer { >> any; >> }; >> allow-query { >> any; >> }; >> }; >> >> zone "99.12.71.in-addr.arpa" { >> type master; >> file "/etc/bind/71.12.99.rev"; >> }; >> >> include "/etc/bind/named.conf.local"; >> logging { >> category lame-servers { >> null; >> }; >> }; >> key rndc-key { >> algorithm hmac-md5; >> secret "********************************************"; >> }; >> controls { >> inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; }; >> }; >> ++++++++++++++++++++++++++++++ >> >> # more named.conf.local >> // >> // Do any local configuration here >> // >> >> // Consider adding the 1918 zones here, if they are not used in your >> // organization >> //include "/etc/bind/zones.rfc1918"; >> >> ++++++++++++++++++++++++++++++ >> >> # more named.conf.options >> options { >> directory "/var/cache/bind"; >> >> // If there is a firewall between you and nameservers you want >> // to talk to, you might need to uncomment the query-source >> // directive below. Previous versions of BIND always asked >> // questions using port 53, but BIND 8.1 and later use an >> unprivileged >> // port by default. >> >> query-source address * port 53; >> >> // If your ISP provided one or more IP addresses for stable >> // nameservers, you probably want to use them as forwarders. >> // Uncomment the following block, and insert the addresses >> replacing >> // the all-0's placeholder. >> >> // forwarders { >> // 0.0.0.0; >> // }; >> >> auth-nxdomain no; # conform to RFC1035 >> listen-on-v6 { any; }; >> allow-transfer { >> any; >> }; >> allow-query { >> any; >> }; >> }; >> >> ++++++++++++++++++++++++++++++ >> >> # more db.lazarusalliance.com.hosts >> $ttl 3600 >> @ IN SOA castor.lazarusalliance.com. >> postmaster.lazarusalliance.com. ( >> 2010022604 >> 1200 >> 3600 >> 1209600 >> 3600 ) >> ; >> @ 3600 IN NS >> castor.lazarusalliance.com. >> @ 3600 IN NS >> pollux.lazarusalliance.com. >> ; >> castor.lazarusalliance.com. IN A 71.12.99.115 >> pollux.lazarusalliance.com. IN A 71.12.99.116 >> lazarusalliance.com. IN A 71.12.99.118 >> ; >> lazarusalliance.com. IN MX 5 castor.lazarusalliance.com. >> >> >> ++++++++++++++++++++++++++++++ >> >> # more 71.12.99.rev >> $TTL 38400 >> @ IN SOA castor.lazarusalliance.com. >> postmaster.lazarusalliance.com. ( >> 2010032007 >> 10800 >> 3600 >> 604800 >> 38400 ) >> @ IN NS castor.lazarusalliance.com. >> 115 IN PTR castor.lazarusalliance.com. >> 116 IN PTR pollux.lazarusalliance.com. >> 118 IN PTR lazarusalliance.com. >> >> >> On Sun, Mar 21, 2010 at 2:02 PM, Warren Kumari <war...@kumari.net> wrote: >> On Mar 21, 2010, at 11:21 AM, michael peters wrote: >> >> Is it a problem to get a message from a DNS checking tool that indicates >> "Error fetching SOA from ns1.example.com?" Both of my external BIND 9.6.1 >> servers respond the same way and I'm assuming that I need to add something >> to my configuration. >> >> >> In order for us to be able to provide you with useful answers, please >> provide us with the domain name, the name of the checking tool and the name >> of the server it is grumpy about. >> >> From a FAQ: http://dougbarton.us/DNS/bind-users-FAQ.html#RealNames >> >> W >> >> P.S: >> >> dig SOA ns1.example.com >> >> ; <<>> DiG 9.7.0-P1 <<>> SOA ns1.example.com >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51889 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 >> >> ;; QUESTION SECTION: >> ;ns1.example.com. IN SOA >> >> ;; AUTHORITY SECTION: >> example.com. 10800 IN SOA dns1.icann.org. >> hostmaster.icann.org. 2009100600 7200 3600 1209600 86400 >> >> ;; Query time: 76 msec >> ;; SERVER: 127.0.0.1#53(127.0.0.1) >> ;; WHEN: Sun Mar 21 14:59:42 2010 >> ;; MSG SIZE rcvd: 94 >> >> >> :-P >> >> >> >> Please advise. >> _______________________________________________ >> bind-users mailing list >> bind-users@lists.isc.org >> https://lists.isc.org/mailman/listinfo/bind-users >> >> >> >
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
