Yep, zone for hint is right. No interesting messages "service named
checkconfig" (which RH has helpfully set up to run named-checkconf and
named-checkzone) shows that all is well.
:-(
On 07/08/10 15:55, Warren Kumari wrote:
On Jul 8, 2010, at 3:42 PM, Peter Laws wrote:
BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2
From the host itself, a slave for all my zones, I can resolve all my
zones. I cannot, however, resolve anything else.
For example, if I dig google.com I get a timeout.
Further, if I do a blank dig, I don't get the root servers even though
the hints zone is set up correctly.
Sure? Are you loading it?
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/namedb/db.root";
};
Do you have any interesting log messages at startup? Is the hints inna
view maybe?
w
The same is true if I try to resolve from a different host against
this host.
I thought of iptables and dumped those, but disabling iptables doesn't
change anything. In fact, if I look up the IP (of the google, say) on
another host I can ping that IP.
There are query ACLs set up, but I have confirmed that RFC 1918 space,
127/8, and our public IP range are all allowed to query the internal
stuff. The external zones are, of course, set to "any". (default, in
options, is internal-only, but the public zones all have any as
over-rides).
SELinux is set to enforcing, but no messages are showing up and based
on my experience, if SELinux is going to prevent BIND from working
it's going to COMPLETELY prevent it from working, not pick certain zones.
resolv.conf on the slave itself has 127.0.0.1 on the nameserver line.
The only thing different on this host vs my other slaves is some extra
notifies and allow-transfers from when this was still a master for
some zones (some other slaves *still* get a few zones from this host).
Missing something easy, I'm sure. But what?
--
Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
pl...@ou.edu
-----------------------------------------------------------------------
Feedback? Contact my director, Craig Cochell, cra...@ou.edu. Thank you!
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
For every complex problem, there is a solution that is simple, neat, and
wrong.
-- H. L. Mencken
--
Peter Laws / N5UWY
National Weather Center / Network Operations Center
University of Oklahoma Information Technology
pl...@ou.edu
-----------------------------------------------------------------------
Feedback? Contact my director, Craig Cochell, cra...@ou.edu. Thank you!
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
