In article <mailman.19.1279633805.15649.bind-us...@lists.isc.org>, James Chase <chase1...@gmail.com> wrote:
> Hi, > > I have two views, one for a specific range of 8 IP's on the internet and one > view for "any" inluding internal servers. In my main named.conf I have > allowed recursion to specific hosts, including all of the hosts in both > views (which are specific using ACL's). > > I can use recursion on this server from any of the IP's which are in the > default view (matching "any" IP) but the IPs in the other view (the 8 IP's > on the internet) do not work. It doesn't give me an access denied message in > dig, it just times out. I have tested this by taking the 8 IP's out of the > view and then they do recursion just fine. I have also tried adding the > allow recursion line with specific IPs to the view where recursion doesn't > work but this did not help. > > Adding to the interest is that I have a second DNS server (the master > server) on the same network with the same ACL and views setup and behind the > same external firewall, with the same rules on the external firewall and the > internal firewall where recursion works just fine! Also the two servers are > clones of each other. > > I'm on 64 bit version of CentOS 5.5 with bind packge: > > bind-9.3.6-4.P1.el5_4.2 > bind-chroot-9.3.6-4.P1.el5_4.2 > > Thanks, > James Can the clients make non-recursive queries to the server? If you're getting a timeout, it sounds like a firewall is blocking the queries and/or the replies, and it doesn't seem like that would be specific to recursive queries. -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
