FreeBSD 7.2-RELEASE
BIND 9.6.0-P1
resolv.conf:
nameserver 127.0.0.1
machine is postfix MX relay-only gateway
on a separate machines, zen.dnsbld.domain.net on IPs 10.1.60.1 & 10.1.60.2,
rbldnsd is running a local copy of zen.spamhaus
nmap shows 10.1.60.1 and 10.1.60.2 with port 53 UDP open.
dig @10.1.60.1 or .2 d.c.b.a.zen.dnsbld.domain.net works.
named.conf:
zone "zen.dnsbld.domain.net" { type forward; forwarders { 10.1.60.1 ; 10.1.60.2
; }; forward only; };
and no other forwarding statements.
named query logging shows client 127.0.0.1 (postfix/postscreen) sending queries
to 127.0.0.1
tshark capture shows the BIND machine sending queries to the NSs authoritative
for domain.net, rather than forwarding to the above forwarders.
The above situation on 3 different MXs. The weirdest is that when we fired up
private zen and forwarding on the 3 MXs, they all worked immediately,
perfectly, for about 24 hours, millions of queries, then within a few minutes,
they all stopped working with the zen servers, and haven't worked since.
stop/start postfix and named has not effect.
What is overriding the zone forwarding?
Len
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
