---------- Original Message ----------------------------------
From: "Len Conrad" <lcon...@go2france.com>
Reply-To: lcon...@go2france.com
Date: Wed, 29 Sep 2010 15:58:13 +0200
>FreeBSD 7.2-RELEASE
>
>BIND 9.6.0-P1
>
>resolv.conf:
>nameserver 127.0.0.1
>
>
>machine is postfix MX relay-only gateway
>
>on a separate machines, zen.dnsbld.domain.net on IPs 10.1.60.1 & 10.1.60.2,
>rbldnsd is running a local copy of zen.spamhaus
>
>nmap shows 10.1.60.1 and 10.1.60.2 with port 53 UDP open.
>
>dig @10.1.60.1 or .2 d.c.b.a.zen.dnsbld.domain.net works.
>
>named.conf:
>
>zone "zen.dnsbld.domain.net" { type forward; forwarders { 10.1.60.1 ;
>10.1.60.2 ; }; forward only; };
>
>and no other forwarding statements.
>
>named query logging shows client 127.0.0.1 (postfix/postscreen) sending
>queries to 127.0.0.1
>
>tshark capture shows the BIND machine sending queries to the NSs authoritative
>for domain.net, rather than forwarding to the above forwarders.
>
>The above situation on 3 different MXs. The weirdest is that when we fired up
>private zen and forwarding on the 3 MXs, they all worked immediately,
>perfectly, for about 24 hours, millions of queries, then within a few minutes,
>they all stopped working with the zen servers, and haven't worked since.
>stop/start postfix and named has not effect.
>
>What is overriding the zone forwarding?
>
========
fixed, was typo in the forward zone name. They typo was inconsequential and
worked for one day, until someone removed the NS delegation records for the zen
zone from the domain.net auth servers.
Len
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
