Hello,
I am trying to visit "http://communities.intel.com"; using Iceweasel on
a Debian desktop PC. No proxies.
My clients etc/resolv.conf point to my own Debian BIND 9.7.3 installed
on a separate server and installed from distribution packages (bind9
1:9.7.3.dfsg-1~squeeze2).
From myDesktop, NSLOOKUP fails but DIG shows a CNAME record. I see the
same results from the BIND server so I've included just the output from
myDesktop below. Also included below is my named.conf.
Do I have something obvious in BIND screwed up? Or is my client/browser
broken? Or...?
----------------------------------------------------------
me@myDesktop:~$ nslookup communities.intel.com ns.iotk.net
Server: ns.iotk.net
Address: 99.30.25.1#53
** server can't find communities.intel.com: NXDOMAIN
----------------------------------------------------------
me@myDesktop:~$ dig communities.intel.com ns.iotk.net
; <<>> DiG 9.6-ESV-R3 <<>> communities.intel.com ns.iotk.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7908
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;communities.intel.com. IN A
;; ANSWER SECTION:
communities.intel.com. 207 IN CNAME intel-2.hs.llnwd.net.
;; AUTHORITY SECTION:
llnwd.net. 604800 IN SOA localhost.
root.localhost. 2008071301 604800 86400 2419200 604800
;; Query time: 2 msec
;; SERVER: 99.30.25.1#53(99.30.25.1)
;; WHEN: Mon Jul 4 22:51:42 2011
;; MSG SIZE rcvd: 123
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2702
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;ns.iotk.net. IN A
;; ANSWER SECTION:
ns.iotk.net. 3600 IN A 99.30.25.1
;; AUTHORITY SECTION:
iotk.net. 3600 IN NS ns1.iotk.net.
iotk.net. 3600 IN NS ns2.iotk.net.
;; ADDITIONAL SECTION:
ns1.iotk.net. 3600 IN A 99.30.25.1
ns2.iotk.net. 3600 IN A 99.30.25.2
;; Query time: 1 msec
;; SERVER: 99.30.25.1#53(99.30.25.1)
;; WHEN: Mon Jul 4 22:51:42 2011
;; MSG SIZE rcvd: 113
----------------------------------------------------------
named.conf on 99.30.25.1
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
acl "iotk" {
127.0.0.1; // localhost
99.30.25.0/29; // static range
!192.168.0.254; // not the router
192.168.0.0/24; // internal network
10.10.10.0/8; // backup network
};
options {
directory "/etc/bind/";
listen-on { 99.30.25.1; };
allow-recursion { iotk; }; // ddos
prevention
interface-interval 0; // no dynamic
ifaces
// allow-query { iotk; }; // this limits
ALL zones
allow-transfer { iotk; }; // this limits
ALL zones
transfer-format many-answers; // faster
transfers
version "DNS Server"; // hides BIND
version
statistics-file "/var/log/bind/stats.log";
auth-nxdomain yes;
};
logging {
channel "querylog" { file "/var/log/bind/query.log"; print-time
yes; };
category queries { querylog; };
category lame-servers { null; };
};
zone "localhost" {
type master;
file "db.local";
allow-update { none; };
};
zone "127.in-addr.arpa" {
type master;
file "db.127";
notify no;
allow-update { none; };
};
zone "0.in-addr.arpa" {
type master;
file "db.0";
};
zone "255.in-addr.arpa" {
type master;
allow-update { none; };
file "db.255";
};
zone "0.168.192.in-addr.arpa" {
type master;
allow-update { none; };
file "db.0.168.192";
};
zone "10.10.10.in-addr.arpa" {
type master;
allow-update { none; };
file "db.10.10.10";
};
zone "iotk.net" {
type master;
allow-update { none; };
file "db.iotk.net";
};
zone "iotk.com" {
type master;
allow-update { none; };
file "db.iotk.com";
};
zone "iotk.org" {
type master;
allow-update { none; };
file "db.iotk.org";
};
zone "0.25.30.99.in-addr.arpa" {
type master;
allow-update { none; };
file "db.0.25.30.99";
};
include "/etc/bind/rndc.key";
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
