Am 13.07.2015 um 21:46 schrieb Anand Buddhdev:
On 13/07/15 21:31, Anand Buddhdev wrote:So what could cause these SOA lookup failures in BIND on one server, but not another? Could the developers tell me how BIND does SOA queries over UDP, and is there any way to mimic this with dig?Oops. I just noticed Cathy Almond's response to Irwin Tillman, and recognised the symptom. It turns out that our network guys are blocking outbound UDP queries with a source port of 2049, and BIND is getting stuck on this. Now that I know the problem, I know whom to chase for a solution. Apologies for wasting everyone's time with my rather long post. I should have read the archives of the list first!
greetings to the firewall admins * they should monitor their logs * additional: -m conntrack --ctstate NEW may help in general
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
