Hi there, On Sat, 15 Jan 2022, Diego Garcia wrote:
Still with problems. That setup was running fine for few years.
But you changed something.
Bind Server is on DMZ and doing NAT for the local net. Test Server is behing NAT Must have another problem I try this days a lot of things and nothing works,
Generally speaking, if you set things up right, BIND Just Works. It must be a couple of decades since I last had to fiddle with anything to fix a broken BIND server. It is not helpful to us if you tell us that you have tried a lot of things. It would be much more helpful if you told us exactly what you have tried and exactly what were the results. You need to be methodical and precise.
think in try reinstall but i preferred to know what happened and solve it
'Reinstall' to me means the sort of thing that you do if you're working on a Windows box. If you're using a real computer it's usually much better to find out what's going wrong and fix it.
... network unreachable resolving 'play.google.com/A/IN': 216.239.36.10#53 ...
If you are getting 'network unreachable' messages then likely there's something wrong with your network setup. Before doing anything else, you need to fix that. It may or may not be a problem of your making, but given that you said you are using BIND on a server in a DMZ then I suspect that it is. Using a DMZ will make things more complicated and the faults will be more difficult to diagnose - especially for people on mailing lists to whom you give little and very poor information. It *looks* like BIND is trying to make queries but failing to connect to anything to make them. You do not appear to have acted on the good advice which was given to you after your previous post. Are you able to use tools like 'ping' and 'traceroute' to diagnose network problems, also like Wireshark or tcpdump to inspect network traffic? These would be my first steps in approaching this kind of problem. You will need to know that packets from the BIND server can go where they're supposed to go and replies reach the server in good time. You might also need to be able to see exactly what BIND sends, where it sends it, exactly what it receives (if anything) in reply to what it sends, and perhaps where the replies come from. If there are no replies, or the replies go to the wrong place, you need to be able to show that and find out why. What exactly are you trying to achieve which cannot be achieved by simply using a public DNS service, or one provided by your ISP? -- 73, Ged. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
