On Thu, Jan 19, 2023 at 07:45:34PM +0100, Maurizio Caloro wrote: > fighting little with bind9, on Debian 10.13, in my opinion appair right, but
> # cat /etc/resolv.conf > search sternbild.m > nameserver 127.0.0.1 > nameserver A.B.C.D -> other Nameservers > nameserver A.B.C.D -> other Nameservers Let's start here. Why do you have multiple nameserver lines here? Which one is the bind9 server that you're configuring? That should be the only line. If the bind9 server is 127.0.0.1 then just keep that line, and remove the other two (or comment them out with semicolons). When you've got multiple nameserver lines, the resolver library will use whichever one it wants to use first. If that one returns NXDOMAIN, then it stops there. It doesn't look at the other lines. It will only look at the other lines if there's no response at all from the first nameserver it tries. > # ping pluto.sternbild.m > ping: pluto.sternbild.m: Name or service not known The ping command is not the best choice for debugging DNS server setups. The major issue here is that you don't know which nameserver was used to get this result. There are dedicated tools for debugging DNS, including "host" and "dig" in the dnsutils package (on Debian 10 which you're using, or in bind9-host in Debian 11). Start with those. dig @127.0.0.1 A pluto.sternbild.m host -t A pluto.sternbild.m 127.0.0.1 Either of these commands will request the "A" record for pluto.sternbild.m from the DNS resolver at 127.0.0.1. I'm guessing that's the one you're trying to use and debug. You can try both and see which one you like better. Of the two commands, dig is the more feature-rich one, should you need to go into more detail. > # ping ns1.sternbild.m > ping: ns1.sternbild.m: Name or service not known > > # ping ns1 > ping: ns1: Name or service not known Since you have two other nameserver lines, you don't know which one(s) are returning the NXDOMAIN error, you might want to probe all three with dig or host.
