What about allow-query?
At some point the default changed to allow only localhost.
On 21/02/13 2:59, Robert Moskowitz wrote:
>
> On 02/20/2013 08:28 PM, Robert Moskowitz wrote:
>> It looks like no system, internal or external could access the DNS on
>> my new server. IPTABLES was set for 53 both
On 02/20/2013 08:28 PM, Robert Moskowitz wrote:
It looks like no system, internal or external could access the DNS on
my new server. IPTABLES was set for 53 both UDP and TCP. Firewall was
OK. In fact a local system on the same subnet, thus NOT going through
my firewall was denied access to t
It looks like no system, internal or external could access the DNS on my
new server. IPTABLES was set for 53 both UDP and TCP. Firewall was OK.
In fact a local system on the same subnet, thus NOT going through my
firewall was denied access to the internal domain. Localhost of course
works.
I am having the same issue and saw a couple of questions but didn't see any
resolutions. Any one have any luck with this.
Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
Thanks, I found the issue. I had a typo in named.conf for the zone
file name. Doh
On Wed, Feb 20, 2013 at 11:29 AM, Warren Kumari wrote:
>
> On Feb 20, 2013, at 2:17 PM, Jsilliman wrote:
>
>> I just changed the domain name in output. If I do a dig on
>>
>> dig example.com
>>
>> ** Returns noth
On Feb 20, 2013, at 2:17 PM, Jsilliman wrote:
> I just changed the domain name in output. If I do a dig on
>
> dig example.com
>
> ** Returns nothing. I have to actually dig on ns1.example.com,
> www..., or mail...
>
> I am trying to add an A record (remote.example.com), and have it work...
I just changed the domain name in output. If I do a dig on
dig example.com
** Returns nothing. I have to actually dig on ns1.example.com,
www..., or mail...
I am trying to add an A record (remote.example.com), and have it work...
root@server1:/etc/bind# dig remote.example.com
; <<>> DiG 9.8
On Feb 20, 2013, at 2:06 PM, Jsilliman wrote:
> Check this out:
>
> dig @localhost 69.62.x.x
>
> 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com.
>
>
> Shouldn't this be going to my local server for SOA ?
>
> The issue is that when I create a new A record, such as,
> remo
Phase I is hopefully complete. A new onlo.htt-consult.com is up in
place of the old one.
This is a faster box with current software. I will 'leave it alone' for
a week, unless someone tells me something is wrong with it.
Next I unlock my domain from NetSol and choose my new registrar and
m
Check this out:
dig @localhost 69.62.x.x
10800 IN SOA a.root-servers.net. nstld.verisign-grs.com.
Shouldn't this be going to my local server for SOA ?
The issue is that when I create a new A record, such as,
remote.example.com, I cannot do a dig on that record, only mx and ns
recor
-Original Message-
From: Jsilliman
Date: Wednesday, February 20, 2013 1:57 PM
To: Alan Clegg
Cc: "bind-users@lists.isc.org"
Subject: Re: Cannot create A record issue
>Ubuntu does not use that:
>
>root@:/etc/bind# cat /etc/resolv.conf
># Dynamic resolv.conf(5) file for glibc res
On Feb 20, 2013, at 1:57 PM, Jsilliman wrote:
> Ubuntu does not use that:
>
> root@:/etc/bind# cat /etc/resolv.conf
> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
Actually, it do
Ubuntu does not use that:
root@:/etc/bind# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
On Wed, Feb 20, 2013 at 10:56 AM, Alan Clegg wrote:
> And as was stated b
And as was stated before, "cat /etc/resolv.conf" and let's see where your dig
is actually going...
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind
Jsilliman wrote:
> The serial number gets updated in the logs, but not when I do a dig.
> (21 vs 3-old)
Did you dig @localhost or is dig querying some recursive server elsewhere?
What does /etc/resolv.conf contain?
Tony.
--
f.anthony.n.finchhttp://dotat.at/
Forties, Cromarty: East, veering
Jsilliman wrote on 02/20/2013 01:44:20 PM:
> No, I think it's only loaded once, but port 53 is listening on
Try "ps aux |grep named" to prove it.
Confidentiality Notice:
This electronic message and any attachments may contain confidential or
privileged information, and is intended only for t
No, I think it's only loaded once, but port 53 is listening on
localhost
tun0 interface for Openvpn
69.62.x.x
15739 ?Ssl0:04 /usr/sbin/named -u bind
On Wed, Feb 20, 2013 at 10:31 AM, Alan Clegg wrote:
>
> On Feb 20, 2013, at 1:30 PM, Jsilliman wrote:
>
>> The serial number gets
On Feb 20, 2013, at 1:30 PM, Jsilliman wrote:
> The serial number gets updated in the logs, but not when I do a dig.
Do you have more than one copy of BIND running?
AlanC
--
Alan Clegg | +1-919-355-8851 | a...@clegg.com
___
Please visit https://lis
The serial number gets updated in the logs, but not when I do a dig.
(21 vs 3-old)
example.com. 603817 IN SOA ns1.example.com.
root.localhost. 3 604800 86400 2419200 604800
Feb 20 10:26:08 server1 named[15739]: reloading configuration succeeded
Feb 20 10:26:08 server1 named[15
Just to cover all the bases, you're doing your lookup directly against
your server, correct? Easy to accidentally query a different nameserver
and not see what you're expecting.
Otherwise I'd second Warren's suggestion to double-check your serial number.
John
On 02/20/2013 12:40 PM, Jsillim
Are you sure BIND is loading the zone file? Are you remembering to update the
SOA / serial? Are you restarting BIND after making changes?
If you make a change (and update the SOA), if you do:
dig soa example.com do you see the new serial #?
W
On Feb 20, 2013, at 12:40 PM, Jsilliman wrote:
> I
I can't seem to create an extra A record that works. I've created A
records for ns1 and mail and they work if I do a bind lookup, but
nothing else works. I did a lot of research before reaching out here.
This is my zone file. "Remote.example.com" never works...This is
Bind9 running on Ubuntu s
Hi,
I've written a short book on DNSSEC. The goal is to help existing DNS
admins implement DNSSEC on BIND.
I have a trusted technical reviewer, but I'm interested in getting
additional feedback before it goes out. And naturally I thought of
this list. No one person catches everything.
If you kn
On Feb 20, 2013, at 1:14 AM, Chuck Peters wrote:
> Robert Moskowitz said:
>> Delving further into my challenges.
>>
>> But they don't seem to support DNSSEC protected domains, and even
>> IPv6 glue records are special requests, it seems.
>
> I would like to know how can I handle DNSSEC key rol
On 2013.02.20 01.14, Chuck Peters wrote:
Robert Moskowitz said:
Delving further into my challenges.
But they don't seem to support DNSSEC protected domains, and even
IPv6 glue records are special requests, it seems.
I would like to know how can I handle DNSSEC key rollovers without
manually e
25 matches
Mail list logo
