I'm troubleshooting an issue with internal resolution of a domain. I have 2 identical slave servers that resolve for domains that have been delegated to our group. However, while one of the servers can successfully provide the responses, the other cannot. I've checked with the network gurus to verify there is not a possibility of a firewall or IPS rule causing the issue, but came back empty-handed.
Here's the breakdown (please don't laugh at the antiques...): Sun V210's running Solaris 5.8 BIND 9.5.1-P3 ... zone "blah.com" { type slave; file "/slave/db.blah.com"; masters { 10.xxx.xxx.xxx; }; allow-transfer { none; }; allow-query { "all-clients"; }; }; ... # Query local server (one with issues) fails $ dig www.blah.com. ; <<>> DiG 9.5.1-P3 <<>> www.blah.com. ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 1735 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ; www.blah.com. IN A ;; Query time: 2 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Aug 2 14:12:48 2010 ;; MSG SIZE rcvd: 29 # Query master directly or twin server from problem server succeeds $ dig @10.xxx.xxx.xxx www.blah.com. ; <<>> DiG 9.5.1-P3 <<>> @10.xxx.xxx.xxx www.blah.com. ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 341 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ; www.blah.com. IN A ;; ANSWER SECTION: www.blah.com. 300 IN A 10.xxx.xxx.xxx ;; Query time: 34 msec ;; SERVER: 10.xxx.xxx.xxx #53(10.xxx.xxx.xxx) ;; WHEN: Mon Aug 2 14:14:16 2010 ;; MSG SIZE rcvd: 45 Any ideas to point me in the right direction? Thanks, Brian _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users