On Tue, Jul 5, 2011 at 10:29 AM, vr <bind-u...@iotk.net> wrote: > Hello, > > I am trying to visit "http://communities.intel.com" using Iceweasel on a > Debian desktop PC. No proxies. > > My clients etc/resolv.conf point to my own Debian BIND 9.7.3 installed on a > separate server and installed from distribution packages (bind9 > 1:9.7.3.dfsg-1~squeeze2). > > From myDesktop, NSLOOKUP fails but DIG shows a CNAME record. I see the same > results from the BIND server so I've included just the output from myDesktop > below. Also included below is my named.conf. > > Do I have something obvious in BIND screwed up?
Quite possibly so. And you use dig incorrectly too. > me@myDesktop:~$ dig communities.intel.com ns.iotk.net this should be $ dig communities.intel.com @ns.iotk.net > ;; ANSWER SECTION: > communities.intel.com. 207 IN CNAME intel-2.hs.llnwd.net. so it finds the cname ... > > ;; AUTHORITY SECTION: > llnwd.net. 604800 IN SOA localhost. root.localhost. > 2008071301 604800 86400 2419200 604800 ... but your DNS has a broken record for llnwd.net. It should be ;; ANSWER SECTION: llnwd.net. 3600 IN SOA dns11.llnwd.net. hostmaster.llnwd.net. 210 900 300 604800 300 > ;; QUESTION SECTION: > ;ns.iotk.net. IN A this part is irrelevant, it's the result of your incorrect dig syntax > > named.conf on 99.30.25.1 I can't see why the response for llnwd.net is incorrect. Try: - rndc flush (or restart named) - dig soa llnwd.net @99.30.25.1 (to retest your name server) - dig soa llnwd.net @8.8.8.8 (to compare the result with google's public dns) - dig soa llnwd.net +trace (to trace delegation path) it might show where the errors come from -- Fajar _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users