Eric, I think I found part of my problem. It was an entry in the forwards of my DNS server. This should really improve performance. I am not sure how it even worked.
CJ Eric Shubert wrote: > Maxwell Smart wrote: >> Eric, >> >> Eric Shubert wrote: >>> Maxwell Smart wrote: >>>> Eric, >>>> >>>> Yes, they are there and constant with 127.0.0.1 in the first >>>> position of >>>> my resolv.conf file. If I move it back to the last position it's ok. >>> It's not really ok. It's just that the DNS server(s) before it in the >>> list are handling the requests, so it never gets to 127.0.0.1, which >>> is your localhost DNS server. >>> >> OK, but it's then going through the ISP's servers anyways just in a >> round about way. > > Not unless you deliberately set it up that way. With a typical > caching/resolving nameserver, DNS requests will not hit the ISP's > server at all. > >>> The dig command (man dig) is handy for troubleshooting DNS problems. >>> >>> You might try: >>> # dig @127.0.0.1 google.com >>> and see what you get. I'm guessing that you'll get an error of some >>> sort (the command will work, but the result of the lookup will fail). >>> >> Dig worked fine, no error. > > Did it return an answer section with a result in it? dig won't show a > glaring error. You need to know what to look for. > >>>> Ideas on how to begin to troubleshoot? I remember someone on the >>>> list a >>>> few days ago experiencing the same issue, but paid little attention >>>> then. >>> IIRC you said earlier that this is a secondary to your authoritative >>> server. It's generally considered a bad practice to have a DNS server >>> configured to handle both authoritative and resolver requests. It can >>> be done, but you'd better know what you're doing. >>> >>> If it's ok to blow away your secondary DNS, I would: >>> # yum remove bind >>> # yum install chroot-bind caching-nameserver >>> then try moving 127.0.0.1 to the top of /etc/resolv.conf again. >> >> I have a master DNS server (ns1) which is authoritative and a slave >> (ns2) which is also a web and e mail server. > > It'd be better to have a caching/resolving DNS server on the web/email > host. The email server will use the resolving DNS server fairly > heavily. Better to put the slave DNS on a different host. > >> So remove the nameserver 64.168.70.132 entry in the resolve.conf file? > > Absolutely. Authoritative servers should never be listed in the > resolv.conf file. > >> The other problem is this was all working just fine until about a week >> or so ago. I don't know why I would have to start changing my DNS when >> it was working fine. There is no reason this should have changed. I >> did however update my toaster. > > I don't know what all changed, but updating the toaster should not > have caused this problem. I think that is coincidental. > > Best guess at this point is that your ISP's DNS was/is having > problems. We've recommended using a caching nameserver on the toaster, > which will keep your ISP's DNS from detrimentally affecting your > toaster. Unfortunately, you already had a secondary DNS server running > on your toaster, which is not a recommended configuration. It is > possible to configure bind on your toaster to do both secondary > authoritative and resolving, but that's beyond what we can do for you > here. > --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com