I have a bind server running that cannot resolve www.atbfinancialonline.com.
I turned on debug 10 in the named.conf and start up dig on it, but dig just
times out, what else can I do to see why exactly it won't resolve this?
Thanks!
jlc
___
CentOS
Joseph L. Casale wrote:
I have a bind server running that cannot resolve www.atbfinancialonline.com.
I turned on debug 10 in the named.conf and start up dig on it, but dig
just
times out, what else can I do to see why exactly it won't resolve this?
Check what name severs are hosting the
Check what name severs are hosting the domain and try resolving
directly from them.
atbfinancialonline.com name server dns1.cidc.telus.com.
atbfinancialonline.com name server dns2.cidc.telus.com.
vbg I shoulda done that:) Yup, so it's only resolving from cache
for those that did hit it I see.
On Mon, 26 Jan 2009, nate wrote:
One of my Debian servers has a tool called 'dnstracer', I'd be
surprised if it was available as part of the stock CentOS but
maybe available in a 3rd party repo or some similar tool:
dig's +trace option can do the same thing, though its reporting isn't
as
Nate wrote on Mon, 26 Jan 2009 10:22:34 -0800 (PST):
[ap...@portal:~]$ dnstracer www.atbfinancialonline.com
allow me to jump in here. I recently installed dnstracer (from rpmforge),
but I don't get the expected output on the machine where I want to use it.
All I get is output like this:
snip
not certain if you intend it to be, but your 64.135.16.15 machine is
not reachable from outside. an attempt to telnet to port 53 (or 25)
gets me no route to host and a traceroute ends with:
8 ge2-0.cr1.bct.fl.host.net (64.135.1.9) 34.779ms 35.102ms 35.413ms
9
big snip
Michel van Deventer wrote:
From what I see you have iptables 'in the way'.
Try to add the following rule to iptables and then try again :)
iptables -I RH-Firewall-1-INPUT -j ACCEPT -p udp --dport 53
If you like to have zone transfers or large queries done as well then you also
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ray Leventhal
Sent: Thursday, August 23, 2007 10:23 AM
To: CentOS mailing list
Subject: Re: [CentOS] BIND issues, server not responding
big snip
Michel van Deventer wrote:
From what I see you
You only need the tcp rule if you plan on serving up zone transfers,
not if plan on only requesting them.
Well, very rare but answers that are over 512 bytes will have to be sent
over tcp since the rfc 1035 mandates maximum 512 bytes for the udp
payload. So tcp is not just for zone
Chain RH-Firewall-1-INPUT (2 references)
ugh. I absolutely detest the tool behind this.
This is what I do.
Trusted interfaces like lo and networks go first and then packets
belonging to established connections are shorted which leaves connection
requests to be branched out into tcp, udp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Feizhou
Sent: Thursday, August 23, 2007 11:02 AM
To: CentOS mailing list
Subject: Re: [CentOS] BIND issues, server not responding
You only need the tcp rule if you plan on serving up zone
Paul Heinlein wrote:
On Thu, 23 Aug 2007, Feizhou wrote:
You only need the tcp rule if you plan on serving up zone
transfers, not if plan on only requesting them.
Well, very rare but answers that are over 512 bytes will have to be
sent over tcp since the rfc 1035 mandates maximum 512
You only need the tcp rule if you plan on serving up zone transfers,
not if plan on only requesting them.
Well, very rare but answers that are over 512 bytes will have
to be sent
over tcp since the rfc 1035 mandates maximum 512 bytes for the udp
payload. So tcp is not just for zone
Ray Leventhal wrote:
Hi all,
My CentOS 5 nameserver is seemingly unable to be queried by anything but
itself (localhost, 127.0.0.1). From any other machine, including the
primary which *does* transfer zone files correctly to this machine
(which is secondary), requests time out.
I've put
[EMAIL PROTECTED] wrote:
first, if you turn query logging on you'll likely get some more hints.
Rick, I did miss that comment before I posted. I'll do that and
query...will report the log here this evening.
Kind regards,
~Ray
___
CentOS mailing
Ray Leventhal wrote:
[EMAIL PROTECTED] wrote:
first, if you turn query logging on you'll likely get some more hints.
Rick, I did miss that comment before I posted. I'll do that and
query...will report the log here this evening.
Kind regards,
~Ray
snip
Do a netstat -na|grep 53
Lets be really sure.
Hi Robert,
Thanks for the reply.
as requested:
[EMAIL PROTECTED] ray]# netstat -na|grep 53
tcp0 0 64.135.16.15:53
0.0.0.0:* LISTEN
tcp0 0 127.0.0.1:53
0.0.0.0:*
Hello Ray,
Appears to be listening how I expected it to be, unless I'm not reading
this right.
Running 'dig www.swhi.net @64.135.16.15'
; DiG 9.2.4 www.swhi.net @64.135.16.15
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
Robert
18 matches
Mail list logo
