caching nameserver not always working? status: SERVFAIL
Jason Vas Dias
jvdias at redhat.com
Fri Oct 8 14:19:10 UTC 2004
Hi -
You may need to uncomment the 'query-source'
line in the named.conf that comes with
caching-nameserver, ie:
'options { ...
query-source address * port 53;
...
};
'
This will make named use port 53 for queries
it sends to other nameservers - otherwise,
any available port will be used, which may be
blocked by your firewall.
If this doesn't work please let me know.
Regards,
Jason Vas Dias
(bind & caching-nameserver maintainer, Red Hat)
On Fri, 2004-10-08 at 06:29, Marius Andreiana wrote:
> Hi
>
> With caching-nameserver from rawhide, not all hosts are resolved. I'm
> not sure if it's my fault or named's.
> /etc/resolv.conf has only the local machine IP:
> nameserver 81.196.83.211
> #nameserver 193.231.236.17
> #nameserver 193.231.236.10
>
> iptables allows all traffic on port 53, but not others above 1000, as
> bind says it might use.
>
> Although old rpms were removed (/etc/named.conf gone) and rawhide's
> installed, rpm -V shows modified files:
>
> [root at marte var]# rpm -V bind-chroot caching-nameserver bind-libs
> .M...... /var/named/chroot/dev
> ....L... c /etc/named.conf
> ....LUG. c /var/named/localdomain.zone
> ....LUG. c /var/named/localhost.zone
> ....LUG. c /var/named/named.broadcast
> ....LUG. c /var/named/named.ca
> ....LUG. c /var/named/named.ip6.local
> ....LUG. c /var/named/named.local
> ....LUG. c /var/named/named.zero
>
> named.conf has
> // query-source address * port 53;
> should this be uncommented?
>
> Directory /var/named/data/ is empty.
>
> Problem:
> www.galuna.ro works, but marius.galuna.ro doesn't. Sometimes www doesn't
> work, but galuna.ro works. dig returns status: SERVFAIL
> Querying on ISP's nameserver works always. He's not hosting this site.
>
>
> [root at marte var]# dig www.galuna.ro
>
> ; <<>> DiG 9.2.4 <<>> www.galuna.ro
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44828
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.galuna.ro. IN A
>
> ;; ANSWER SECTION:
> www.galuna.ro. 344723 IN CNAME galuna.ro.
> galuna.ro. 344723 IN A 213.157.162.252
>
> ;; AUTHORITY SECTION:
> galuna.ro. 10630 IN NS ns1.galuna.ro.
>
> ;; Query time: 25 msec
> ;; SERVER: 81.196.83.211#53(81.196.83.211)
> ;; WHEN: Fri Oct 8 12:28:39 2004
> ;; MSG SIZE rcvd: 79
>
> [root at marte var]# dig marius.galuna.ro
>
> ; <<>> DiG 9.2.4 <<>> marius.galuna.ro
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51278
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;marius.galuna.ro. IN A
>
> ;; Query time: 23 msec
> ;; SERVER: 81.196.83.211#53(81.196.83.211)
> ;; WHEN: Fri Oct 8 12:28:43 2004
> ;; MSG SIZE rcvd: 34
>
> [root at marte var]# dig @193.231.236.17 marius.galuna.ro
>
> ; <<>> DiG 9.2.4 <<>> @193.231.236.17 marius.galuna.ro
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49067
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 9, ADDITIONAL: 9
>
> ;; QUESTION SECTION:
> ;marius.galuna.ro. IN A
>
> ;; ANSWER SECTION:
> marius.galuna.ro. 172800 IN CNAME galuna.ro.
> galuna.ro. 172800 IN A 213.157.162.252
>
> ;; AUTHORITY SECTION:
> ro. 171353 IN NS NS1.UNIVIE.AC.AT.
> ro. 171353 IN NS SUNIC.SUNET.SE.
> ro. 171353 IN NS DNS-RO.DENIC.DE.
> ro. 171353 IN NS NS-EXT.VIX.COM.
> ro. 171353 IN NS PRIMARY.ROTLD.ro.
> ro. 171353 IN NS SECONDARY.ROTLD.ro.
> ro. 171353 IN NS NS.UU.NET.
> ro. 171353 IN NS NS.RIPE.NET.
> ro. 171353 IN NS NS.AUSTRIA.EU.NET.
>
> ;; ADDITIONAL SECTION:
> NS.UU.NET. 170151 IN A 137.39.1.3
> NS.RIPE.NET. 169233 IN A 193.0.0.193
> NS.RIPE.NET. 104651 IN AAAA 2001:610:240:0:53::193
> NS.AUSTRIA.EU.NET. 170498 IN A 192.92.138.35
> SUNIC.SUNET.SE. 170168 IN A 192.36.125.2
> DNS-RO.DENIC.DE. 172719 IN A 81.91.161.76
> NS-EXT.VIX.COM. 163522 IN A 204.152.184.64
> PRIMARY.ROTLD.ro. 169808 IN A 192.162.16.18
> SECONDARY.ROTLD.ro. 143759 IN A 193.230.31.225
>
> ;; Query time: 89 msec
> ;; SERVER: 193.231.236.17#53(193.231.236.17)
> ;; WHEN: Fri Oct 8 12:28:57 2004
> ;; MSG SIZE rcvd: 460
>
> DNS check doesn't have major problems:
> http://www.dnsreport.com/tools/dnsreport.ch?domain=galuna.ro
>
> Restarting local named makes dig solve the request:
>
> ; <<>> DiG 9.2.4 <<>> marius.galuna.ro
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15587
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;marius.galuna.ro. IN A
>
> ;; ANSWER SECTION:
> marius.galuna.ro. 345600 IN CNAME galuna.ro.
> galuna.ro. 345600 IN A 213.157.162.252
>
> ;; AUTHORITY SECTION:
> galuna.ro. 345600 IN NS ns1.galuna.ro.
>
> ;; Query time: 760 msec
> ;; SERVER: 81.196.83.211#53(81.196.83.211)
> ;; WHEN: Fri Oct 8 13:26:50 2004
> ;; MSG SIZE rcvd: 82
>
> Thanks
> --
> Marius Andreiana
> Galuna - Solutii Linux in Romania
> http://www.galuna.ro
More information about the fedora-test-list
mailing list