Bind DNS Notresolving Some Names
 

Hi

I have a Bind 9 DNS server now running 9.10.3-P4 (upgraded to see if that solved my issue)

Most domain names resolve without issue, however some return

";; connection timed out; no servers could be reached"

When I use the command "host www.qualys.com"

If I use Dig then nothing is displayed. If I use dig with a +trace I get:

"couldn't get address for 'dns1.qualys.com': not found"

But if I use "dig @8.8.8.8 www.qualys.com +short" or "dig @8.8.8.8 dns1.qualys.com +short" it works.

I've no idea where to start to looking into this, which log files to look at or what could be going on. qualys is one of a hand full of domains this is happening on though.

Any help greatly appreciated!

Thanks

Brasso

Do you have your own root hints zone configured in BIND rather than letting it use defaults.

One of the root servers changed this week. You may need to update your root hints zone if you're using one.

FWIW doing test lookups both from here and from an external site I use for testing I get the answers with no issues.

Hi

I'm using the default /etc/bind/db.root which was a little out of date so I've updated that but still get the same issue. If I configure forwarders to 8.8.8.8 then everything works fine also but I'd prefer to be looking up things rather than rely on other peoples DNS.

Thanks for your advice :)

What is in resolv.conf on the server that is having the issue?

Did you add localhost (127.0.0.1) if it is your actual DNS server that is having the issue? If so did you modify named.conf to allow 127.0.0.1 to do queries?