LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-10-2009, 02:04 AM   #1
Ashish Pati
LQ Newbie
 
Registered: Sep 2009
Posts: 3

Rep: Reputation: 0
Question Not able to lookup only to one domain


hi,

I hv a BIND server, in that i hv added some ips for

allow-query{ip1,ip2,ip3,ip4....,localhost};
allow-recursion(ip1,ip2,ip3,ip4.......,localhost};

the above configuration is within the option{ };

NOW THE PROBLEM IS

i am able to lookup to every outside domain(yahoo,google, etc).
but SERVER FAILED message is coming for only one domain.

i hv created a new BIND server with defaults setting and the domain is resolving from this new BIND server.

is there any issue in allow-recursion ?

Please help me.
 
Old 09-10-2009, 02:17 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,910

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
It's not a recursion problem. Could be a allow-query problem, if you query your dns from a box not listed there, which I doubt.
What is the output of:
Code:
dig domain.com
dig +trace domain.com
 
Old 09-10-2009, 11:46 PM   #3
Ashish Pati
LQ Newbie
 
Registered: Sep 2009
Posts: 3

Original Poster
Rep: Reputation: 0
the output of the dig and dig +trace is

Quote:
Originally Posted by bathory View Post
It's not a recursion problem. Could be a allow-query problem, if you query your dns from a box not listed there, which I doubt.
What is the output of:
Code:
dig domain.com
dig +trace domain.com
Thanks for your reply

===================================================================================================
[root@fresh named]# dig lekha.com

; <<>> DiG 9.5.2b1 <<>> lekha.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25069
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lekha.com. IN A

;; Query time: 738 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Sep 11 10:33:08 2009
;; MSG SIZE rcvd: 27

[root@fresh named]# dig +trace lekha.com

; <<>> DiG 9.5.2b1 <<>> +trace lekha.com
;; global options: printcmd
. 515397 IN NS k.root-servers.net.
. 515397 IN NS l.root-servers.net.
. 515397 IN NS m.root-servers.net.
. 515397 IN NS a.root-servers.net.
. 515397 IN NS b.root-servers.net.
. 515397 IN NS c.root-servers.net.
. 515397 IN NS d.root-servers.net.
. 515397 IN NS e.root-servers.net.
. 515397 IN NS f.root-servers.net.
. 515397 IN NS g.root-servers.net.
. 515397 IN NS h.root-servers.net.
. 515397 IN NS i.root-servers.net.
. 515397 IN NS j.root-servers.net.
;; Received 500 bytes from 127.0.0.1#53(127.0.0.1) in 3 ms

com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 490 bytes from 199.7.83.42#53(l.root-servers.net) in 232 ms

lekha.com. 172800 IN NS ns.siteprotect.com.
lekha.com. 172800 IN NS ns2.siteprotect.com.
;; Received 106 bytes from 192.42.93.30#53(g.gtld-servers.net) in 1042 ms

;; Received 27 bytes from 64.26.38.2#53(ns2.siteprotect.com) in 232 ms

==============================================================================

now i removed everything form allow-query{} and allow-recursion{},
then also the same problem is happening
i am posting my conf file Please look into this should i edit anything in it.

===============================================================================
options {
listen-on port 53 { 127.0.0.1; };
// listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;

allow-query { localhost; };

};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
==================================================================================================

Last edited by Ashish Pati; 09-11-2009 at 12:15 AM.
 
Old 09-11-2009, 12:40 AM   #4
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,910

Rep: Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326Reputation: 1326
Hi,

It's not your fault, unless you're responsible for that domain. In fact I get the same error using my name server. Also I get this in logs:
Quote:
unexpected RCODE (REFUSED) resolving 'lekha.com/A/IN': 64.26.0.23#53
The strange thing is that it resolves using opendns servers:
Quote:
dig lekha.com @208.67.222.222

; <<>> DiG 9.6.1-P1 <<>> lekha.com @208.67.222.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31241
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lekha.com. IN A

;; ANSWER SECTION:
lekha.com. 0 IN A 67.215.66.132

;; Query time: 2220 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Fri Sep 11 08:36:49 2009
;; MSG SIZE rcvd: 43
And it can't be resolved using the authoritative dns servers!!!
Quote:
dig lekha.com @ns.siteprotect.com

; <<>> DiG 9.6.1-P1 <<>> lekha.com @ns.siteprotect.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 44865
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lekha.com. IN A

;; Query time: 178 msec
;; SERVER: 64.26.0.23#53(64.26.0.23)
;; WHEN: Fri Sep 11 08:38:50 2009
;; MSG SIZE rcvd: 27
 
Old 09-16-2009, 04:56 AM   #5
Ashish Pati
LQ Newbie
 
Registered: Sep 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Thanks

Quote:
Originally Posted by bathory View Post
Hi,

It's not your fault, unless you're responsible for that domain. In fact I get the same error using my name server. Also I get this in logs:

The strange thing is that it resolves using opendns servers:

And it can't be resolved using the authoritative dns servers!!!

yes, you are right it is strange. bcoz it is resolving from my Windows server.
if there is any solution then kindly let me know. thanks for your reply

Last edited by Ashish Pati; 09-16-2009 at 05:00 AM.
 
  


Reply

Tags
bind, cant, domain, resolve


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Slow domain name lookup hosler Linux - Wireless Networking 4 07-29-2008 01:02 PM
Squid Proxy domain name lookup 6figganigga Linux - Security 8 02-26-2008 10:10 PM
restrict dns lookup for for a domain sunlinux Linux - Networking 2 08-10-2007 06:45 AM
Traceroute, Ping, Domain Name Server (DNS) Lookup, WHOIS, and DNS Records Lookup netoknet General 1 05-09-2005 03:43 AM
ERROR: Failed to lookup IP address for (domain name) aluminum Linux - Newbie 7 11-11-2003 08:27 PM


All times are GMT -5. The time now is 05:55 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration