LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   DNS broken? (https://www.linuxquestions.org/questions/linux-software-2/dns-broken-810256/)

int0x80 05-26-2010 12:30 PM
DNS broken?
 
I run BIND9 in Debian on my server, and did a dist-upgrade last night. Prior to the dist-upgrade, everything worked fine. It does not appear that any of the configuration or zone files were changed.

Right now, I am seeing ServFail replies to the A queries:

Code:
13:00:26.496391 IP 10.7.21.12.45956 > 10.7.7.2.53: 39290+ A? int0x80.com. (29)
        0x0000:  4500 0039 603c 4000 4011 aa5c 0a07 150c  E..9`<@.@..\....
        0x0010:  0a07 0702 b384 0035 0025 3052 997a 0100  .......5.%0R.z..
        0x0020:  0001 0000 0000 0000 0769 6e74 3078 3830  .........int0x80
        0x0030:  0363 6f6d 0000 0100 01                  .com.....

13:00:28.569409 IP 10.7.7.2.53 > 10.7.21.12.45956: 39290 ServFail 0/0/0 (29)
        0x0000:  4500 0039 7571 0000 8011 9527 0a07 0702  E..9uq.....'....
        0x0010:  0a07 150c 0035 b384 0025 ad7a 997a 8182  .....5...%.z.z..
        0x0020:  0001 0000 0000 0000 0769 6e74 3078 3830  .........int0x80
        0x0030:  0363 6f6d 0000 0100 01                  .com.....
These entries are in /var/log:

Code:
aptitude:615:[REMOVE, NOT USED] libbind9-50
aptitude:642:[INSTALL, DEPENDENCIES] libbind9-60
aptitude:676:[UPGRADE] bind9 1:9.6.1.dfsg.P1-1 -> 1:9.7.0.dfsg.P1-1
aptitude:677:[UPGRADE] bind9-host 1:9.6.1.dfsg.P1-1 -> 1:9.7.0.dfsg.P1-1
aptitude:678:[UPGRADE] bind9utils 1:9.6.1.dfsg.P1-1 -> 1:9.7.0.dfsg.P1-1
Code:
daemon.log:1681:May 25 15:03:02 int0x80 named[2288]: starting BIND 9.7.0-P1 -u bind
daemon.log:1682:May 25 15:03:02 int0x80 named[2288]: built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-dlz-postgres=no' '--with-dlz-mysql=no' '--with-dlz-bdb=yes' '--with-dlz-filesystem=yes' '--with-dlz-ldap=yes' '--with-dlz-stub=yes' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2' 'LDFLAGS=' 'CPPFLAGS='
daemon.log:1686:May 25 15:03:02 int0x80 named[2288]: loading configuration from '/etc/bind/named.conf'
daemon.log:1687:May 25 15:03:02 int0x80 named[2288]: reading built-in trusted keys from file '/etc/bind/bind.keys'

Last night, and this morning I was able to SSH into my server without issue, and am still currently connected there. However, other boxes do not resolve the IP for it. So I'm assuming the SSH session used cached DNS data to resolve the IP.

I don't really know a whole lot about DNS, so I'm sort of forking this thread as one path in my search while I continue to dig through Google results. Please ask me to provide any additional information that might be helpful in fixing this.

int0x80 05-26-2010 12:41 PM
Also, when I sniff and do look-ups against the server, the only entries that show in dmesg are regarding the NIC using promiscuous mode:

Code:
device eth0 entered promiscuous mode
device eth0 left promiscuous mode
Firewall rules are currently accept all:

Code:
Chain INPUT (policy ACCEPT 33539 packets, 8905K bytes)
 pkts bytes target    prot opt in    out    source              destination       

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target    prot opt in    out    source              destination       

Chain OUTPUT (policy ACCEPT 35908 packets, 16M bytes)
 pkts bytes target    prot opt in    out    source              destination

int0x80 05-27-2010 11:17 AM
Fixed it, I had an old entry in one of my db files that bind didn't like. The entry had been outdated for years actually, but bind never complained until now.


All times are GMT -5. The time now is 10:34 PM.