Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
# tail -f named.run
clientmgr @0x7f5c842de2b5: clientmgr_destroy
exiting
zone 0.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
zone localhost.localdomain/IN: loaded serial 0
zone localhost/IN: loaded serial 0
managed-keys-zone ./IN: loading from master file dynamic/managed-keys.bind failed: file not found
managed-keys-zone ./IN: loaded serial 0
running
It does not even show the query, like its not getting here. iptables allows 53 and its listening...
client 192.168.16.6#22732: query failed (SERVFAIL) for reporting.eu-survey.com/IN/A at query.c:4648
client 192.168.16.6#56810: query failed (SERVFAIL) for reporting.eu-survey.com/IN/A at query.c:4648
fetch completed at resolver.c:3087 for reporting.eu-survey.com/A in 11.494339: SERVFAIL/success [domain:com,referral:1,restart:11,qrysent:208,timeout:0,lame:0,neterr:0,badresp:0,adberr:0,findfail:0 ,valfail:0]
createfetch: www.hollywood.com A
client 192.168.16.6#63336: query failed (SERVFAIL) for www.wikihow.com/IN/A at query.c:4648
fetch completed at resolver.c:3087 for www.wikihow.com/A in 11.948703: SERVFAIL/success [domain:com,referral:0,restart:11,qrysent:220,timeout:0,lame:0,neterr:0,badresp:0,adberr:2,findfail:0 ,valfail:0]
client 192.168.16.6#50127: query failed (SERVFAIL) for www.wikihow.com/IN/A at query.c:4648
client 192.168.16.6#15294: query failed (SERVFAIL) for www.hollywood.com/IN/A at query.c:4648
fetch completed at resolver.c:3087 for www.hollywood.com/A in 11.704249: SERVFAIL/success [domain:com,referral:0,restart:11,qrysent:220,timeout:0,lame:0,neterr:0,badresp:0,adberr:7,findfail:0 ,valfail:0]
client 192.168.16.6#47813: query failed (SERVFAIL) for www.hollywood.com/IN/A at query.c:4648
createfetch: www.thestatecolumn.com A
First off I need to say thanks for your continued help on this.
No it still doesnt work.
in /etc/resolv.conf is another DNS server we have running RHEL4.
[root@ns1 data]# dig @127.0.0.1 google.com
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @127.0.0.1 google.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
But if I add +trace it works...
[root@ns1 data]# dig @127.0.0.1 google.com +trace
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @127.0.0.1 google.com +trace
; (1 server found)
;; global options: +cmd
. 517244 IN NS k.root-servers.net.
. 517244 IN NS l.root-servers.net.
. 517244 IN NS a.root-servers.net.
. 517244 IN NS b.root-servers.net.
. 517244 IN NS e.root-servers.net.
. 517244 IN NS c.root-servers.net.
. 517244 IN NS m.root-servers.net.
. 517244 IN NS f.root-servers.net.
. 517244 IN NS d.root-servers.net.
. 517244 IN NS j.root-servers.net.
. 517244 IN NS h.root-servers.net.
. 517244 IN NS g.root-servers.net.
. 517244 IN NS i.root-servers.net.
;; Received 340 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
;; Received 488 bytes from 192.228.79.201#53(b.root-servers.net) in 88 ms
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
;; Received 164 bytes from 192.26.92.30#53(c.gtld-servers.net) in 10 ms
google.com. 300 IN A 74.125.115.147
google.com. 300 IN A 74.125.115.105
google.com. 300 IN A 74.125.115.103
google.com. 300 IN A 74.125.115.106
google.com. 300 IN A 74.125.115.104
google.com. 300 IN A 74.125.115.99
;; Received 124 bytes from 216.239.32.10#53(ns1.google.com) in 31 ms
Well I'm really out of ideas.
bind behaves like there is a firewall (even for localhost) preventing access to port 53. Try to stop iptables and see what happens
Well I'm really out of ideas.
bind behaves like there is a firewall (even for localhost) preventing access to port 53. Try to stop iptables and see what happens
I tried it with no iptables rules. (iptables -F) still nothing.
I even re-installed the OS from scratch, same thing. There has to be something I am missing.
No your config is ok. I've tested on my slackware bind installation and it works as expected.
Could be SELinux, even though I doubt.
Try setup a forwarder and see what you get. Add in the options part of named.conf
Code:
forward only;
forwarders { x.x.x.x; };
where x.x.x.x is the nameserver that is present in /etc/resolv.conf
It works with the forwarders. But that defeats the point. We have 2 external name servers, ns1 and ns2. Right now I am just forwarding all the queries from ns1 to ns2.
Thanks for you help, if you have any more ideas I would love to hear them.
It works with the forwarders. But that defeats the point
It shouldn't work as you still access port 53 to query your dns. That is the strange thing.
It answers on port 53 when it's forwarding queries or doing a trace, but does not answer when used as a caching dns!!!!
Looking at named.conf for rhel/centos, I notice there is a
Code:
include "/etc/named.rfc1912.zones";
that you're not using. Maybe you need to include that file too in named.conf
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.