Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 12-15-2006, 03:05 PM   #1
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Rep: Reputation: 52
BIND 9.3.3 split dns recursion disallow

Hi guys,

I'm setting up split views (internal/external) on BIND 9.3.3. I allow recursion for my internal clients (ie. office, branches, etc..) but disallow recursion for external. Doing a MX query from the outside with nslookup on a windows box against my domain doesn't show anything but it's completely fine with linux. Weird. Is this a nslookup bug on windows? If I allow recursion for my external view, then nslookup on windows works! However, I don't want to allow recursion for the external view but I'm afraid that exchange servers from other companies won't be able to deliver mail to mine.

Any ideas? Anyone have this issue?

Old 12-15-2006, 04:23 PM   #2
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
You should probably post your named.conf as well as the results of nslookup from Windows & dig from Linux (both external). There are way too many variables that could cause the results to be different for anyone to give an anwer based on what you've provided so far.
Old 12-15-2006, 06:12 PM   #3
Senior Member
Registered: Nov 2002
Location: CA
Distribution: redhat 7.3
Posts: 1,440

Original Poster
Rep: Reputation: 52
I modified the configs to no longer use split dns as I thought that could be the issue. However, it's not and the result is the same. Below is named.conf:

options {
        directory "/etc";
        query-source address * port 53;
        pid-file "/var/run/";
        statistics-file "/var/run/named.stats";
        zone-statistics yes;
        //allow-recursion { "corp_internal"; };
        recursion no;

include "security.conf";
include "master.conf";
include "arpa.conf";

// Cache Zone
zone "." {
        type hint;
        file "named.root";
Here is my master.conf:
//Zone files go here

zone "" {
              type master;
              file "master/";
Below is the lookup from a windows machine hitting the external ip address of the nameserver:
C:\Documents and Settings\bob>nslookup
Default Server:

> server <outside ip address>
Default Server:  [outside ip address]
Address:  <outside ip address>

> set q=mx
Server:  [outside ip address]
Address:  <outside ip address nameserver = nameserver =    internet address =   internet address =
Now, here is nslookup from a linux workstation:
[root@dev01 ~]# nslookup
> server <outside ip address>
Default server: <outside ip address>
Address: <outside ip address>#53
> set q=mx
Server:         <outside ip address>
Address:        <outside ip address>#53        mail exchanger = 5
Both the linux workstation and the windows workstation are on the same network (same vlan). It's completely weird that nslookup on linux works fine but not on windows. Running dig on linux shows a successful result as well.


Last edited by twantrd; 12-15-2006 at 06:14 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with BIND-9.2.3 - No Recursion ScooterB Linux - Server 4 11-25-2006 11:10 AM
LXer: DNS: The Bind Leading the Bind LXer Syndicated Linux News 0 06-15-2006 10:33 PM
Looking for Split DNS Information using Bind jrbush82 Linux - Networking 2 04-22-2005 08:00 AM
tar: '--no-recursion' option doesn't prevent recursion Earl Parker II Slackware 12 08-17-2004 02:49 AM
Split DNS linuxboy69 Linux - Software 1 01-14-2004 01:24 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 12:36 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration