Server :: BIND Refuses Queries ?
Feb 15, 2010
I am currently running the latest version of Bind, and for some completely unknown reason I can NOT get queries to work for PTR records. All queries to the servers for reverse name lookup get query denied:
Using domain server:
Name: 66.150.173.1
Address: 66.150.173.1#53
Aliases:
Host 27.173.150.66.in-addr.arpa not found: 5(REFUSED)
And it shows in my logs:
I am at my wits ends with the piece of crap. Can anyone shine some light on why this damn Bind install won't respond to these queries?
For reference here is my named.conf:
Code:
View 15 Replies
ADVERTISEMENT
Apr 21, 2010
I have this ISP grade Nameserver running on BIND 9.5 on Fedora Core 9 64 Bit.
Its been pretty working well for sometime until a last week when we noticed it stopped resolving for our clients using on our service.
It gives correct authouritative answers for our own ISP domain with the A, PTR and MX intact but does not return resolving queries back to clients.
Below are my files
This is the message from /var/log/messages
The 41.223.x.x and 41.215.x.x ip address are from our ISP subnet and so are our own clients being denied.
The box is also hosting our traffic graph server which is on a LAMP but listens on another IP/ethernet card.
So far the load on the server is minimal as is a Dell R200 rack server.
View 11 Replies
View Related
Feb 14, 2011
I can configure a caching-only name server fine, but how do I make it forward DNS queries too?
I'm thinking I could add the below to the options stanza in the /etc/named.conf file:
View 1 Replies
View Related
Mar 4, 2011
I am bit new to Linux and have setup caching-only name server with Centos 5.5. when i do dig server, it provide resolutions. but when i use the server IP as DNS on my windows client, it says, "connection refused" on the NSlookup output. (IP table didn't enable) My server Ip is 192.168.1.253 and bellow is the configuration of "/var/named/chroot/etc/named.conf"
options {
listen-on port 53 { 127.0.0.1; 192.168.1.253; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt"; .....
View 9 Replies
View Related
Mar 8, 2010
I have installed BIND 9.6.1-P3-RedHat-9.6.1-16.P3.fc12 on Fedora Core 12.
I found out that when i perform i DNS lookup to a some record that is not in the DNS cache or zones(means...recursive) it takes about 4 sec to give the IP results.
I dig a little bit on the internet and found out that it is a known issue but all places says that it is fixed on newer version of BIND (after version 9.3)
I tried:
1. start BIND with -4 argument ( named -4) - the server started but no changes on the delay.
2. disable IPV6 on the server - i tried the articles on the web but still i get IPV6 address.
View 7 Replies
View Related
Feb 13, 2011
However I just built a 10.10 server, installed webmin, vmware, and the server is working perfectly. I configured my bind 9 server using the latest webmin and on the server everything resolves perfectly to both the internet and lan. I have it set to 127.0.0.1, the server ip address is 10.1.50.25. However, it will not accept dns client queries in which they cannot resolve to the lan or internet. I have the dhcp giving out the dns server 10.1.50.25. NSLOOKUPS from the client show query refused. I know there has to be some setting or config that will allow clients to query but I am not able to locate it, and I am not totally knowledgeable of named.conf and been all through the webmin module and configuration settings.
View 6 Replies
View Related
Jul 8, 2011
what is bind vs bind-chroot vs caching-nameserver ?what is the different between eatch others ?
View 7 Replies
View Related
Jul 5, 2011
I would like configure a DNS server on Debian, only to forward through my ISP DNS servers.
View 4 Replies
View Related
Feb 23, 2010
My DNS server used to work flawlessly but for some reason it no longer responds to queries. It seems that named always queries internet root serves!!
View 3 Replies
View Related
Nov 7, 2010
I have internal-only email server that has internal BIND9 running. Thought it only has its IP address defined in /etc/resolv.conf, it is still resolving outside addresses.
View 2 Replies
View Related
Aug 28, 2011
How often are dns queries sent? Assume I want to connect to a ssh server, will I send one dns-query in order to do that or do I send multiple during my connection? What if I request web-pages, do I send a query only when I enter a site or will I send queries every time I visit a new page on that site?
I'm asking since I'm considering getting an account at dyn.com (the standard account for $30/yr) and it comes with 600 000 queries per month (which is way more than I expect to get but knowing exactly what it means is always good).
View 3 Replies
View Related
Jan 9, 2009
Is there a way to run queries against a Microsoft sql server from linux? Here is what I would like to do. When I create apps that us db back end I would like to quickly check results of my queries. so if I could do something like "select * form Orders" from the terminal or another app that would be great.
View 6 Replies
View Related
Feb 24, 2011
I have my bind9 DNS server running on Ubuntu with logging on. What's bothering me is that I have log full of localhost queries instead of from IP of the computer which actually asked.DNS queries log:/var/log/named.queries.log
Code:
24-Feb-2011 16:01:19.413 client 127.0.0.1#38022: query: clients4.google.com IN A + (127.0.0.1)
[code]....
View 6 Replies
View Related
Jun 4, 2010
I chose -Server-, if this is more appropriate in -Networking-, just let me know. Basically, I need to be able to merge responses stored in a zone file with responses from an "upstream" authoritative server. I'm in the sad position of needing to "intercept" requests to *part* of a domain (but not restricted to a sub-domain!) and return results for *some* hosts that use an internally routed address, and results for the rest using the public internet addresses. Unfortunately, it's not my domain, so I can't just use views (although I suspect they could end up having some part to play in this, at least potentially)... but instead I have to actually send requests recursing to the other site's external DNS for any hosts my server doesn't have records for in the zone file.
Some background on the situation:
I work at a local government, which has a private link / VPN connection to a state government entity, and needs to use internal addresses for some of the state servers, which then get routed over an "internal" network link. But the state uses the same domain name internally and externally, just presenting views to internal clients vs. external clients. -- However, we are only being allowed access to certain of their servers through the internal link, which means that for any other servers that we don't have internal/private access for, we have to visit the public addresses just like anyone else on the internet... So, I can't just send all requests to their internal DNS and get responses, because we'd get IPs for some servers (e.g. their main web site) that we wouldn't then be able to reach using the internal network link.
For Example: Say I have a client machine, "client1", on my network ("my.net"), which uses "mydns1.my.net" for name resolution ... and which needs to access 2 servers on the state network, "private.st.us" and "public.st.us" -- so named based on how "my.net" needs to access them.
The external state DNS server/view ("ext-dns.st.us") responds to requests with something like:
private.st.us -- 1.2.3.456
public.st.us -- 1.2.3.457
(Those are just crap addresses, obviously.
The internal state DNS server/view ("int-dns.st.us") responds to requests with something like:
private.st.us -- 10.0.0.8
public.st.us -- 10.0.0.10
This works on their network because their own clients have access to all such IPs.
But for us, they only allow traffic flowing between "my.net" and their internal network to reach the 10.0.0.8 address, blocking all other address destinations. So, when "client1.my.net" asks "mydns1.my.net" for the address of "public.st.us", I need "mydns1" to recurse out to "ext-dns.st.us" to get an answer (1.2.3.457) and then return that IP to "client1" -- because "my.net" is blocked from accessing the server's 10.0.0.10 address. But, when client1 asks mydns1 for "private.st.us" I need to pull the IP (10.0.0.8) from a local zone file instead of asking either of the state DNS servers -- or optionally forward the request to "int-dns.st.us" I suppose -- because the state blocks access to certain services (which we need and are the whole cause of this problem!) via the public (1.2.3.456) address.
View 1 Replies
View Related
Sep 5, 2010
trying to configure a Centos 5.5 server (simple file server with DHCP and DNS relay). I configured and tested the config (by 'service dnsmasq configtest') of dnsmasq and I got the message 'dnsdomain:host unknown (translation of the real message : hte inconnu) and I didn't find where I could define this host ! The hostname of the server is well defined and I can see it from all Windows PC's on the LAN. dnsmasq starts (with hte same message as in configtest) but when querying DNS from PC's te.g. trying to surf the Internet), I don't get replies (3 DNS servers are also well defined and operational).
View 2 Replies
View Related
Jul 19, 2010
I have registered 2 nameservers running bind for a certain domain. The log file of my domain name provider (SWITCH) shows the following warning:
Warning Der Name-Server ns.xxxxx.ch (nn.nn.nn.nn) beantwortet rekursive Anfragen.
In English that would be:
Warning: Name-Server ns.xxxxx.ch (nn.nn.nn.nn) answers recursive queries.
The NS triggering the warning is running openSUSE 10.2 and the other one 11.1. Both configuration files /etc/named.conf are equivalent (well, forwarders are different). There is no such warning for the NS with 11.1. When I add "recursion no;" to the options in /etc/named.conf the warning goes away, but FF or SeaMonkey running on the server no longer get their DNS requests resolved.
View 9 Replies
View Related
May 14, 2010
I recently turned on query logging on our name server and immediately saw repeated queries for . (dot). I've not seen this before. It looks like a really sloppy DOS. What would this return if my NS was misconfigured?
May 13 18:11:41.710 queries: info: client 91.202.63.129#56089: query: . IN NS
May 13 18:11:42.083 queries: info: client 91.202.63.129#62826: query: . IN NS
May 13 18:11:42.788 queries: info: client 91.202.63.129#13620: query: . IN NS
[code]....
View 2 Replies
View Related
Nov 13, 2010
I'm having a problem whereby I'm able to send mail to a mailbox from several different email addresses and SMTP servers (gmail, RoadRunner broadband), but I'm unable to send mail to the same address from one particular account, the SMTP server for which runs on a mediaTemple (dv) 3.0 box with CentOS 5 Final.I've spent a full workday on the forums, trying to troubleshoot the issue, and I'm running out of ideas.The server on which I'm having the mail processing problem is a mediaTemple (ve) running Ubuntu 10.04 x64 (Linux 2.6.18-028stab070.7 #1 SMP Fri Oct 1 13:53:00 MSD 2010 x86_64 GNU/Linux), with ISPConfig 3. Here's how I setup the mail-related aspects of the Ubuntu box:
Code:
apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d
[code]....
View 2 Replies
View Related
Aug 25, 2009
I have a home DNS server that has been working for some time today. Today I restarted to restarted it to clear the cache on it and now it refuses to answer and requests. Named starts fine with no errors. Here is named config file that worked for about 2 weeks fine and now doesn't want to work.
options {
directory "/etc";
pid-file "/var/run/named/named.pid";
forwarders {
192.168.1.10;
};
forward only;
};
zone "." {
type hint;
file "/etc/db.cache";
};
View 1 Replies
View Related
Jan 5, 2011
I recently upgraded my flavor (Arch, latest version) and now I am unable to connect to samba (latest version; obtained through pacman) either through Windows or Linux. My error logs reveal: (/var/log/samba/log.smbd)
[code]....
nmblookup shows what it should but smbclient -L gives the generic "Error NT_STATUS_UNSUCCESSFUL". I also tried to reinstall Samba. I am not sure why it continues to try for CUPS, as I do not have printers listed in smb.conf.
View 1 Replies
View Related
Dec 7, 2010
I and setting up a home web server using Ubuntu 10.04 server (local only). I am currently using Webmin 1.53 to access it remotely all is going great very easy to use. Webmin - Check, ftps-fileZilla - Check, Apache -It Works BUT I cant seam to set up Apache as a named server using Bind DSN. Tried most of the help in the fourms and ..... I think my problems is in the master server selection, do i have to use [URL]... or can i just use myservername. I have tryed both with no luck. First time with the server addition.
[code]...
View 6 Replies
View Related
May 24, 2010
I have one machine (out of a couple dozen) that continues to refuse to allow "vncserver :1" to start. It is perfectly happy with :2 - :9 but tells me :1 is already running - yet ps tells me that there is no running
Xvnc instance.
What have I done here and how do I get that session back? I've cleared the /tmp/.X11-unix entries but that did no good. Could I have checked something in Yast that is launching an invisible session?
View 4 Replies
View Related
Feb 28, 2010
started setting up my 3rd ubuntu server under the OS of Ubuntu Linux 9.04 64 bit. I have configured the server to allow root access and am using this to execute this file. As you can see from the screenshot of PuTTy, the file exists but is refusing to load up. I am also able to nano the file. I have tried moving the file to /root/ and still had no luck.
View 3 Replies
View Related
Apr 24, 2011
I need to force a shutdown. It seems I have lost an array and now the system refuses to shutdown.
Code:
echo o > /proc/sysrq-trigger
gives the warning but no dice.
reboot -f = nothing.
View 3 Replies
View Related
Aug 23, 2009
I have installed bind from the repos and am trying to setup a caching name server. After copying the stock name-cachinging.conf to named.conf, I tweaked named.conf to reflect my LAN:
options {
listen-on port 53 { 127.0.0.1; 192.168.1.102; };
listen-on-v6 port 53 { ::1; };
[code]...
View 2 Replies
View Related
Sep 3, 2009
I am configuring bind9 on fedora 9(sulphur).I have configured /etc/named.conf and created zone file in /var/named/I have started the service but when I am executing the command nslookup mydomain.com it is not able to resolve the name.Another problem I am facing when I do telnet localhost 53,I am able to connect.but when I do telnet myip 53 it does not connect.Seems to be a firewall problem but I ve disabled iptables selinux completely even I ve disabled dnsmasq but still not working.
View 1 Replies
View Related
Nov 21, 2010
I have a strange problem with evolution in Fedora 14. I run my own mail servers (Postfix and Dovecot) on localhost. This all worked great in F13 but now evolution refuses to connect to the localhost imap server. If I connect from my laptop (also F14) i.e. not from the localhost all works fine and great with evolution. I deleted all the config and started again to no avail. I also created a new user and logged in with this user and I still get the same so looks not to be user config issue.
evolution --debug=evo.debug.txt returns nothing useful.
Dovecot is listening on localhost as I can telnet to the imap port. Also other imap clients like Thunderbird work fine.
View 4 Replies
View Related
Nov 12, 2009
I'm trying to install two instances of OCS Inventory on the same machine using virtual hosts in apache. The apache configuration for it is in it's own file and it works fine without any virtual host. If I add it apache refuses to start without giving any error message. I narrowed it down to some lines loading perl modules, and if I comment them away apache will start again. Some of the modules work, but some of the ones specific to OCS Inventory will not work. I can't understand what the difference is between loading it in a virtual host or not, it doesn't make any sense to me!
View 2 Replies
View Related
Mar 23, 2010
I am setting up a new server and am in the midst of testing RAID. This is an Ubuntu 9.10 server. RAID1 (/dev/md1) is spread across 12 one-terabyte SCSI disks (/dev/sdi through /dev/sdt). It has four spares configured, each of which are also one-terabyte SCSI drives (/dev/sdu through /dev/sdx). I have been following the instructions on the Linux RAID Wiki ([URL]....
I have already tested the RAID successfully by using mdadm to set a drive faulty. Automatic failover to spare and reconstruction worked like a champ. I am now testing "Force fail by hardware". Specifically, I am following the advice, "Take the system down, unplug the disk, and boot it up again." Well, I did that, and the RAID fails to start. It outright refuses to start. It doesn't seem to notice that a drive is missing. Notably, all the drive letters shift up to fill in the space left by removing a drive. The test I did was to:
[code]....
Is removing a disk from the bus a reasonable test in the first place? Meaning, is this likely to happen in a production environment by other means than a human coming by and yanking out the drive? Meaning, is there a hardware failure that would replicate this event? Because, if so, then I don't know how to recover from it.
View 1 Replies
View Related
Jun 14, 2010
I have a BIND server that I'm setting up with different views. There is another server out on the public Internet that currently handles all inquiries for this domain. I had installed the Yum packages, chroot, etc. and edited the config files by hand. When that didn't work, I erased the server and started over using Webmin to build everything for me. Same result. I want to setup and verify everything is working on this new server before I take it into production.This is in /var/log/messagesQuote:
Jun 13 21:33:20 dns1 named[13838]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -u named
Jun 13 21:33:20 dns1 named[13838]: adjusted limit on open files from 1024 to 1048576
[code]...
View 13 Replies
View Related
