Re: DNS resolution problem on certain addresses using BIND 9
On Thursday 03 March 2005 11:45 am, Wade Parker wrote:
> I have two domains (that I know of) that named cannot resolve. All
> other domains resolve as expected. The server in question is a standard
> Debian stable setup without GUI running principally exim, cyrus imap, &
> named without certain services like finger, ftp, sshd. It sets outside
> the firewall using a shared T-1.
>
> One of the domains in question (belonging to one of our members) is a
> .com domain, and the other is a (well-known) .net (groklaw.net). [I can
> reach both from my home computer.] I can ping both servers using their
> IP addresses.
>
> Both the host command and a simple dig on the names only yields a ";;
> connection timed out; no servers could be reached" message. If I run a
> dig with a trace, dig resolves the address correctly (see the dig +trace
> results below). If I point dig to the address's name server, the
> address resolves correction (see dig from address's NS below).
>
> I have done several google searchs on the problem. To my eye the DNS A
> and CNAME records appear correct. I have updated the /etc/bind/db.root
> file from FTP.INTERNIC.NET, and I have flush the cache (using rndc
> flush)--not to mention several reboots just to make sure (old Windows
> habits die hard). If I add the address to my /etc/hosts file, it solves
> the resolution problem for ping, but not for exim or dig.
>
> I have exhausted my limited knowledge. If anyone knows a solution to my
> problem (apart from dumping BIND 9 and pointing my system to someone
> else's DNS) or can point me in the right direction on where to look
> next, I would appreciate it.
>
> Thanks,
>
> Wade
I tried for a week to get BIND9 to work on my DNS, and constantly found errors
in the conf files, even though nslint and dnswalk found nothing wrong. It
was a nightmare and I am staying away from BIND9. I finally removed BIND9
and installed BIND (which was version 8 something) and it worked immediately.
Hal
Reply to: