Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: DNS Problem (BIND)

  1. #11
    Associate
    Join Date
    Jan 2010
    Posts
    13
    Yet another development:

    TCP DNS queries work just fine, as confirmed by getting a response by issuing dig +tcp @server_ip
    UDP queries are not even getting to the server.

  2. #12
    Administrator Advisor peter's Avatar
    Join Date
    Apr 2004
    Posts
    882
    Are they getting there but the queries are being blocked on the return? What do your /var/log/messages error logs say?

  3. #13
    Associate
    Join Date
    Jan 2010
    Posts
    13
    No the UDP queries aren't even reaching the server according to the packet capture. There's nothing about it in messages.

  4. #14
    Administrator Advisor peter's Avatar
    Join Date
    Apr 2004
    Posts
    882
    Is your DNS server listed as the authoritative server for the domain at your registrar, like Verisign or Godaddy? Other DNS servers may not know where to visit to get domain information.

  5. #15
    Associate
    Join Date
    Jan 2010
    Posts
    13
    I bought the domain through godddy. I set up host records pointing to my server and then set the DNS to those records. Godaddy requires 2 DNS servers, but I have both of them pointing to the same IP.

  6. #16
    Administrator Advisor peter's Avatar
    Join Date
    Apr 2004
    Posts
    882
    What does the output of the dig command give?

    Code:
    # dig domain-name.com
    Are your name servers visible?

  7. #17
    Associate
    Join Date
    Jan 2010
    Posts
    13
    It times out, which makes sense, because the root servers should be pointing at my name server, which isn't accepting udp queries.

    However when I try a tcp query to a different public dns server it times out.

    This is what it does if I force dig to use my nameserver.

    ; <<>> DiG 9.4.3-P1 <<>> +tcp @64.79.45.135 d45h.net
    ; (1 server found)
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36913
    ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
    ;; WARNING: recursion requested but not available

    ;; QUESTION SECTION:
    ;d45h.net. IN A

    ;; ANSWER SECTION:
    d45h.net. 86400 IN A 64.79.45.135

    ;; AUTHORITY SECTION:
    d45h.net. 86400 IN NS ns2.d45h.net.
    d45h.net. 86400 IN NS ns1.d45h.net.

    ;; ADDITIONAL SECTION:
    ns1.d45h.net. 86400 IN A 64.79.45.135
    ns2.d45h.net. 86400 IN A 64.79.45.135

    ;; Query time: 103 msec
    ;; SERVER: 64.79.45.135#53(64.79.45.135)
    ;; WHEN: Mon Jan 4 11:33:55 2010
    ;; MSG SIZE rcvd: 110

  8. #18
    Associate
    Join Date
    Jan 2010
    Posts
    13
    So it turns out I was wrong about the ISP. They block all DNS traffic from any IP outside their network. They were having trouble with DoS attacks, so they just blocked it all together at the Edge.

  9. #19
    Administrator Advisor peter's Avatar
    Join Date
    Apr 2004
    Posts
    882
    So are they going to change the policy?

  10. #20
    Associate
    Join Date
    Jan 2010
    Posts
    13
    No, but they will provide free DNS service for my domain. So I won't have control over the DNS server, but at least DNS for my domain will function. Oh well.

Similar Threads

  1. BIND problem [rndc connect failure]
    By ShafiqPH in forum Linux - Hardware, Networking & Security
    Replies: 2
    Last Post: 10-09-2006, 10:21 AM
  2. Bind IP With MAC??/
    By sapheroth in forum Linux - Software, Applications & Programming
    Replies: 3
    Last Post: 09-20-2006, 11:42 AM
  3. Bind won't resolv
    By kenshi in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 12-30-2001, 06:31 PM
  4. webmin and bind
    By agar in forum Linux - Hardware, Networking & Security
    Replies: 4
    Last Post: 12-03-2001, 07:11 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •