Help - Search - Members - Calendar
Full Version: Fc1: Bind Timeouts At Retreival Of Most Domains
Linuxhelp > Support > Technical Support
remi
Hello all,

It's my first time here. I register to know if you would have an answer to my question about the BIND DNS server. I asked other forums before and they were puzzled as well...

I have Fedora Core 1, so of course I already have BINDv9 installed. By default in FC1, BIND runs in a chroot jail. I'm trying to do a nameserver for my LAN (not for the Internet, obviously). On that nameserver, you would be able to resolve domain names from the Internet, like everyone else, but also resolve anything on my special domain extension .kawamura.eremi.net. only within the LAN. This is to test Web sites I'm developing and I'm getting tired of editing the 'hosts' file on each machine for that...

After having started named and using `dig @localhost` to retreive records, it works perfectly with my local 'kawamura' domain, but it will only work with some domains from the Internet.

It works fine with most .com, most .net, and no other TLDs, including the generics and the country-specifics. Either dig reports "status: SERVFAIL" or "connection timed out; no servers could be reached". Increasing the timeout in dig doesn't help.

You can read my configuration at http://sadako.eremi.net/bind/ . I use the file var/named/named.cache for the root servers. named.ca has now became outdated. There is also a log in var/named/named.run that tells you what happens for each Internet domains I tried to resolve with dig. Some worked, some didn't. Yet, the log gives me no idea about where is the problem.

Any ideas? Thanks in advance.
remi
Sorry about the multiple posts. I tried to post with Mozilla, but it was getting stuck loading after 5 minutes... I didn't know that it actually posted.
hughesjr
I use this named.ca file with bind 9 on WhiteBox Enterprise Linux and I have no problems resloving names....At least I don't think I do.

If you want to post some addresses that you can't look up, I'll see if they work for me....

I don't see anything wrong with your configuration file.
remi
If there's nothing wrong in the config and zone files, I wonder what's causing the problem then...

It's difficult for me to give you a list of working and failing domains. They all work with my ISPs nameservers. The ones that never worked with my own nameserver were usually edojin.info, achernar.org, leshedageorge.com, and some other I'm forgetting right now.
hughesjr
The lookups for other than defined zones is handled by named.ca (or in your case, named.cache).

Make sure you have all the zone servers in and correct in named.cache.
hughesjr
Also, check the file permissions on named.cache (and the other files for that matter) with ls -al
remi
I'm checking named.cache. Everything is OK in there and it's an exact copy of ftp://ftp.internic.net/domain/named.cache . I checked those servers myself one-by-one with ping and dig and it's all the correct IPs and they all resolve domains correctly.

The owner of all config files for BIND is named:named and they are readable by everyone, writable only for the user.

I've also made a list of some domains I tried to resolve with dig with the results. (Forgive me for using Excel to do that HTML page...) http://sadako.eremi.net/dig.html

Apparently some ccTLD domains also work... but not all.
remi
No one has any ideas at all?

I've just ripped out all my configuration files, reinstalled the latest BIND RPM package for Fedora Core 1 again and it still has the same symptoms.

Can it be because of a firewall on the computer? I believe there is none. Could it be because of the router between my LAN with 3 computers and the Internet? Anything?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.