f



Re: bind-9.2.4-16.EL4 problem #2


> Well, Thank you
> But why is my bind behaving like this, i thought it might be caused by
> the firewall DNS inspection and i removed it from the PIX but still the
> same problem happens, i defined the edns packet size to be 512 and
> still no luck??!!
> when i restart the named everything resolves fine for a while and then
> it returns to the same behavior of resolving most internet but some are
> not resolving,
> also when performing nslookup it doesn't give me timedout as if i was
> denied querying it gives me server failed!!
> 
> i would appreciate any help with this regard

	Most probably because there is as misconfiguration with the
	delegation of the zone which hold the names you are looking
	up.  Without specifics it's hard to do more than speculate.
 
> Elzey, Blaine A (Blaine) wrote:
> > Sometimes named takes more time to shutdown than the time between stop and 
> start commands in your named script.  Try adding a sleep 1 or sleep 3 between
>  the stop and start.
> >
> > Blaine Elzey
> > LWS VitalQIP
> > Lucent Technologies
> > BElzey@Lucent.com <mailto:BElzey@Lucent.com>
> > (610) 722-7976
> >
> > -----Original Message-----
> > From: bind-users-bounce@isc.org [mailto:bind-users-bounce@isc.org] On Behal
> f Of Shaheen
> > Sent: Wednesday, September 06, 2006 4:59 AM
> > To: comp-protocols-dns-bind@isc.org
> > Subject: bind-9.2.4-16.EL4 problem
> >
> > Hi,
> > Am facing a really weird problem with mentioned version of bind.
> > my network scenario is as follows
> > 3 bind-9.2.4-16.EL4 on FC5 behind PIX firewall, Most of internet queries ar
> e successful but some fails and log file does not show errors.
> > when i try to restart named i get the following [root@localhost /]# /etc/in
> it.d/named restart Stopping named: [  OK  ] Starting named: failed already ru
> nning [root@localhost /]#  /etc/init.d/named start Starting named: [  OK  ]
> >
> > and after that every thing even names were not resolving begin resolving fi
> ne!
> > why is this happeneing,
> > my primary named.conf looks like this
> > options {
> >         directory "/var/named";
> >         dump-file "/var/named/data/cache_dump.db";
> >         statistics-file "/var/named/data/named_stats.txt";
> >         version "Get Lost";
> >         allow-query { any; };
> >         allow-recursion { localhost; trusted; };
> >         blackhole { badguys;  };
> >         notify yes;
> >         datasize default;
> >         max-cache-size 800000000;
> >         allow-transfer { secondaries; };
> >         also-notify {x.x.x.x; y.y.y.y;}; // all zones
> >         allow-notify { secondaries; };
> >         recursive-clients 30000;
> >         pid-file "named.pid";
> > };
> >
> >
> > logging {
> > category lame-servers { null; };
> >
> >
> >
> >
> >
> > channel "default_debug" {
> >     file "/var/log/named/named.log" size 5m;
> >
> >
> >
> >
> >
> >     severity critical;
> >
> >  };
> > };
> > controls {
> >         inet x.x.x.x allow { x.x.x.x; } keys { "rndckey"; }; };
> 
> 
--
ISC Training!  October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP.  Email training@isc.org.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews@isc.org


0
Mark
9/7/2006 9:46:27 PM
comp.protocols.dns.bind 16245 articles. 1 followers. Post Follow

0 Replies
490 Views

Similar Articles

[PageSpeed] 2

Reply:

Similar Artilces:

Bind 9.2.4 slaving problem [bind 9.2.1 and bind 8.3.3]
Greetings. I have a master name server running BIND 9.2.1 [Debian Woody - server not available on the Internet] and a slave server running bind 9.2.4 [Debian Sarge - not currently available on the Internet] and two others running bind 8.3.3 [Debian Woody - on the Internet]. The 9.2.1 is a master for all the others to slave from. I have an entry in a zone defined on the master as the following: > $ORIGIN example.com. > spamhaus-datafeed IN NS local-rbl-a > spamhaus-datafeed IN NS local-rbl-b When I issue the following command: #> host -t nx spam...

RE: bind-9.2.4-16.EL4 problem
Sometimes named takes more time to shutdown than the time between stop and start commands in your named script. Try adding a sleep 1 or sleep 3 between the stop and start. Blaine Elzey LWS VitalQIP Lucent Technologies BElzey@Lucent.com <mailto:BElzey@Lucent.com> (610) 722-7976 -----Original Message----- From: bind-users-bounce@isc.org [mailto:bind-users-bounce@isc.org] On Behalf Of Shaheen Sent: Wednesday, September 06, 2006 4:59 AM To: comp-protocols-dns-bind@isc.org Subject: bind-9.2.4-16.EL4 problem Hi, Am facing a really weird problem with mentioned version of bind. my network scenario is as follows 3 bind-9.2.4-16.EL4 on FC5 behind PIX firewall, Most of internet queries are successful but some fails and log file does not show errors. when i try to restart named i get the following [root@localhost /]# /etc/init.d/named restart Stopping named: [ OK ] Starting named: failed already running [root@localhost /]# /etc/init.d/named start Starting named: [ OK ] and after that every thing even names were not resolving begin resolving fine! why is this happeneing, my primary named.conf looks like this options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; version "Get Lost"; allow-query { any; }; allow-recursion { localhost; trusted; }; blackhole { badguys; }; ...

Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS #2
Mokwena Motseto <MotsetM@sapo.co.za> wrote: >> Do you know of any problems I might encounter if I migrate to Microsoft >> DNS I don't what version it is, or if it has versions at all phn@icke-reklam.ipsec.nu replied: > You won't get support from this forum :-) Sorry to disappoint Peter, but there have been discussions of the interaction between MS W2k (or W2k+3) DNS Server and BIND in the on this list (and on its now-defunct sister list bind9-users@isc.org). Check the list archives. Discussions of BIND interoperability with other DNS software is n...

Re: Can I have a HPUX bind 4.9.7 slaved to a Solaris bind 9.2.2 master ?
>>>>> "Terry" == Terry Pike <terry.j.pike@gsk.com> writes: Terry> I have a HPUX bind 4.9.7 master server that I want to Terry> convert to a slave server. I want to create a new master Terry> on Solaris bind 9.2.2. Terry> Question: will the V4.9.7 server accept zone transfers from Terry> V9.2.2 ?? Of course. Why shouldn't it? The zone transfer protocol hasn't changed. However BIND9 by default tries a more efficient data transfer scheme that long-dead stuff like BIND4 doesn't understand. This behaviour ...

Problem running bind 9.2.3, bind 9.2.4rc2 and bind 9.3.0beta2 on bsd/os 5.1
named.run gives me: 16-Apr-2004 17:35:17.656 starting BIND 9.3.0beta2 -d 9 -n 2 16-Apr-2004 17:35:17.668 found 1 CPU, using 2 worker threads 16-Apr-2004 17:35:17.679 loading configuration from '/etc/named.conf' 16-Apr-2004 17:35:17.705 set maximum stack size to 67108864: success 16-Apr-2004 17:35:17.706 set maximum data size to 1073741824: success 16-Apr-2004 17:35:17.706 set maximum core size to 0: success 16-Apr-2004 17:35:17.706 set maximum open files to 128: success 16-Apr-2004 17:35:17.719 listening on IPv4 interface lo0, 127.0.0.1#53 16-Apr-2004 17:35:17.720 clientmgr ...

bind-9.2.4-16.EL4 problem
Hi, Am facing a really weird problem with mentioned version of bind. my network scenario is as follows 3 bind-9.2.4-16.EL4 on FC5 behind PIX firewall, Most of internet queries are successful but some fails and log file does not show errors. when i try to restart named i get the following [root@localhost /]# /etc/init.d/named restart Stopping named: [ OK ] Starting named: failed already running [root@localhost /]# /etc/init.d/named start Starting named: [ OK ] and after that every thing even names were not resolving begin resolving fine! why is this happeneing, my primary named.conf looks like this options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; version "Get Lost"; allow-query { any; }; allow-recursion { localhost; trusted; }; blackhole { badguys; }; notify yes; datasize default; max-cache-size 800000000; allow-transfer { secondaries; }; also-notify {x.x.x.x; y.y.y.y;}; // all zones allow-notify { secondaries; }; recursive-clients 30000; pid-file "named.pid"; }; logging { category lame-servers { null; }; channel "default_debug" { file "/var/log/named/named.log" size 5m; severity critical; }; }; controls { inet x.x.x.x all...

Re: Performance of Bind 9.2.3 vs BIND 4.8.3 #2
>>>>> "nishant" == nishant <nishant80@gmail.com> writes: nishant> But still i need to show that 'performance' wise BIND 9 nishant> is better than BIND 4. My previous posting did that. nishant> Can u please help me in deciding what kind of tests nishant> should i really be doing to show that BIND 9 'performs' nishant> better (or much better, as you say) than BIND 4? Look, stop wasting your time on this pointless make-work exercise. BIND4 is DEAD. Nobody should be running it. Consult the list arch...

Re: Problems with BIND 9.2.2 on OS X #2
> > Hi Dave, > There is a thread on comp.protocols.dns.bind that is now discussing > this issue...which is causing OS X Server admins big headaches. > > http://groups.google.com/groups? > hl=en&lr=&threadm=clsl2t%242evk%241%40sf1.isc.org&prev=/ > groups%3Fhl%3Den%26lr%3D%26group%3Dcomp.protocols.dns.bind > > I am sure my router is not blocking large UDP packets. > > Andrew comp.protocols.dns.bind *is* bind-users@isc.org There is a bi-directional gateway between the two. -- Mark Andrews, ISC 1 Seymour St., Dundas Vall...

RE: Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS
Hi Sorry for the misunderstanding I was not looking for support, I was just asking from people, who have been in the same situation that I am in now What influenced their decision to choose what ever they chose to go with -----Original Message----- From: bind-users-bounce@isc.org [mailto:bind-users-bounce@isc.org] On Behalf Of phn@icke-reklam.ipsec.nu Sent: 11 October 2004 21:21 To: comp-protocols-dns-bind@isc.org Subject: Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS Mokwena Motseto <MotsetM@sapo.co.za> wrote: > Hi > We are currently running BIND 4...

Migration from BIND 4.9 to 9.2 or Microsoft DNS #2
Hi We are currently running BIND 4.9 and we are under pressure to migrate at least to version 8 or 9 But there is a possibility of moving to a microsoft DNS on windows 2003 Our ISP's who host secondary zones for our domains are running BIND ver 9 What I want you guys to help me out with is the following Do you know of any problems I might encounter if I migrate to BIND ver 9 (latest) Do you know of any problems I might encounter if I migrate to Microsoft DNS I don't what version it is, or if it has versions at all Mokwena Motseto ...

[bind-users]Up-gradation of Bind 8.2.2 to Bind 9 on AIX 4.3.3
Hello, I have installed Bind 8.2.2 on AIX 4.3.3. Now we want to up-grade it to Bind9. Pl. Anyone know , how to up-grade Bind 8.2.2 to Bind 9 on AIX 4.3.3. ?? regards, Network Admin GNFC Ltd. India Ph: 91 79 26854515 postmaster@gnvfc.net wrote: > Hello, > I have installed Bind 8.2.2 on AIX 4.3.3. Now we want to up-grade it to Bind9. Pl. Anyone know , how to up-grade Bind 8.2.2 to Bind 9 on AIX 4.3.3. ?? > regards, > Network Admin > GNFC Ltd. > India > Ph: 91 79 26854515 Get the source from isc.org, unpack, read the documentation and go ahead. ...

Re: BIND 8.2.7 master ixfr to 9.2.2 slave #4
At 1:59 PM -0400 2005-05-04, Mike Mitchell wrote: > About once a day I have a BIND 9.2.2 slave truncate a zone after an IXFR > from a BIND 8 master. The packet trace shows the master sending an IXFR > response containing only two SOA records. Don't use IXFR with BIND-8. The code changed multiple times, and was always not-quite-there. Use AXFR, or some other means to get the information transmitted. Or upgrade to BIND-9, where IXFR was finally made to work right. -- Brad Knowles, <brad@stop.mail-abuse.org> "Those who would give up essential ...

Can I have a HPUX bind 4.9.7 slaved to a Solaris bind 9.2.2 master ?
I have a HPUX bind 4.9.7 master server that I want to convert to a slave server. I want to create a new master on Solaris bind 9.2.2. Question: will the V4.9.7 server accept zone transfers from V9.2.2 ?? Terry Pike <terry.j.pike@gsk.com> wrote: > I have a HPUX bind 4.9.7 master server that I want to convert to a > slave server. I want to create a new master on Solaris bind 9.2.2. > Question: will the V4.9.7 server accept zone transfers from V9.2.2 ?? A better question : why don't you upgrade to bind 9.2.3 ? -- Peter H�kanson IPSec...

Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS
bind-users-bounce@isc.org wrote on 10/11/2004 11:27:26 AM: [clip...] > > Do you know of any problems I might encounter if I migrate to BIND ver 9 > (latest) You should not have any problems. However, you should read all the docs that come with BIND 9. If you start with the "README" file you will find this statement: "If you are upgrading from BIND 8, please read the migration notes in doc/misc/migration. If you are upgrading from BIND 4, read doc/misc/migration-4to9." I highly recommend going through all of the docs before m...

Re: Migration from BIND 4.9 to 9.2 or Microsoft DNS #3
"Mokwena Motseto" <MotsetM@sapo.co.za> wrote: >Hi > >Sorry for the misunderstanding > >I was not looking for support, I was just asking from people, who have >been in the same situation that I am in now > >What influenced their decision to choose what ever they chose to go >with My feeling from reading postings on this list for a number of years is that most people who are currently using BIND will stick with BIND. In general, there is a mistrust of MS code. There were interoperability problems with BIND and MS W2k DNS a few years ag...

Re: bind 9(.2.4) on solaris 10 #2
> I wish it were that simple for me. Unfortunately I have corporate > requirements and restrictions to work with and one of them happens to be > to have IPv6 disabled everywhere. =P So short sighted ... One could argue that 6to4 is only IPv4 :-) > Speaking of which, there appears to be a named.conf directive called > "listen-on-v6". Would the "listen-on" version imply IPv4 only? If so, > that would be an acceptable workaround. > > -Alex No. Named will make queries over IPv6 even if it won't accept them. > Mark...

RE: BIND 9.2.3 configuration problem #2
"clause" I like that. -----Original Message----- From: bind-users-bounce@isc.org [mailto:bind-users-bounce@isc.org] On Behalf Of Jim Reid Sent: Thursday, July 29, 2004 11:30 AM To: nishant Cc: comp-protocols-dns-bind@isc.org Subject: Re: BIND 9.2.3 configuration problem=20 >>>>> "nishant" =3D=3D nishant <nishant80@gmail.com> writes: nishant> Do I have to add the 'directory' substatement in every nishant> named.conf that appears in the test directories That depends on how you run the tests. If no directory clause...

RE: BIND 9.4.2-P1 and sockets? #2
Well, my question was exactly on this matter: named is quite capable of matching multiple queries and only asking one question. I didn't think that recursive clients was incremented even when matching multiple queries and recursing only once. Thank you Mark. Regards, Emmanuel -----Message d'origine----- De�: Mark_Andrews@isc.org [mailto:Mark_Andrews@isc.org] Envoy�: jeudi 10 juillet 2008 16:52 ��: TIRADO Emmanuel Ext DOE/DEPFS Cc�: bind-users@isc.org Objet�: Re: BIND 9.4.2-P1 and sockets? > Hello, > > I'm little confused about the new BIND 9.4.2-P1. > > I'm working at an ISP, and the servers are caching servers. > > I'm looking for some informations on the sockets and recursive clients. > > If I'm not wrong , rndc status prints the number of recursive clients. > (queries which we are really recursing for, not answers from the cache.) > > For example, in my case, I have : > > recursive clients: 387/19900/20000 > > Simultaneously, I do "netstat -anp | grep named | grep -v ":53" | wc -l" > and the result is : 182. > > Since BIND opens up a socket whith a high port to recurse, how can the > numbers be so different? named is quite capable of matching multiple queries and only asking one question. One query from a client can cause named to ask multiple questions simultaniously. There is no direct ...

Re: Problems with BIND 9.2.2 on OS X
bind-users-bounce@isc.org wrote on 10/29/2004 04:08:38 PM: [clip para, see OP for details] > > " > > Here is a typical session showing two failures , followed by a success > > > xserveg5:/Users/admin root# dig +trace www.thinksecret.com > > ; <<>> DiG 9.2.2 <<>> +trace www.thinksecret.com > ;; global options: printcmd > . 514064 IN NS E.ROOT-SERVERS.NET. > . 514064 IN NS F.ROOT-SERVERS.NET. > . 514064 IN NS G....

Re: DNS bind-9.2.2-13 not working
The reason for specifying multiple servers is to provide REDUNDANCY. Giving two names to the same machine does not provide redunacy and just wastes bandwidth. ns1.polychip.net. 2D IN A 67.95.110.169 ns2.polychip.net. 2D IN A 67.95.110.169 I suspect you problem is a firewall. You need to open up both 53/UDP and 53/TCP. Mark > Hi, > > I have been trying to set up the dns for the past 1 week with no > luck..If i dig any other website from the local redhat linux machine > where this DNS is configured then it works fine, us...

Re: BIND 9.4.2 on Solaris 8 #2
> >> Greetings, > >> > >> Newly compiled BIND 9.4.2 on Solaris 8 kicks errors like below, Although > >> named *appears* to be listening and functioning fine. > >> > >> Anyone have ideas what would cause the below errors? > > > > lib/isc/unix/entropy.c > > /* > > * Solaris 2.5.1 does not have support for sockets (S_IFSOCK), > > * but it does return type S_IFIFO (the OS believes that > > * the socket is a fifo). This may be an issue if we tell > > * the program to look at an actual FIFO as its source of > > * entropy. > > */ > > #if defined(S_ISSOCK) > > if (S_ISSOCK(_stat.st_mode)) > > is_usocket = ISC_TRUE; > > #endif > > #if defined(S_ISFIFO) && defined(sun) > > if (S_ISFIFO(_stat.st_mode)) > > is_usocket = ISC_TRUE; > > #endif > > > > Turn "defined(S_ISFIFO) && defined(sun)" into "0". > > > > Mark > > > >> 29-Nov-2007 15:56:27.069 starting BIND 9.4.2 -c /etc/named.conf -4 -g > >> 29-Nov-2007 15:56:27.091 loading configuration from '/etc/named.conf' > >> 29-Nov-2007 15:56:27.095 no IPv6 interfaces found > >> 29-Nov-2007 15:56:27.098 listening on IPv4 interface lo0, 127.0.0...

RE: Bind 9.2.2-P3 resolver problems.
Question, I am seeing more problems with basic resolution on some of my bind servers that are used by my email servers. Every few days they stop answering requests, yet the server is active in memory and using like 400M ram. I have the cache-size limited to 300M and there are about 9000 domains, recursive-clients = 10000 ( probably my problem it's to big ). So I have some funky out of memory problem that I am causing because I have some limit set to low? Or I am wasting it all with recursive-clients? Ideas? Shane. -----Original Message----- From: ...

Re: BIND 8.2.7 master ixfr to 9.2.2 slave #2
Mayer () gis ! Net writes: > Don't use IXFR on BIND 8. It never quite worked right and it got > rewritten > 3 times. It works correctly in BIND 9. > Danny That response is similar to Patient: Doctor, it hurts when I do this. Doctor: Don't do it. I'll admit that their might be bugs in BIND 8's implementation of IXFR, but they shouldn't cause BIND 9 to blow away it's zone information. This smells like a small bug in BIND 8 tickling a large bug in BIND 9. I've diff'd the bin/named/ns_ixfr.c and bin/named/ns_xfr.c code betwee...

Re: Very odd errors from bind 9.2.2 #2
Ok, turns out you were right: On Sat, 25 Oct 2003 Mark_Andrews@isc.org wrote: > > Suddenly, with _no change in configuration_, I am seeing these three > > errors in /var/log/messages every time I HUP my named process: > > > > Oct 24 22:56:38 ns1 named[8255]: dns_master_load: /etc/namedb/s/.:1: > > unexpected end of line > > Oct 24 22:56:38 ns1 named[8255]: dns_master_load: /etc/namedb/s/.:1: > > unexpected end of input > > Oct 24 22:56:38 ns1 named[8255]: zone ./IN: loading master file > > /etc/namedb/s/.: unexpected end o...

Web resources about - Re: bind-9.2.4-16.EL4 problem #2 - comp.protocols.dns.bind

Problem novel - Wikipedia, the free encyclopedia
Working class, or proletarian novels are often also social problem novels . This was in many ways a reaction to rapid industrialization , and ...

The government’s surprising problem
Labor has powered up a savage campaign to punish Prime Minister Malcolm Turnbull for failure to meet a tax overhaul deadline — a deadline that ...

Bracket creep no longer main problem as jobless rate soars
The worst jobless figures since Malcolm Turnbull deposed Tony Abbott have again highlighted Australia's anaemic economic growth, boosting the ...

Android Marshmallow problems: troubleshooting guide
... a lot of great changes to Android, it's not without at least a few flaws. With that in mind, here are the major Android Marshmallow problems ...

French OptiMiam Tapping Into Global Waste Food Problem
... the clerk said he would need to throw the food away at the end of the day if it is not sold. "I had worked in a cafe so I knew of the problem ...

Counterpoint: My Unicorn Problem Problem
... in Anne Laurie’s morning thread , but it got so long I decided to make it a standalone post. Krugman’s post is entitled “My Unicorn Problem,” ...

New drivers and firmware fix Surface Pro 4 and Surface Book power management problems
... also heat issues now Microsoft have issued fixes. Starting today, new drivers and firmware updates are rolling out that address these problems ...

Apple apologizes for ‘Error 53’ iPhone bricking issue, rolls out iOS update to fix the problem
Earlier this month, iPhone 6 users who recently upgraded to iOS 9 were dismayed to discover that their devices had been bricked, with no indication ...

Microsoft says it's finally fixing the biggest problems with its Surface Book laptop and Surface Pro ...
... patches to make the Surface line work better with the Intel processor and display drivers, which The Verge reports cause power management problems ...

The Fed's 'communications problem'
Handicapping the Fed's next move is looking more and more like a fool's game, even for those inside the central bank.

Resources last updated: 2/20/2016 3:36:34 PM