Bind 9.2.4-1 on Sarge work with TCP but do not like UDP

Hello,

I'm desperate, I've setup a bind server to host a domain name as
primary server. Configuration & zone files seems to be good, but bind
only reply on TCP 53.

When I normally use "nslookup www.mydomain.com 127.0.0.1", I've no
reply, nslookup prints :
;; connection timed out; no servers could be reached

I don't get any errors, I've tried to run bind with "named -g -d 4",
but there's no activity during the query. On the other hand, when I run
: host -T www.mydomain.com, all work fine, that's realy strange.

>From an other computer, I've run nmap to check that bind listen on
UDP 53, but the port is open.

After, my configuration file :

named.conf.options
===========================================
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an
unprivileged
// port by default.

query-source address * port 53;

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses
replacing
// the all-0's placeholder.

// forwarders {
// 0.0.0.0;
// };

auth-nxdomain no; # conform to RFC1035

version "SECRET";
listen-on-v6 { none; };
recursion no;
allow-query { any; };
};

named.conf
===========================================
// This is the primary configuration file for the BIND DNS server
named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on
the
// structure of BIND configuration files in Debian, *BEFORE* you
customize
// this configuration file.
//
// If you are just adding zones, please do that in
/etc/bind/named.conf.local

include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};

// be authoritative for the localhost forward and reverse zones, and
for
// broadcast zones as per RFC 1912

zone "localhost" {
type master;
file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

// From the release notes:
// Because many of our users are uncomfortable receiving undelegated
answers
// from root or top level domains, other than a few for whom that
behaviour
// has been trusted and expected for quite some length of time, we
have now
// introduced the "root-delegations-only" feature which applies
delegation-only
// logic to all top level domains, and to the root domain. An
exception list
// should be specified, including "MUSEUM" and "DE", and any other top
level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };

include "/etc/bind/named.conf.local";

named.conf.local
===========================================
//
// Do any local configuration here
//

zone "marcillac-vallon.com" {
type master;
file "/etc/bind/db.marcillac-vallon.com";
};

zone "80.247.230.27.in-addr.arpa" {
type master;
file "/etc/bind/db.80.247.230.27";
};


// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";


I would to sniff UDP 53 with tcpdump which I run using root and I get :
tcpdump: socket: Operation not permitted
this is really not a good for me :( and no ways to do it run, I'm
logged as root, I don't know what I cann't get permission. Probably,
this is link to my bind problem, I don't know.

Your help are welcom,

Pascal

I've found where the problème comes from. My serveur running using
vserver, and I have to add ip address in the query-source field.

++