linux named

I'm running bind 9.2.1 on linux 2.4.20-8. It seems that my named is
running fine. Dig seems to come back with the correct results.
However when I try and find the domain from the outside things do not
work. For some reason I can't even telnet to port 53. I've even
tried completely opening up the firewall making this linux box a DMZ
host. Strangely a telnet to 'localhost 53' works just fine on the
local box. I'm not quite sure how to troubleshoot this.

Any suggestions?

Yes the port forwarding is setup. ssh and other port forwards have
been working just fine. In fact I had another linux box nameserving
just fine. I just checked the difference in the digs. The current
box shows this:

;; QUESTION SECTION:
;www.opalfire.net. IN A

;; ANSWER SECTION:
www.opalfire.net. 259200 IN A 66.47.111.31

;; AUTHORITY SECTION:
opalfire.net. 259200 IN NS ns.opalfire.net.

;; ADDITIONAL SECTION:
ns.opalfire.net. 259200 IN A 66.47.111.31



I noticed the old box had a CNAME record which I don't have anymore.
Could this be my problem? ns1.opalfire.net is pointing to this box.

Cheers

> Did you forward the port 53 from the firewall to your linux box ?
>
> What is your domain ? Did you register it with the correct
> primary/secondary DNS pointing to your public IP ?
>
> Give more information on your network (hosts & ip).
>
>
> Regards

On 1 Aug 2003 06:59:48 -0700, mark stephens <mark_r_stephens@yahoo.com> wrote:
> Yes the port forwarding is setup. ssh and other port forwards have
> been working just fine. In fact I had another linux box nameserving
> just fine. I just checked the difference in the digs. The current
> box shows this:
>
> ;; QUESTION SECTION:
> ;www.opalfire.net. IN A
>
> ;; ANSWER SECTION:
> www.opalfire.net. 259200 IN A 66.47.111.31
>
> ;; AUTHORITY SECTION:
> opalfire.net. 259200 IN NS ns.opalfire.net.
>
> ;; ADDITIONAL SECTION:
> ns.opalfire.net. 259200 IN A 66.47.111.31
>
>
>
> I noticed the old box had a CNAME record which I don't have anymore.
> Could this be my problem? ns1.opalfire.net is pointing to this box.

dig opalfire.net ns returns:

;; QUESTION SECTION:
;opalfire.net. IN NS

;; ANSWER SECTION:
opalfire.net. 172800 IN NS ns1.opalfire.net.
opalfire.net. 172800 IN NS pinky.worldnic.com.

;; ADDITIONAL SECTION:
ns1.opalfire.net. 172800 IN A 66.47.111.31

But pinky.worldnic.com does not resolve, its former IP 198.41.1.13 does
not respond, and 66.47.111.31 does not respond, so NOTHING for
opalfire.net resolves at all.

Check your named.conf for listen-on and allow-query, and check your
firewall config (and logs for named and firewall). Your domain is dead
until you point your registrar to working nameservers.

--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/

listen-on and allow-query are not set in my named.conf. Nor were they
set on my other linux server which works just fine. In face I can
turn that box on, switch the forwarding to that ip and it works great.
However that box is intermittant and I can't always keep it up ...
hence the upgrade. I checked the firewall logs and I can see the
named hits coming to port 53.



efflandt@xnet.com (David Efflandt) wrote in message
> dig opalfire.net ns returns:
>
> ;; QUESTION SECTION:
> ;opalfire.net. IN NS
>
> ;; ANSWER SECTION:
> opalfire.net. 172800 IN NS ns1.opalfire.net.
> opalfire.net. 172800 IN NS pinky.worldnic.com.
>
> ;; ADDITIONAL SECTION:
> ns1.opalfire.net. 172800 IN A 66.47.111.31
>
> But pinky.worldnic.com does not resolve, its former IP 198.41.1.13 does
> not respond, and 66.47.111.31 does not respond, so NOTHING for
> opalfire.net resolves at all.
>
> Check your named.conf for listen-on and allow-query, and check your
> firewall config (and logs for named and firewall). Your domain is dead
> until you point your registrar to working nameservers.

Here is the debug output from my nameserver if this helps:

Aug 06 11:26:44.082 starting BIND 9.2.1 -f -g -d 20 -u named
Aug 06 11:26:44.083 using 1 CPU
Aug 06 11:26:44.088 loading configuration from '/etc/named.conf'
Aug 06 11:26:44.089 set maximum stack size to 4294967295: success
Aug 06 11:26:44.089 set maximum data size to 4294967295: success
Aug 06 11:26:44.089 set maximum core size to 4294967295: success
Aug 06 11:26:44.089 set maximum open files to 1024: success
Aug 06 11:26:44.102 no IPv6 interfaces found
Aug 06 11:26:44.103 listening on IPv4 interface lo, 127.0.0.1#53
Aug 06 11:26:44.103 clientmgr @0x8091528: create
Aug 06 11:26:44.103 socket 0x8095a30: created
Aug 06 11:26:44.103 clientmgr @0x8091528: createclients
Aug 06 11:26:44.104 clientmgr @0x8091528: create new
Aug 06 11:26:44.104 client @0x8095ba8: create
Aug 06 11:26:44.104 socket 0x80a9100: created
Aug 06 11:26:44.104 clientmgr @0x8091528: createclients
Aug 06 11:26:44.104 clientmgr @0x8091528: create new
Aug 06 11:26:44.104 client @0x80a91e0: create
Aug 06 11:26:44.104 listening on IPv4 interface eth0, 192.168.1.101#53
Aug 06 11:26:44.104 clientmgr @0x80aaea0: create
Aug 06 11:26:44.104 socket 0x80ab0a8: created
Aug 06 11:26:44.104 clientmgr @0x80aaea0: createclients
Aug 06 11:26:44.104 clientmgr @0x80aaea0: create new
Aug 06 11:26:44.104 client @0x80ab220: create
Aug 06 11:26:44.105 socket 0x80acf30: created
Aug 06 11:26:44.105 clientmgr @0x80aaea0: createclients
Aug 06 11:26:44.105 clientmgr @0x80aaea0: create new
Aug 06 11:26:44.105 client @0x80ad010: create
Aug 06 11:26:44.108 socket 0x80b2c20: created
Aug 06 11:26:44.108 res 0x80b2e00: create
Aug 06 11:26:44.109 Cleaning interval for adb: 8 buckets every 30
seconds, 1009 buckets in system, 3600 cl.interval
Aug 06 11:26:44.109 dns_requestmgr_create
Aug 06 11:26:44.109 dns_requestmgr_create: 0x80b4300
Aug 06 11:26:44.109 dns_requestmgr_whenshutdown
Aug 06 11:26:44.109 replacing zone database
Aug 06 11:26:44.109 replacing zone database
Aug 06 11:26:44.110 socket 0x80b6350: created
Aug 06 11:26:44.110 command channel listening on 127.0.0.1#953
Aug 06 11:26:44.110 ignoring config file logging statement due to -g
option
Aug 06 11:26:44.111 load_configuration: success
Aug 06 11:26:44.111 zone 0.0.127.in-addr.arpa/IN: starting load
Aug 06 11:26:44.112 zone 0.0.127.in-addr.arpa/IN: number of nodes in
database: 2
Aug 06 11:26:44.112 zone 0.0.127.in-addr.arpa/IN: loaded
Aug 06 11:26:44.112 no journal file, but that's OK
Aug 06 11:26:44.112 zone 0.0.127.in-addr.arpa/IN: journal rollforward
completed successfully: no journal
Aug 06 11:26:44.113 zone 0.0.127.in-addr.arpa/IN: loaded serial
1997022700
Aug 06 11:26:44.113 zone localhost/IN: starting load
Aug 06 11:26:44.114 zone localhost/IN: number of nodes in database: 1
Aug 06 11:26:44.114 zone localhost/IN: loaded
Aug 06 11:26:44.114 no journal file, but that's OK
Aug 06 11:26:44.114 zone localhost/IN: journal rollforward completed
successfully: no journal
Aug 06 11:26:44.114 zone localhost/IN: loaded serial 42
Aug 06 11:26:44.114 zone opalfire.net/IN: starting load
Aug 06 11:26:44.115 zone opalfire.net/IN: number of nodes in database:
4
Aug 06 11:26:44.115 zone opalfire.net/IN: loaded
Aug 06 11:26:44.115 no journal file, but that's OK
Aug 06 11:26:44.116 zone opalfire.net/IN: journal rollforward
completed successfully: no journal
Aug 06 11:26:44.116 zone opalfire.net/IN: loaded serial 200206191
Aug 06 11:26:44.116 dns_zone_maintenance: zone opalfire.net/IN: enter
Aug 06 11:26:44.116 dns_zone_maintenance: zone localhost/IN: enter
Aug 06 11:26:44.116 dns_zone_maintenance: zone
0.0.127.in-addr.arpa/IN: enter
Aug 06 11:26:44.116 dns_zone_maintenance: zone version.bind/CH: enter
Aug 06 11:26:44.116 dns_zone_maintenance: zone authors.bind/CH: enter
Aug 06 11:26:44.116 running
Aug 06 11:26:44.116 client @0x8095ba8: udprecv
Aug 06 11:26:44.116 client @0x80a91e0: accept
Aug 06 11:26:44.116 client @0x80ab220: udprecv
Aug 06 11:26:44.116 client @0x80ad010: accept
Aug 06 11:26:44.116 zone_timer: zone opalfire.net/IN: enter
Aug 06 11:26:44.117 zone_maintenance: zone opalfire.net/IN: enter
Aug 06 11:26:44.117 zone_settimer: zone opalfire.net/IN: settimer
inactive
Aug 06 11:26:44.117 zone_timer: zone localhost/IN: enter
Aug 06 11:26:44.117 zone_maintenance: zone localhost/IN: enter
Aug 06 11:26:44.117 zone_settimer: zone localhost/IN: settimer
inactive
Aug 06 11:26:44.117 zone_timer: zone 0.0.127.in-addr.arpa/IN: enter
Aug 06 11:26:44.117 zone_maintenance: zone 0.0.127.in-addr.arpa/IN:
enter
Aug 06 11:26:44.117 zone_settimer: zone 0.0.127.in-addr.arpa/IN:
settimer inactive
Aug 06 11:26:44.117 zone_timer: zone version.bind/CH: enter
Aug 06 11:26:44.117 zone_maintenance: zone version.bind/CH: enter
Aug 06 11:26:44.117 zone_timer: zone authors.bind/CH: enter
Aug 06 11:26:44.117 zone_maintenance: zone authors.bind/CH: enter



and a local request I made on the box via dig:


Aug 06 11:34:54.474 client 127.0.0.1#34236: UDP request
Aug 06 11:34:54.474 client 127.0.0.1#34236: using view '_default'
Aug 06 11:34:54.474 client 127.0.0.1#34236: request is not signed
Aug 06 11:34:54.474 client 127.0.0.1#34236: recursion available:
approved
Aug 06 11:34:54.474 client 127.0.0.1#34236: query
Aug 06 11:34:54.474 client 127.0.0.1#34236: ns_client_attach: ref = 1
Aug 06 11:34:54.475 client 127.0.0.1#34236: query
'www.opalfire.net/IN' approved
Aug 06 11:34:54.475 client 127.0.0.1#34236: send
Aug 06 11:34:54.475 client 127.0.0.1#34236: sendto
Aug 06 11:34:54.475 client 127.0.0.1#34236: senddone
Aug 06 11:34:54.475 client 127.0.0.1#34236: next
Aug 06 11:34:54.475 client 127.0.0.1#34236: ns_client_detach: ref = 0
Aug 06 11:34:54.475 client 127.0.0.1#34236: endrequest
Aug 06 11:34:54.475 client @0x8095ba8: udprecv