Bind9.3 Bug?

• Previous message: Ben Paley: "Re: USB - erratic function, no printing!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: <current@freebsd.org>
Date: Sun, 31 Oct 2004 14:05:04 +0100

Hello,

i just configured a classles Reverse Delegation from BIND8 to BIND9.3.
the zonename on the BIND9.3 (ns0.example.com) system is
"224-239.xxx.xxx.xxx.in-addr.arpa".
i configured the zone as follows:

---
zone "224-239.xxx.xxx.xxx.in-addr.arpa" {
        type master;
        file "master/224-239.xxx.xxx.xxx.in-addr.arpa";
        allow-query { any; };
};
---
the zone itself looks like this:
---
$TTL                            18000
@  IN SOA  ns0.example.com.  hostmaster.example.com. (
                                2004103009  ; Serial number
                                3H                 ; Refresh every 3 hours
                                15M              ; Retry after 15 Minutes
                                1W                ; Expire after 1 week
                                4H )               ; Minimum 4 hourse
        IN      NS      ns0.example.com.
        IN      NS      ns1.example.com.
225     IN      PTR     ns0.example.com.
226     IN      PTR     mx0.example.com.
227     IN      PTR     www.example.com.
---
now i recognized that resolving a ip of the subnet directly from
ns0.example.com wont work:
---
"host xxx.xxx.xxx.227 ns0.example.com"
"Host 227.xxx.xxx.xxx.in-addr.arpa not found: 5(REFUSED)"
---
On ns0.example.com BIND9.3 says:
---
"named[53719]: client x.x.x.x#58160: query (cache) '
227.xxx.xxx.xxx.in-addr.arpa/PTR/IN' denied"
---
It seems that ns0.example.com doesnt feel authoritativ for the zone,
cause when setting allow-query { any; }; globally then resolving from
a other bind9.3 resolver will work but from a bind8 resolver it wont...
Am i totally stupid or whats going on there?
When iam commenting out all "allow-query" in named.conf then it will
work perfectly, but then recursive resolving will work for everyone.
So i tested it with "acl "systemitself" { 127.0.0.1; xx.x.x.x;
x.x.x.x/28; };"
"allow-recursion { "systemitself"; };" with the goal that
only the system itself can resolv recursiv, but that didnt worked too.
with this configuration all recursiv lookups worked from everywhere, and
authoritativ lookups too, but resolving the reverse zone for which the
system
should be authoritativ didnt worked.
Is this a Bug or are there any hardcore changes to Bind?
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

• Previous message: Ben Paley: "Re: USB - erratic function, no printing!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: BIND9 Latency ... it times out when resolving Internet ... Have you specified a forwarding name server in the /etc/named.conf ... forwards, and zone synchronisation. ... (Ubuntu) Re: BIND Configuration ... but when I put zone files to /etc/namedb/named.conf, ... If iget it correct - name resolving don't work at all. ... The home server is for Wireless AP, file server, samba and LAMP. ... @ IN SOA localhost. ... (freebsd-stable) Re: DNS Domain name question ... Changing the DNS ... Then you are going to create a private zone that is NOT within their ... I do not control the Unix boxes so they will be resolving ... This is NOT an issue IF the parent zone will delegate. ... (microsoft.public.win2000.dns) Re: DNS Issue on Windows 2003 Server ... You said there were no records in the zone pointing the url to an external ... the dns query may be getting forwarded to one of your root hints and ... DNS is resolving the address to an ... >>> using this DNS Server cannot connect to Yahoo Mail? ... (microsoft.public.windows.server.dns) Re: [git pull] x86/hrtimer/acpi fixes ... Movable zone start PFN for each node ... Using ACPI for SMP configuration information ... CPU: Physical Processor ID: 0 ... # Firmware Drivers ... (Linux-Kernel)