Help with dns... named...

27 Jul 2010


      Hello :D
I'm having problems with named... 
did not make any changes or updates ... 
but now it stopped working on some sites , do not know if the provider can be wrong, but I've been checking the logs, and I think it might be something with the dnssec or even to bind 
following logs and details:
[root@cdf-server /]# rpm -q bind dnssec-conf 
bind-9.6.2-4.P2.fc11.i586 
dnssec-conf-1.21-1.fc11.noarch
================================================================== 
[root@cdf-server /]# ping www.uol.com.br
ping: unknown host www.uol.com.br
tail -f var log messages:
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb361c178: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb361c178: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53 
Jul 27 13:35:47 cdf-server named[5939]: validating @0xb3215920: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:35:47 cdf-server named[5939]: validating @0xb3215920: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:35:47 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 
Jul 27 13:35:47 cdf-server named[5939]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 
Jul 27 13:35:47 cdf-server named[5939]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 
Jul 27 13:35:47 cdf-server named[5939]: broken trust chain resolving 'www.uol.com.br/A/IN': 200.221.11.98#53
================================================================== 
[root@cdf-server /]# /etc/init.d/named restart
Stopping named: [ OK ] 
Starting named: [ OK ]
tail -f var log messages
Jul 27 13:38:34 cdf-server named[5939]: received control channel command 'stop' 
Jul 27 13:38:34 cdf-server named[5939]: shutting down: flushing changes 
Jul 27 13:38:34 cdf-server named[5939]: stopping command channel on 127.0.0.1#953 
Jul 27 13:38:34 cdf-server named[5939]: stopping command channel on ::1#953 
Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 127.0.0.1#53 
Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 186.204.99.13#53 
Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 192.168.5.1#53 
Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 192.168.8.10#53 
Jul 27 13:38:34 cdf-server named[5939]: no longer listening on ::1#53 
Jul 27 13:38:34 cdf-server named[5939]: exiting 
Jul 27 13:38:35 cdf-server named[6100]: starting BIND 9.6.2-P2-RedHat-9.6.2-4.P2.fc11 -u named 
Jul 27 13:38:35 cdf-server named[6100]: built with '--build=i386-redhat-linux-gnu' '--host=i386-redhat-linux-gnu' '--target=i586-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=i386-redhat-linux-gnu' 'host_alias=i386-redhat-linux-gnu' 'target_alias=i586-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i586 -mtune=generic -fasynchronous-unwind-tables' 'CPPFLAGS= -DDIG_SIGCHASE' 
Jul 27 13:38:35 cdf-server named[6100]: adjusted limit on open files from 65536 to 1048576 
Jul 27 13:38:35 cdf-server named[6100]: found 4 CPUs, using 4 worker threads 
Jul 27 13:38:35 cdf-server named[6100]: using up to 4096 sockets 
Jul 27 13:38:35 cdf-server named[6100]: loading configuration from '/etc/named.conf' 
Jul 27 13:38:35 cdf-server named[6100]: using default UDP/IPv4 port range: [1024, 65535] 
Jul 27 13:38:35 cdf-server named[6100]: using default UDP/IPv6 port range: [1024, 65535] 
Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface lo, 127.0.0.1#53 
Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface eth1, 186.204.99.13#53 
Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface eth0, 192.168.5.1#53 
Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface tap0, 192.168.8.10#53 
Jul 27 13:38:35 cdf-server named[6100]: listening on IPv6 interface lo, ::1#53 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 127.IN-ADDR.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 254.169.IN-ADDR.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 2.0.192.IN-ADDR.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: D.F.IP6.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 8.E.F.IP6.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 9.E.F.IP6.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: A.E.F.IP6.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: B.E.F.IP6.ARPA 
Jul 27 13:38:35 cdf-server named[6100]: command channel listening on 127.0.0.1#953 
Jul 27 13:38:35 cdf-server named[6100]: command channel listening on ::1#953 
Jul 27 13:38:35 cdf-server named[6100]: the working directory is not writable 
Jul 27 13:38:35 cdf-server named[6100]: zone 0.in-addr.arpa/IN: NS '0.in-addr.arpa' has no address records (A or AAAA) 
Jul 27 13:38:35 cdf-server named[6100]: zone 0.in-addr.arpa/IN: loaded serial 0 
Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.127.in-addr.arpa/IN: NS '1.0.0.127.in-addr.arpa' has no address records (A or AAAA) 
Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 
Jul 27 13:38:35 cdf-server named[6100]: zone 5.168.192.in-addr.arpa/IN: loaded serial 2009034333 
Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: NS '1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa' has no address records (A or AAAA) 
Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 
Jul 27 13:38:35 cdf-server named[6100]: zone geribello.com.br/IN: loaded serial 2009080309 
Jul 27 13:38:35 cdf-server named[6100]: zone localhost.localdomain/IN: loaded serial 0 
Jul 27 13:38:35 cdf-server named[6100]: zone localhost/IN: loaded serial 0 
Jul 27 13:38:35 cdf-server named[6100]: running
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'www.fotolog.com.br/A/IN': 2001:12ff::10#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns1.fotolog.com/AAAA/IN': 2001:503:ba3e::2:30#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns2.fotolog.com/AAAA/IN': 2001:503:a83e::2:30#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns1.fotolog.net/A/IN': 2001:500:2f::f#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'dlv.isc.org/DLV/IN': 2001:500:b::1#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns2.fotolog.net/AAAA/IN': 2001:503:231d::2:30#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'dlv.isc.org/DLV/IN': 2001:500:71::30#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:1::803f:235#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:dc3::35#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:503:c27::2:30#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:7fd::1#53 
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:19::1#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:41::1#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:7::79#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:8::79#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:6::79#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'pdns3.ultradns.org/A/IN': 2001:500:e::1#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'pdns4.ultradns.org/AAAA/IN': 2001:500:c::1#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'pdns4.ultradns.org/AAAA/IN': 2001:500:48::1#53
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3718648: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3718648: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb34094b0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb34094b0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3403480: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3403480: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb4248968: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb4248968: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 
Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 
Jul 27 13:38:37 cdf-server named[6100]: broken trust chain resolving 'com.br/DS/IN': 200.160.0.10#53 
Jul 27 13:38:37 cdf-server named[6100]: no valid DS resolving 'www.fotolog.com.br/A/IN': 204.74.66.253#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3716bc8: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3716bc8: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3402478: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3402478: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3603248: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3603248: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb320db80: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb320db80: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3404488: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3404488: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 
Jul 27 13:38:38 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 
Jul 27 13:38:38 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 
Jul 27 13:38:38 cdf-server named[6100]: broken trust chain resolving 'www.fotolog.com.br/A/IN': 204.74.67.253#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3709b60: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3709b60: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb34074a0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb34074a0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 
Jul 27 13:38:39 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' 
Jul 27 13:38:39 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. 
Jul 27 13:38:39 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 
Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 
Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 
Jul 27 13:38:39 cdf-server named[6100]: broken trust chain resolving 'www.fotolog.com.br/A/IN': 204.74.66.253#53 
Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:500:60::29#53 
Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:502:ad09::23#53 
Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:500:71::29#53 
Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:4f8:0:2::20#53 
Jul 27 13:38:40 cdf-server named[6100]: network unreachable resolving 'a899.g.akamai.net.dlv.isc.org/DLV/IN': 2001:502:2eda::23#53 
Jul 27 13:38:40 cdf-server named[6100]: network unreachable resolving 'a899.g.akamai.net.dlv.isc.org/DLV/IN': 2001:500:2c::254#53
Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'za.akadns.org/A/IN': 2001:500:40::1#53 
Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'zb.akadns.org/AAAA/IN': 2001:500:40::1#53 
Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'zc.akadns.org/A/IN': 2001:500:40::1#53 
Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'za.akadns.org/A/IN': 2001:500:f::1#53 
Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'zc.akadns.org/AAAA/IN': 2001:500:f::1#53
==================================================================
[root@cdf-server etc]# cat named.conf
// 
// named.conf
options { 
listen-on port 53 { any; }; 
listen-on-v6 port 53 { ::1; }; 
directory "/var/named"; 
dump-file "/var/named/data/cache_dump.db"; 
statistics-file "/var/named/data/named_stats.txt"; 
memstatistics-file "/var/named/data/named_mem_stats.txt"; 
allow-query { any; }; 
recursion yes; 
dnssec-enable yes; 
dnssec-validation yes; 
dnssec-lookaside . trust-anchor dlv.isc.org.; 
};
logging { 
channel default_debug { 
file "data/named.run"; 
severity dynamic; 
}; 
};
zone "." IN { 
type hint; 
file "named.ca"; 
};
include "/etc/named.rfc1912.zones";
include "/etc/pki/dnssec-keys//named.dnssec.keys"; 
include "/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf";
### Zona Geribello. 
zone "geribello.com.br" { 
type slave; 
masters { 192.168.0.2; }; 
allow-notify { 192.168.0.2; }; 
# allow-update { 192.168.0.2; }; 
file "slaves/db.geribello.com.br"; 
};
zone "5.168 .192.in-addr.arpa" { 
type master; 
file "slaves/db.5.168.192"; 
};
==================================================================
[root@cdf-server named]# cat named.ca 
; <<>> DiG 9.5.0b2 <<>> +bufsize=1200 +norec NS . @a.root-servers.net 
;; global options: printcmd 
;; Got answer: 
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34420 
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 20
;; OPT PSEUDOSECTION: 
; EDNS: version: 0, flags:; udp: 4096 
;; QUESTION SECTION: 
;. IN NS
;; ANSWER SECTION: 
. 518400 IN NS M.ROOT-SERVERS.NET. 
. 518400 IN NS A.ROOT-SERVERS.NET. 
. 518400 IN NS B.ROOT-SERVERS.NET. 
. 518400 IN NS C.ROOT-SERVERS.NET. 
. 518400 IN NS D.ROOT-SERVERS.NET. 
. 518400 IN NS E.ROOT-SERVERS.NET. 
. 518400 IN NS F.ROOT-SERVERS.NET. 
. 518400 IN NS G.ROOT-SERVERS.NET. 
. 518400 IN NS H.ROOT-SERVERS.NET. 
. 518400 IN NS I.ROOT-SERVERS.NET. 
. 518400 IN NS J.ROOT-SERVERS.NET. 
. 518400 IN NS K.ROOT-SERVERS.NET. 
. 518400 IN NS L.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION: 
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30 
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201 
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12 
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90 
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241 
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f 
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235 
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17 
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30 
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30 
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129 
K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fd::1 
L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42 
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33 
M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:dc3::35
;; Query time: 147 msec 
;; SERVER: 198.41.0.4#53(198.41.0.4) 
;; WHEN: Mon Feb 18 13:29:18 2008 
;; MSG SIZE rcvd: 615
==================================================================
I can not see what could be wrong, but I dont have dns for two days... 
plz any help??
Marcelo Moretti