Hello :D
I'm having problems with named... did not make any changes or updates ... but now it stopped working on some sites , do not know if the provider can be wrong, but I've been checking the logs, and I think it might be something with the dnssec or even to bind following logs and details:
[root@cdf-server /]# rpm -q bind dnssec-conf bind-9.6.2-4.P2.fc11.i586 dnssec-conf-1.21-1.fc11.noarch
================================================================== [root@cdf-server /]# ping www.uol.com.br
ping: unknown host www.uol.com.br
tail -f var log messages:
Jul 27 13:35:46 cdf-server named[5939]: validating @0xb361c178: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:35:46 cdf-server named[5939]: validating @0xb361c178: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3738498: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:35:46 cdf-server named[5939]: validating @0xb3419c48: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:35:46 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53 Jul 27 13:35:47 cdf-server named[5939]: validating @0xb3215920: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:35:47 cdf-server named[5939]: validating @0xb3215920: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:35:47 cdf-server named[5939]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 Jul 27 13:35:47 cdf-server named[5939]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 Jul 27 13:35:47 cdf-server named[5939]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 Jul 27 13:35:47 cdf-server named[5939]: broken trust chain resolving 'www.uol.com.br/A/IN': 200.221.11.98#53
================================================================== [root@cdf-server /]# /etc/init.d/named restart
Stopping named: [ OK ] Starting named: [ OK ]
tail -f var log messages
Jul 27 13:38:34 cdf-server named[5939]: received control channel command 'stop' Jul 27 13:38:34 cdf-server named[5939]: shutting down: flushing changes Jul 27 13:38:34 cdf-server named[5939]: stopping command channel on 127.0.0.1#953 Jul 27 13:38:34 cdf-server named[5939]: stopping command channel on ::1#953 Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 127.0.0.1#53 Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 186.204.99.13#53 Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 192.168.5.1#53 Jul 27 13:38:34 cdf-server named[5939]: no longer listening on 192.168.8.10#53 Jul 27 13:38:34 cdf-server named[5939]: no longer listening on ::1#53 Jul 27 13:38:34 cdf-server named[5939]: exiting Jul 27 13:38:35 cdf-server named[6100]: starting BIND 9.6.2-P2-RedHat-9.6.2-4.P2.fc11 -u named Jul 27 13:38:35 cdf-server named[6100]: built with '--build=i386-redhat-linux-gnu' '--host=i386-redhat-linux-gnu' '--target=i586-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib' '--libexecdir=/usr/libexec' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-libtool' '--localstatedir=/var' '--enable-threads' '--enable-ipv6' '--with-pic' '--disable-static' '--disable-openssl-version-check' '--with-dlz-ldap=yes' '--with-dlz-postgres=yes' '--with-dlz-mysql=yes' '--with-dlz-filesystem=yes' '--with-gssapi=yes' '--disable-isc-spnego' 'build_alias=i386-redhat-linux-gnu' 'host_alias=i386-redhat-linux-gnu' 'target_alias=i586-redhat-linux-gnu' 'CFLAGS= -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i586 -mtune=generic -fasynchronous-unwind-tables' 'CPPFLAGS= -DDIG_SIGCHASE' Jul 27 13:38:35 cdf-server named[6100]: adjusted limit on open files from 65536 to 1048576 Jul 27 13:38:35 cdf-server named[6100]: found 4 CPUs, using 4 worker threads Jul 27 13:38:35 cdf-server named[6100]: using up to 4096 sockets Jul 27 13:38:35 cdf-server named[6100]: loading configuration from '/etc/named.conf' Jul 27 13:38:35 cdf-server named[6100]: using default UDP/IPv4 port range: [1024, 65535] Jul 27 13:38:35 cdf-server named[6100]: using default UDP/IPv6 port range: [1024, 65535] Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface lo, 127.0.0.1#53 Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface eth1, 186.204.99.13#53 Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface eth0, 192.168.5.1#53 Jul 27 13:38:35 cdf-server named[6100]: listening on IPv4 interface tap0, 192.168.8.10#53 Jul 27 13:38:35 cdf-server named[6100]: listening on IPv6 interface lo, ::1#53 Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 127.IN-ADDR.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 254.169.IN-ADDR.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 2.0.192.IN-ADDR.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: D.F.IP6.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 8.E.F.IP6.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: 9.E.F.IP6.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: A.E.F.IP6.ARPA Jul 27 13:38:35 cdf-server named[6100]: automatic empty zone: B.E.F.IP6.ARPA Jul 27 13:38:35 cdf-server named[6100]: command channel listening on 127.0.0.1#953 Jul 27 13:38:35 cdf-server named[6100]: command channel listening on ::1#953 Jul 27 13:38:35 cdf-server named[6100]: the working directory is not writable Jul 27 13:38:35 cdf-server named[6100]: zone 0.in-addr.arpa/IN: NS '0.in-addr.arpa' has no address records (A or AAAA) Jul 27 13:38:35 cdf-server named[6100]: zone 0.in-addr.arpa/IN: loaded serial 0 Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.127.in-addr.arpa/IN: NS '1.0.0.127.in-addr.arpa' has no address records (A or AAAA) Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0 Jul 27 13:38:35 cdf-server named[6100]: zone 5.168.192.in-addr.arpa/IN: loaded serial 2009034333 Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: NS '1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa' has no address records (A or AAAA) Jul 27 13:38:35 cdf-server named[6100]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0 Jul 27 13:38:35 cdf-server named[6100]: zone geribello.com.br/IN: loaded serial 2009080309 Jul 27 13:38:35 cdf-server named[6100]: zone localhost.localdomain/IN: loaded serial 0 Jul 27 13:38:35 cdf-server named[6100]: zone localhost/IN: loaded serial 0 Jul 27 13:38:35 cdf-server named[6100]: running
Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'www.fotolog.com.br/A/IN': 2001:12ff::10#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns1.fotolog.com/AAAA/IN': 2001:503:ba3e::2:30#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns2.fotolog.com/AAAA/IN': 2001:503:a83e::2:30#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns1.fotolog.net/A/IN': 2001:500:2f::f#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'dlv.isc.org/DLV/IN': 2001:500:b::1#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns2.fotolog.net/AAAA/IN': 2001:503:231d::2:30#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'dlv.isc.org/DLV/IN': 2001:500:71::30#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:1::803f:235#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:dc3::35#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:503:c27::2:30#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:7fd::1#53 Jul 27 13:38:36 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:19::1#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:41::1#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:7::79#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/AAAA/IN': 2001:500:8::79#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'ns.isc.afilias-nst.info/A/IN': 2001:500:6::79#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'pdns3.ultradns.org/A/IN': 2001:500:e::1#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'pdns4.ultradns.org/AAAA/IN': 2001:500:c::1#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'pdns4.ultradns.org/AAAA/IN': 2001:500:48::1#53
Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3718648: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3718648: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 Jul 27 13:38:37 cdf-server named[6100]: validating @0xb34094b0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:37 cdf-server named[6100]: validating @0xb34094b0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53 Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3403480: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3403480: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 Jul 27 13:38:37 cdf-server named[6100]: validating @0xb4248968: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:37 cdf-server named[6100]: validating @0xb4248968: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:37 cdf-server named[6100]: validating @0xb3202478: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:37 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 Jul 27 13:38:37 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 Jul 27 13:38:37 cdf-server named[6100]: broken trust chain resolving 'com.br/DS/IN': 200.160.0.10#53 Jul 27 13:38:37 cdf-server named[6100]: no valid DS resolving 'www.fotolog.com.br/A/IN': 204.74.66.253#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3716bc8: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3716bc8: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3402478: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3402478: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3603248: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3603248: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb320db80: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb320db80: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3404488: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3404488: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53
Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 Jul 27 13:38:38 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 Jul 27 13:38:38 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 Jul 27 13:38:38 cdf-server named[6100]: broken trust chain resolving 'www.fotolog.com.br/A/IN': 204.74.67.253#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3709b60: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3709b60: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.160.0.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.189.40.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb34074a0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb34074a0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.192.232.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.229.248.10#53 Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:38 cdf-server named[6100]: validating @0xb38e8d18: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:38 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.159.10#53 Jul 27 13:38:39 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches one of specified trusted-keys for 'br' Jul 27 13:38:39 cdf-server named[6100]: validating @0xb3715bc0: br DNSKEY: please check the 'trusted-keys' for 'br' in named.conf. Jul 27 13:38:39 cdf-server named[6100]: no valid KEY resolving 'br/DNSKEY/IN': 200.219.154.10#53 Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12ff::10#53 Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'br/DNSKEY/IN': 2001:12f8:1::10#53 Jul 27 13:38:39 cdf-server named[6100]: broken trust chain resolving 'www.fotolog.com.br/A/IN': 204.74.66.253#53 Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:500:60::29#53 Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:502:ad09::23#53 Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:500:71::29#53 Jul 27 13:38:39 cdf-server named[6100]: network unreachable resolving 'net.dlv.isc.org/DLV/IN': 2001:4f8:0:2::20#53 Jul 27 13:38:40 cdf-server named[6100]: network unreachable resolving 'a899.g.akamai.net.dlv.isc.org/DLV/IN': 2001:502:2eda::23#53 Jul 27 13:38:40 cdf-server named[6100]: network unreachable resolving 'a899.g.akamai.net.dlv.isc.org/DLV/IN': 2001:500:2c::254#53
Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'za.akadns.org/A/IN': 2001:500:40::1#53 Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'zb.akadns.org/AAAA/IN': 2001:500:40::1#53 Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'zc.akadns.org/A/IN': 2001:500:40::1#53 Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'za.akadns.org/A/IN': 2001:500:f::1#53 Jul 27 13:38:48 cdf-server named[6100]: network unreachable resolving 'zc.akadns.org/AAAA/IN': 2001:500:f::1#53
==================================================================
[root@cdf-server etc]# cat named.conf
// // named.conf
options { listen-on port 53 { any; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside . trust-anchor dlv.isc.org.; };
logging { channel default_debug { file "data/named.run"; severity dynamic; }; };
zone "." IN { type hint; file "named.ca"; };
include "/etc/named.rfc1912.zones";
include "/etc/pki/dnssec-keys//named.dnssec.keys"; include "/etc/pki/dnssec-keys//dlv/dlv.isc.org.conf";
### Zona Geribello. zone "geribello.com.br" { type slave; masters { 192.168.0.2; }; allow-notify { 192.168.0.2; }; # allow-update { 192.168.0.2; }; file "slaves/db.geribello.com.br"; };
zone "5.168 .192.in-addr.arpa" { type master; file "slaves/db.5.168.192"; };
==================================================================
[root@cdf-server named]# cat named.ca ; <<>> DiG 9.5.0b2 <<>> +bufsize=1200 +norec NS . @a.root-servers.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34420 ;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 20
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;. IN NS
;; ANSWER SECTION: . 518400 IN NS M.ROOT-SERVERS.NET. . 518400 IN NS A.ROOT-SERVERS.NET. . 518400 IN NS B.ROOT-SERVERS.NET. . 518400 IN NS C.ROOT-SERVERS.NET. . 518400 IN NS D.ROOT-SERVERS.NET. . 518400 IN NS E.ROOT-SERVERS.NET. . 518400 IN NS F.ROOT-SERVERS.NET. . 518400 IN NS G.ROOT-SERVERS.NET. . 518400 IN NS H.ROOT-SERVERS.NET. . 518400 IN NS I.ROOT-SERVERS.NET. . 518400 IN NS J.ROOT-SERVERS.NET. . 518400 IN NS K.ROOT-SERVERS.NET. . 518400 IN NS L.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION: A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30 B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201 C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12 D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90 E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241 F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235 I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17 J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30 J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30 K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129 K.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:7fd::1 L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42 M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33 M.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:dc3::35
;; Query time: 147 msec ;; SERVER: 198.41.0.4#53(198.41.0.4) ;; WHEN: Mon Feb 18 13:29:18 2008 ;; MSG SIZE rcvd: 615
==================================================================
I can not see what could be wrong, but I dont have dns for two days... plz any help??
Marcelo Moretti
Marcelo Moretti <mmoretti <at> geribello.com.br> writes:
Hello :D I'm having problems with named...did not make any changes or updates ...but now it stopped working on some sites , do not know if the provider can be wrong, but I've been checking the logs, and I think it might be something with the dnssec or even to bind
Hi, bind can be quite complicated. If you rely on it in your line of business you will need a quick response. I suggest to you: - use XChat, set it up, select freenode irc server network, join a #dns channel and you will be talking to a person immediately. - for a slower but dns focused mailing lists https://lists.isc.org/mailman/listinfo JB
JB <jb.123abc <at> yahoo.com> writes:
A test of server response - please disregard, JB
-
JB -
Marcelo Moretti