caching nameserver not always working? status: SERVFAIL

Sun Oct 10 07:32:54 UTC 2004

On Fri, 2004-10-08 at 10:19 -0400, Jason Vas Dias wrote:
> You may need to uncomment the 'query-source'
> line in the named.conf that comes with
> caching-nameserver, ie:
> 
> 'options { ...
> 	query-source address *  port 53;
>         ...
> };
> '
Hi, I uncommented it but it happened again today:

local nameserver:

 dig www.galuna.ro

; <<>> DiG 9.2.4 <<>> www.galuna.ro
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 16060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.galuna.ro.                 IN      A

;; Query time: 11 msec
;; SERVER: 81.196.83.211#53(81.196.83.211)
;; WHEN: Sun Oct 10 10:27:52 2004
;; MSG SIZE  rcvd: 31

With ISP's nameserver it works:
dig @193.231.236.17 www.galuna.ro

; <<>> DiG 9.2.4 <<>> @193.231.236.17 www.galuna.ro
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9344
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 9, ADDITIONAL: 11

;; QUESTION SECTION:
;www.galuna.ro.                 IN      A

;; ANSWER SECTION:
www.galuna.ro.          172800  IN      CNAME   galuna.ro.
galuna.ro.              172800  IN      A       213.157.162.252

;; AUTHORITY SECTION:
ro.                     167337  IN      NS      PRIMARY.ROTLD.ro.
ro.                     167337  IN      NS      SECONDARY.ROTLD.ro.
ro.                     167337  IN      NS      NS.UU.NET.
ro.                     167337  IN      NS      NS.RIPE.NET.
ro.                     167337  IN      NS      NS.AUSTRIA.EU.NET.
ro.                     167337  IN      NS      NS1.UNIVIE.AC.AT.
ro.                     167337  IN      NS      SUNIC.SUNET.SE.
ro.                     167337  IN      NS      DNS-RO.DENIC.DE.
ro.                     167337  IN      NS      NS-EXT.VIX.COM.

;; ADDITIONAL SECTION:
NS.UU.NET.              4580    IN      A       137.39.1.3
NS.RIPE.NET.            159249  IN      A       193.0.0.193
NS.RIPE.NET.            111866  IN      AAAA    2001:610:240:0:53::193
NS.AUSTRIA.EU.NET.      171408  IN      A       192.92.138.35
NS1.UNIVIE.AC.AT.       170322  IN      A       193.171.255.2
SUNIC.SUNET.SE.         4597    IN      A       192.36.125.2
DNS-RO.DENIC.DE.        171408  IN      A       81.91.161.76
NS-EXT.VIX.COM.         163009  IN      A       204.152.184.64
NS-EXT.VIX.COM.         1352    IN      AAAA    2001:4f8:0:2::13
PRIMARY.ROTLD.ro.       167796  IN      A       192.162.16.18
SECONDARY.ROTLD.ro.     170322  IN      A       193.230.31.225

;; Query time: 200 msec
;; SERVER: 193.231.236.17#53(193.231.236.17)
;; WHEN: Sun Oct 10 10:28:34 2004
;; MSG SIZE  rcvd: 501

Attached is named.conf.

-- 
Marius Andreiana
Galuna - Solutii Linux in Romania
http://www.galuna.ro
-------------- next part --------------
//
// named.conf for Red Hat caching-nameserver 
//

options {
	directory "/var/named";
	dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
	/*
	 * If there is a firewall between you and nameservers you want
	 * to talk to, you might need to uncomment the query-source
	 * directive below.  Previous versions of BIND always asked
	 * questions using port 53, but BIND 8.1 uses an unprivileged
	 * port by default.
	 */
	  query-source address * port 53;
};

// 
// a caching only nameserver config
// 
controls {
	inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "localdomain" IN {
	type master;
	file "localdomain.zone";
	allow-update { none; };
};

zone "localhost" IN {
	type master;
	file "localhost.zone";
	allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
	type master;
	file "named.local";
	allow-update { none; };
};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
        type master;
	file "named.ip6.local";
	allow-update { none; };
};

zone "255.in-addr.arpa" IN {
	type master;
	file "named.broadcast";
	allow-update { none; };
};

zone "0.in-addr.arpa" IN {
	type master;
	file "named.zero";
	allow-update { none; };
};

include "/etc/rndc.key";