Problems getting bind working on F11
Braden McDaniel
braden at endoframe.com
Mon Aug 10 03:09:21 UTC 2009
On Mon, 2009-08-10 at 12:25 +0930, Tim wrote:
> On Sun, 2009-08-09 at 15:48 -0400, Braden McDaniel wrote:
> > Thanks for that. This is what I get when I try to look up something
> > from a different machine on the local network:
> >
> > # dig front @192.168.1.20
> >
> > ; <<>> DiG 9.6.1-P1-RedHat-9.6.1-4.P1.fc11 <<>> front @192.168.1.20
> > ;; global options: +cmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 5627
> > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> > ;; WARNING: recursion requested but not available
>
> The warning sounds like it tried to externally answer your query. Try
> doing a fully-qualified domain name query with dig. That should work,
> as it's supposed to be a master server for endoframe.net.
>
> e.g. dig front.endoframe.net
>
> I've never gotten dig to work with short hostnames, it seems to work at
> a lower level than other things which will add on the domain names you
> put in the search parameter in /etc/resolv.conf. But, I'd expect no
> answer, rather than refused.
>
> Also try getting it to resolve an internet domain name, such as
> example.com. That should show whether it works as a full name server.
These all yield the same "REFUSED" response.
> > ;; QUESTION SECTION:
> > ;front. IN A
> >
> > ;; Query time: 8 msec
> > ;; SERVER: 192.168.1.20#53(192.168.1.20)
> > ;; WHEN: Sun Aug 9 13:57:03 2009
> > ;; MSG SIZE rcvd: 23
> >
> > So... "REFUSED"? What might be the cause of that?
>
> Have you opened port 53 on the name server's firewall? Though, I'd
> expect no answer, rather than a refused.
I have.
I see mention of ACLs in system-config-bind; but I am not knowingly
using them. Perhaps this is something I must opt out of?
--
Braden McDaniel <braden at endoframe.com>
More information about the users
mailing list