Since .org was recently DNSSEC-signed
(http://www.afilias.info/afilias+signs+org+zone), my guess would be that
you have a firewall, an intrusion-prevention device, or somesuch, that
is dropping the packets because it doesn't understand the DNSSEC records
contained in them.
- Kevin
Juan Rodríguez wrote:
Hello.
In my company we have a name server BIND 9.6 running on RedHat 4.7 ES.
We've realized it don't resolve any
.org domain. For example:
[r...@dnsint ~]# nslookup www.mirrorservice.org 10.20.29.22
;; connection timed out; no servers could be reached
[r...@dnsint ~]# nslookup www.madrid.org 10.20.29.22
;; connection timed out; no servers could be reached
[r...@dnsint ~]# nslookup www.wikipedia.org 10.20.29.22
;; connection timed out; no servers could be reached
[r...@dnsint ~]# nslookup www.marca.es 10.20.29.22
Server: 10.20.29.22
Address: 10.20.29.22#53
Non-authoritative answer:
Name: www.marca.es
Address: 193.110.128.199
[r...@dnsint ~]# nslookup www.elpais.com 10.20.29.22
Server: 10.20.29.22
Address: 10.20.29.22#53
Non-authoritative answer:
www.elpais.com canonical name = elpais.es.edgesuite.net.
elpais.es.edgesuite.net canonical name = a1749.g.akamai.net.
Name: a1749.g.akamai.net
Address: 77.67.20.195
Name: a1749.g.akamai.net
Address: 77.67.20.178
[r...@dnsint ~]# nslookup www.telefonica.net 10.20.29.22
Server: 10.20.29.22
Address: 10.20.29.22#53
Non-authoritative answer:
Name: www.telefonica.net
Address: 213.4.130.95
[r...@dnsint ~]# nslookup www.intermonoxfam.org 10.20.29.22
;; connection timed out; no servers could be reached
[r...@dnsint ~]#
This is a piece of the configuration:
options {
directory "/zonas"; // Working directory
pid-file "/var/run/named.pid";
statistics-file "/logs/named.stats";
memstatistics-file "/logs/named.mem";
dump-file "/logs/named.dump";
version none;
hostname none;
server-id none;
listen-on-v6 { none; };
zone-statistics yes;
recursive-clients 2000;
cleaning-interval 300;
max-cache-size 768M;
notify explicit;
allow-transfer { XXXXXXXXXXXXXX};
also-notify { XXXXXXXXXXXXXXX};
allow-query { XXXXXXXXXXXXXXXX};
};
zone "." {
type hint;
file "named.ca";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "named.local";
};
and various zones declared...........
The file named.ca is the last updated one.
Please, could you help me with this?
Thank you very much.
------------------------------------------------------------------------
Comparte tus fotos con tus amigos. Más fácil con Windows Live
<http://download.live.com>
------------------------------------------------------------------------
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users