wkum...@lisa:~$ ping 71.12.99.115 PING 71.12.99.115 (71.12.99.115) 56(84) bytes of data.
--- 71.12.99.115 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4016ms
wkum...@lisa:~$ dig SOA castor.lazarusalliance.com @71.12.99.115
; <<>> DiG 9.7.0-P1 <<>> SOA castor.lazarusalliance.com @71.12.99.115
;; global options: +cmd
;; connection timed out; no servers could be reached
wkum...@lisa:~$
Cannot get there?
route-views>sho ip route 71.12.99.115
% Network not in table
route-views>sho ip bgp 71.12.99.115
BGP routing table entry for 71.12.96.0/20, version 4184824908
Paths: (34 available, no best path)
Flag: 0x820
Not advertised to any peer
701 3356 20115, (aggregated by 20115 172.31.148.182)
157.130.10.233 (inaccessible) from 157.130.10.233 (137.39.3.60)
Origin IGP, localpref 100, valid, external, atomic-aggregate
3277 3216 19151 20115, (aggregated by 20115 172.31.148.182)
194.85.102.33 (inaccessible) from 194.85.102.33 (194.85.4.16)
Origin IGP, localpref 100, valid, external, atomic-aggregate
Community: 210766776 210766877 214764688 1255080936 1255140942
1255144956 1318259640 1318319642
7500 2516 19151 20115, (aggregated by 20115 172.31.148.182)
202.249.2.86 (inaccessible) from 202.249.2.86 (203.178.133.115)
Origin IGP, localpref 100, valid, external, atomic-aggregate
1239 19151 20115, (aggregated by 20115 172.31.148.182)
144.228.241.130 (inaccessible) from 144.228.241.130
(144.228.241.130)
Origin IGP, localpref 100, valid, external, atomic-aggregate
3333 3356 20115, (aggregated by 20115 172.31.148.182)
[SNIP]
W
On Mar 21, 2010, at 12:41 PM, michael peters wrote:
Here is more information.I'm testing my external BIND 9.6.1 systems with http://www.checkdns.net/powercheck.aspx . Outbound resolution is fine. Internal resolution is fine. External resolution seems to be the problem. My firewall allows port 53 UDP and TCP.The messages I get are: Found NS record: castor.lazarusalliance.com[71. 12.99.115], was resolved to IP address by G.GTLD-SERVERS.NETFound NS record: pollux.lazarusalliance.com[71.12.99.116], was resolved to IP address by G.GTLD-SERVERS.NETDomain has 2 DNS server(s) CheckDNS.NET is verifying if NS are aliveError fetching SOA from castor.lazarusalliance.com [71.12.99.115], request timed out. Probably DNS server is offline. Error fetching SOA from pollux.lazarusalliance.com [71.12.99.116], request timed out. Probably DNS server is offline.0 server(s) are alive No DNS servers alive, tests stoppedWhat other information should I provide to be helpful in getting this solved?- Show quoted text - On Sun, Mar 21, 2010 at 2:03 PM, Alan Clegg <acl...@isc.org> wrote: - Show quoted text - michael peters wrote:> Is it a problem to get a message from a DNS checking tool that indicates > "Error fetching SOA from ns1.example.com <http:// ns1.example.com>?" Both > of my external BIND 9.6.1 servers respond the same way and I'm assuming> that I need to add something to my configuration. We know nothing about your configuration, nothing about the zone thatyou are trying to serve, and nothing about the "checking tool" that youare using to test. Not much to go on. Feel free to post configuration information and we might be able to help. AlanC _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users Reply Reply to all Forward Reply | michael peters ✆ to Alan, Bind show details 2:40 PM (0 minutes ago) Here are the configuration files. # more named.conf include "/etc/bind/named.conf.options" ; // prime the server with knowledge of the root servers zone "." { type hint; file "/etc/bind/db.root"; };// be authoritative for the localhost forward and reverse zones, and for// broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; zone "lazarusalliance.com" { type master; file "/etc/bind/db.lazarusalliance.com.hosts"; allow-update { any; }; allow-transfer { any; }; allow-query { any; }; }; zone "99.12.71.in-addr.arpa" { type master; file "/etc/bind/71.12.99.rev"; }; include "/etc/bind/named.conf.local"; logging { category lame-servers { null; }; }; key rndc-key { algorithm hmac-md5; secret "********************************************"; }; controls {inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc- key; };}; ++++++++++++++++++++++++++++++ # more named.conf.local // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; ++++++++++++++++++++++++++++++ # more named.conf.options options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you might need to uncomment the query-source // directive below. Previous versions of BIND always asked// questions using port 53, but BIND 8.1 and later use an unprivileged// port by default. query-source address * port 53; // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders.// Uncomment the following block, and insert the addresses replacing// the all-0's placeholder. // forwarders { // 0.0.0.0; // }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; allow-transfer { any; }; allow-query { any; }; }; ++++++++++++++++++++++++++++++ # more db.lazarusalliance.com.hosts $ttl 3600@ IN SOA castor.lazarusalliance.com. postmaster.lazarusalliance.com. (2010022604 1200 3600 1209600 3600 ) ;@ 3600 IN NS castor.lazarusalliance.com. @ 3600 IN NS pollux.lazarusalliance.com.; castor.lazarusalliance.com. IN A 71.12.99.115 pollux.lazarusalliance.com. IN A 71.12.99.116 lazarusalliance.com. IN A 71.12.99.118 ; lazarusalliance.com. IN MX 5 castor.lazarusalliance.com. ++++++++++++++++++++++++++++++ # more 71.12.99.rev $TTL 38400@ IN SOA castor.lazarusalliance.com. postmaster.lazarusalliance.com. (2010032007 10800 3600 604800 38400 ) @ IN NS castor.lazarusalliance.com. 115 IN PTR castor.lazarusalliance.com. 116 IN PTR pollux.lazarusalliance.com. 118 IN PTR lazarusalliance.com.On Sun, Mar 21, 2010 at 2:02 PM, Warren Kumari <war...@kumari.net> wrote:On Mar 21, 2010, at 11:21 AM, michael peters wrote:Is it a problem to get a message from a DNS checking tool that indicates "Error fetching SOA from ns1.example.com?" Both of my external BIND 9.6.1 servers respond the same way and I'm assuming that I need to add something to my configuration.In order for us to be able to provide you with useful answers, please provide us with the domain name, the name of the checking tool and the name of the server it is grumpy about.From a FAQ: http://dougbarton.us/DNS/bind-users-FAQ.html#RealNames W P.S: dig SOA ns1.example.com ; <<>> DiG 9.7.0-P1 <<>> SOA ns1.example.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51889 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ns1.example.com. IN SOA ;; AUTHORITY SECTION:example.com. 10800 IN SOA dns1.icann.org. hostmaster.icann.org. 2009100600 7200 3600 1209600 86400;; Query time: 76 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Mar 21 14:59:42 2010 ;; MSG SIZE rcvd: 94 :-P Please advise. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
