Hi, I have a fedora15 box with bind-9.8.2 running as master for one zone, and having some problems with lame-servers and "network unreachable" messages. I believe I understand what a lame-server is, but don't understand why there would also be a "network unreachable" message attached to it:
05-Mar-2012 21:10:54.733 lame-servers: info: error (network unreachable) resolving '82.8.193.122.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53 05-Mar-2012 21:11:58.640 lame-servers: info: error (network unreachable) resolving 'dns1.iplanisp.com.ar/A/IN': 2001:67c:e0::59#53 05-Mar-2012 21:11:58.640 lame-servers: info: error (network unreachable) resolving 'dns2.iplanisp.com.ar/A/IN': 2001:67c:e0::59#53 05-Mar-2012 21:11:58.640 lame-servers: info: error (network unreachable) resolving 'dns1.iplanisp.com.ar/AAAA/IN': 2001:67c:e0::59#53 05-Mar-2012 21:11:58.640 lame-servers: info: error (network unreachable) resolving 'dns2.iplanisp.com.ar/AAAA/IN': 2001:67c:e0::59#53 05-Mar-2012 21:11:59.446 lame-servers: info: error (network unreachable) resolving '73.113.26.69.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:1#53 05-Mar-2012 21:11:59.446 lame-servers: info: error (network unreachable) resolving 'ns1.mirohost.net/A/IN': 2a02:2278:70eb:199::196:43#53 05-Mar-2012 21:11:59.447 lame-servers: info: error (network unreachable) resolving 'ns1.mirohost.net/A/IN': 2a01:758:fffc:6::2#53 05-Mar-2012 21:11:59.447 lame-servers: info: error (network unreachable) resolving 'ns1.mirohost.net/A/IN': 2a01:4f8:100:22a6:188:40:253:34#53 05-Mar-2012 21:11:59.625 lame-servers: info: error (network unreachable) resolving '112.193.69.200.zen.spamhaus.org/A/IN': 2001:7b8:3:1f:0:2:53:2#53 I'm sorry if that isn't very legible. How can I troubleshoot this? It isn't every query, but quite a few queries are resulting in this unreachable error. I've included my named.conf below in hopes someone can point out a configuration issue. It contains one master zone; a local spam blacklist. controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; 68.XXX.YYY.45; } keys { "rndc-key"; }; }; acl "trusted" { { 127/8; }; { 67.XXX.YYY.224/28; }; { 67.XXX.YYY.0/26; }; { 192.168.1.0/24; }; }; options { listen-on port 53 { 127.0.0.1; 68.XXX.YYY.45; }; listen-on-v6 { none; }; // listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named.stats"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 68.XXX.YYY.45/32; }; recursion yes; zone-statistics yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; // Record all queries to the box for now channel query_info { severity info; file "/var/log/named.query.log" versions 3 size 10m; print-time yes; print-category yes; }; // added for fail2ban support channel security_file { severity dynamic; file "/var/log/named.security.log" versions 3 size 30m; print-time yes; print-category yes; }; channel b_debug { file "/var/log/named.debug.log" versions 2 size 10m; print-time yes; print-category yes; print-severity yes; severity dynamic; }; category queries { query_info; }; category default { b_debug; }; category config { b_debug; }; category security { security_file; }; }; zone "." IN { type hint; file "named.ca"; }; zone "sbl.example.com" { type slave; file "slaves/db.sbl.example.com"; masters { 64.XXX.YYY.5; }; allow-transfer { none; }; allow-query { trusted; }; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "/etc/rndc.key"; Thanks, Alex _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users