Sorry for the spam, but I've got a puzzling named problem. Perhaps someone on this list can redirect this to a bind hacker...
I'm running bind 9.4.2 on a principal school server. An auxiliary school server is connected to one of its subnets, and both support a wireless mesh. Name resolution works fine from the auxiliary school server and from laptops connecting directly through the principal school server. Recursive name resolution fails on laptops connected through the secondary school server. Routing tables seem fine, as the failing laptop can ping both the principal school server and the outside world, and the principal school server can ping the failing laptop. IPv6 is disabled on both school server (for now!) Looking at the named logs (trace level 5), shows that accesses from both laptops are accessing the "internal" view. The problem is that bind for some reason thinks that recursion is not available when the requesting machine is not directly attached to one of its subnets. Here we have a request from a laptop directly connected to the principal school server: client @0xb59b1008: udprecv client 172.18.16.232#32769: UDP request client 172.18.16.232#32769: view internal: using view 'internal' client 172.18.16.232#32769: view internal: request is not signed client 172.18.16.232#32769: view internal: recursion available client 172.18.16.232#32769: view internal: queryclient 172.18.16.232#32769: view internal: query (cache) 'ship2.jabber.laptop.org/A/IN' approved
client 172.18.16.232#32769: view internal: send client 172.18.16.232#32769: view internal: sendto client 172.18.16.232#32769: view internal: senddone client 172.18.16.232#32769: view internal: next client 172.18.16.232#32769: view internal: endrequest And here we have a request from a laptop which is routed through the auxiliary school server: client @0xb59b1008: udprecv client 172.18.22.233#32769: UDP request client 172.18.22.233#32769: view internal: using view 'internal' client 172.18.22.233#32769: view internal: request is not signed client 172.18.22.233#32769: view internal: recursion not available client 172.18.22.233#32769: view internal: queryclient 172.18.22.233#32769: view internal: query (cache) 'ship2.jabber.laptop.org/A/IN' denied
client 172.18.22.233#32769: view internal: error client 172.18.22.233#32769: view internal: send client 172.18.22.233#32769: view internal: sendto client 172.18.22.233#32769: view internal: senddone client 172.18.22.233#32769: view internal: next client 172.18.22.233#32769: view internal: endrequestI have recursion enabled in the "internal" view. I've tested with recusion enabled globally (in the options), and on all views. Nothing gets recursion enabled for laptops connecting through the auxiliary school server. Yet external requests to
the principal school server recurse and resolve fine !I'm unsure if this is a real bug with bind 9.4.2 (unlikely ?), or misconfiguration.
The named.conf file is attached. Thanks, wad
named.conf
Description: Binary data
_______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel