On Sunday 08 February 2004 21:01, Anders Johansson wrote:
On Sunday 08 February 2004 21.58, David Barnes wrote:
nameserver 127.0.0.1 nameserver 194.117.152.85
two nameservers? You're worried it might not be able to contact localhost? :) I can contact the local host - it just doesn't do any good. With only localhost I get:
kimberly:/etc # dig www.blueyonder.co.uk ; <<>> DiG 9.2.2 <<>> www.blueyonder.co.uk ;; global options: printcmd ;; connection timed out; no servers could be reached With both lines I get: kimberly:/etc # dig www.blueyonder.co.uk ; <<>> DiG 9.2.2 <<>> www.blueyonder.co.uk ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48593 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;www.blueyonder.co.uk. IN A ;; ANSWER SECTION: www.blueyonder.co.uk. 14400 IN A 62.30.31.86 ;; AUTHORITY SECTION: blueyonder.co.uk. 28800 IN NS ns.blueyonder.co.uk. blueyonder.co.uk. 28800 IN NS ns2.blueyonder.co.uk. blueyonder.co.uk. 28800 IN NS ns3.cableinet.net. ;; ADDITIONAL SECTION: ns.blueyonder.co.uk. 28800 IN A 195.188.53.114 ns2.blueyonder.co.uk. 28800 IN A 195.188.53.113 ns3.cableinet.net. 28800 IN A 194.117.152.85 ;; Query time: 17 msec ;; SERVER: 194.117.152.85#53(194.117.152.85) ;; WHEN: Sun Feb 8 22:55:29 2004 ;; MSG SIZE rcvd: 168
What forwarders are you using in your bind config?
forwarders { 194.117.152.85; };
Do you get any "DROP" lines in /var/log/messages when you dig @localhost ?
SuSE-FW-ILLEGAL-TARGET IN=eth1 OUT= MAC=00:10:b5:10:31:9d:00:0a:42:6d:5c:70:08:00 SRC=202.12.27.33 DST=82.33.145.89 LEN=308 TOS=0x00 PREC=0x00 TTL=53 ID=17066 PROTO=UDP SPT=53 DPT=53 LEN=288 The firewall is definitely blocking the packets, because the dns works from the firewall if I run the firewall in test mode. (Unless I'm wrong, of course!)