Date: Fri, 06 May 2005 08:20:54 -0500 From: "Fafa Hafiz Krantz" <fteg@london.com> To: "Jan Grant" <Jan.Grant@bristol.ac.uk> Cc: questions@freebsd.org Subject: Re: What is --- WRONG --- with my network? Message-ID: <20050506132055.26942164037@ws1-4.us4.outblaze.com>
next in thread | raw e-mail | index | archive | help
> Unfortunately, you appear to be preemptively rejecting the most obvious
> advice, and implicitly asking that people start troubleshooting "from
> the middle". Was your machine up without reboot for months? If so,
> there's no guarantee that the state of named.conf actually reflects the
> state of the previously running named prior to a reboot (alas, I've seen
> this all too often).
No, I had been rooting it quite often since I was testing PF.
> Can you begin by posting your fully-functional named.conf and
> resolv.conf? And possibly describing exactly what you mean by "my
> nameserver is dysfunctional"? Do you mean that you cannot resolve
> addresses from your host? Does dig work against your local nameserver
> instance? Can you see any of the root servers with dig? Is named just
> refusing to start? ... and so on.
# cat /var/named/etc/namedb/named.conf
#
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
};
zone "." {
type hint;
file "named.root";
};
zone "domain.com" {
type master;
file "db.domain.com";
allow-transfer { 209.98.223.41; };
};
zone "3.0.7.5.0.0.4.0.8.1.6.0.1.0.0.2.ip6.arpa" {
type master;
file "db.terrabionic.com.rev";
allow-transfer { 209.98.223.41; };
};
zone "terrabionic.lan" {
type master;
file "db.terrabionic.lan";
};
zone "187.168.192.in-addr.arpa" {
type master;
file "db.terrabionic.lan.rev";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "db.localhost.rev";
};
# cat /etc/resolv.conf
#
domain terrabionic.com
nameserver 217.13.4.21
nameserver 217.13.7.136
> You'll probably have to be more explicit about "certain servers", too.
> Are they on-site? Off-site? If the latter, and the issue only appears
> with a subset of ssh servers, this may well be indicative of DNS
> problems again, since sshds can be configured to be more or less picky
> about the name resolution of their clients.
They were off-site FTP servers, some inside Norway and some outside. I'm
guessing it is those who check for reverse before they grant access.
--
Fafa Hafiz Krantz
Research Designer @ http://www.home.no/barbershop
Enlightened @ http://www.home.no/barbershop/smart/sharon.pdf
--=20
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050506132055.26942164037>