From owner-freebsd-questions@FreeBSD.ORG  Fri Aug  5 16:28:42 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4B96A1065677
	for <freebsd-questions@freebsd.org>;
	Fri,  5 Aug 2011 16:28:42 +0000 (UTC)
	(envelope-from drew@mykitchentable.net)
Received: from rc3.surewest.net (rc3.surewest.net [66.60.130.52])
	by mx1.freebsd.org (Postfix) with ESMTP id 151CE8FC1A
	for <freebsd-questions@freebsd.org>;
	Fri,  5 Aug 2011 16:28:41 +0000 (UTC)
Received: from smtp3.surewest.net ([66.60.130.145])
	by rc3.surewest.net ({9c3c9505-091b-4be1-8280-6f177375641d})
	via TCP (outbound) with ESMTP id 20110805161509774
	for <freebsd-questions@freebsd.org>; Fri, 05 Aug 2011 16:15:09 +0000
X-RC-FROM: <drew@mykitchentable.net>
X-RC-RCPT: <freebsd-questions@freebsd.org>
Received: from smtpauth.surewest.net (smtpauth.surewest.net [66.60.130.153])
	by smtp3.surewest.net (Postfix) with ESMTP id 118F98946D
	for <freebsd-questions@freebsd.org>; Fri,
	5 Aug 2011 09:15:09 -0700 (PDT)
Received: from blacklamb.mykitchentable.net (unknown [69.62.230.77])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtpauth.surewest.net (Postfix) with ESMTPSA id 89B499C0D8
	for <freebsd-questions@freebsd.org>; Fri,
	5 Aug 2011 09:15:08 -0700 (PDT)
Received: from [127.0.0.1] (unknown [192.168.1.21])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by blacklamb.mykitchentable.net (Postfix) with ESMTPSA id 33DBC165447
	for <freebsd-questions@freebsd.org>; Fri,
	5 Aug 2011 09:15:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=mykitchentable.net;
	s=default; t=1312560910;
	bh=4/XVrcGxyJ639LO1wvBrMljBTEYze3fO5Y9bpce+CTc=;
	h=Message-ID:Date:From:MIME-Version:To:Subject:Content-Type:
	Content-Transfer-Encoding;
	b=YavotYsRsLHOvR3sZ8SCNDmUkhTwlie2L08j2aC4y4iMzj5fvwBaue4Ua2TVs5D9V
	47afvCp6Smsbcl1vOhD7+jehQjubYyj9XkzRCtA5/qYn0I7e/vJ8GMGZKQhpj1Umzk
	Mu8Qzxklr76gIP7NPZoyadYCfmYYaiE4kbMoz88k=
Message-ID: <4E3C1719.7030509@mykitchentable.net>
Date: Fri, 05 Aug 2011 09:15:21 -0700
From: Drew Tomlinson <drew@mykitchentable.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20110624
	Thunderbird/5.0
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Help with Bind Weirdness & Logging
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 16:28:42 -0000

I'm running bind 9.3.5 and have been running some version of Bind for 
years.  The  purpose of this server is to resolve for my home LAN and to 
do regular queries for things outside my LAN.

Just recently, I noticed that my server can't resolve for some names.  
The ones I've noticed are for Microsoft domains, specifically 
go.microsoft.com and time.windows.com.  For example:

# dig go.microsoft.com

; <<>> DiG 9.3.5-P2 <<>> go.microsoft.com
;; global options:  printcmd
;; connection timed out; no servers could be reached

Yet if I ask my ISP's server, I get resolution:

# dig @66.60.130.158 go.microsoft.com

; <<>> DiG 9.3.5-P2 <<>> @66.60.130.158 go.microsoft.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40919
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;go.microsoft.com.              IN      A

;; ANSWER SECTION:
go.microsoft.com.       2364    IN      CNAME   www.go.microsoft.akadns.net.
www.go.microsoft.akadns.net. 462 IN     A       64.4.11.160

;; Query time: 39 msec
;; SERVER: 66.60.130.158#53(66.60.130.158)
;; WHEN: Fri Aug  5 09:02:56 2011
;; MSG SIZE  rcvd: 91

But for all other domains I've tried, DNS resolution works just fine 
from my server.  Here's an example:

# dig yahoo.com

; <<>> DiG 9.3.5-P2 <<>> yahoo.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60582
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 7, ADDITIONAL: 2

;; QUESTION SECTION:
;yahoo.com.                     IN      A

;; ANSWER SECTION:
yahoo.com.              21600   IN      A       69.147.125.65
yahoo.com.              21600   IN      A       72.30.2.43
yahoo.com.              21600   IN      A       98.137.149.56
yahoo.com.              21600   IN      A       209.191.122.70
yahoo.com.              21600   IN      A       67.195.160.76

;; AUTHORITY SECTION:
yahoo.com.              172800  IN      NS      ns5.yahoo.com.
yahoo.com.              172800  IN      NS      ns6.yahoo.com.
yahoo.com.              172800  IN      NS      ns8.yahoo.com.
yahoo.com.              172800  IN      NS      ns1.yahoo.com.
yahoo.com.              172800  IN      NS      ns2.yahoo.com.
yahoo.com.              172800  IN      NS      ns3.yahoo.com.
yahoo.com.              172800  IN      NS      ns4.yahoo.com.

;; ADDITIONAL SECTION:
ns6.yahoo.com.          172800  IN      A       202.43.223.170
ns8.yahoo.com.          172800  IN      A       202.165.104.22

;; Query time: 236 msec
;; SERVER: 192.168.1.4#53(192.168.1.4)
;; WHEN: Fri Aug  5 09:05:32 2011
;; MSG SIZE  rcvd: 265

So to try and diagnose this, I investigated logging.  My 
/var/named/etc/namedb/named.conf file had this default logging section:


logging {
         category default         { default_syslog; default_debug; };
         category security        { default_syslog; default_debug; };
         category xfer-in         { default_syslog; default_debug; };
         category xfer-out        { default_syslog; default_debug; };
         category notify          { default_syslog; default_debug; };
         category update          { default_syslog; default_debug; };
         category update-security { default_syslog; default_debug; };
         category lame-servers    { default_syslog; default_debug; };
};

But I couldn't find any logging in any of my log files like 
/var/log/messages or /var/log/all.log and there were no files in 
/var/named/var/log.  I did some Googling, commented out the above, added 
the section below, and restarted named:

logging{
   channel simple_log {
     file "/var/log/named.log" versions 3 size 5m;
     severity warning;
     print-time yes;
     print-severity yes;
     print-category yes;
   };
   category default      { simple_log; };
   category network      { simple_log; };
   category queries      { simple_log; };
   category resolver     { simple_log; };
   category general      { simple_log; };
};

This did create a log file called /var/named/var/log/named.log.  However 
I'm not getting much info in this log.  I only get this text upon restart:

05-Aug-2011 07:39:22.583 general: error: the working directory is not 
writable

What must I do to get more detailed logging that might help diagnose 
this problem?  Or better yet, what is going on with my Bind installation? ;)

Cheers,

Drew

-- 
Like card tricks?

Visit The Alchemist's Warehouse to
learn card magic secrets for free!

http://alchemistswarehouse.com