[cs615asa] client host can't find DNS server

Pu (Piper) Zhao pzhao at stevens.edu
Sun Apr 4 02:44:56 EDT 2010 

Hi guys,

I'm sorry for bothering you again but I really could not get my DNS working
from other host.

This is the tcpdump record on the DNS when other host tried to connect it.

reading from file tcp.rec, link-type EN10MB (Ethernet)
02:24:30.715199 arp who-has 10.254.227.** tell 169.254.1.0
02:24:30.715216 arp reply 10.254.227.** is-at 12:31:39:00:dc:** (oui
Unknown)
02:24:30.715270 IP 10.192.199.**.32878 > 10.254.227.**.domain: 47792+ A?
www.google.com. (32)
02:24:30.715483 IP 10.254.227.**.domain > 10.192.199.**.32878: 47792 *
Refused*- 0/0/0 (32)

The DNS works fine when it uses local host as DNS. This the tcpdump record
on the DNS when I dig www.google.com on DNS itself.

reading from file tcp.rec, link-type EN10MB (Ethernet)
02:32:24.969742 arp who-has 10.254.227.** tell 169.254.1.0
02:32:24.969759 arp reply 10.254.227.** is-at 12:31:39:00:dc:** (oui
Unknown)
02:32:24.976295 IP 10.254.227.**.domain > j.root-servers.net.domain: 60174
[1au] A? www.google.com. (43)
02:32:24.978116 IP j.root-servers.net.domain > 10.254.227.**.domain: 60174-
0/13/16 (531)
02:32:24.978567 IP 10.254.227.**.domain > a.gtld-servers.net.domain: 37986
[1au] A? www.google.com. (43)
02:32:25.063362 IP a.gtld-servers.net.domain > 10.254.227.**.domain: 37986-
0/4/5 (179)
02:32:25.063573 IP 10.254.227.**.domain > ns3.google.com.domain: 22519 [1au]
A? www.google.com. (43)
02:32:25.094676 IP ns3.google.com.domain > 10.254.227.**.domain: 22519*-
5/0/0 CNAME www.l.google.com.,[|domain]
02:32:25.094861 IP 10.254.227.**.domain > ns1.google.com.domain: 27694 [1au]
A? www.l.google.com. (45)
02:32:25.114528 IP ns1.google.com.domain > 10.254.227.**.domain: 27694*-
4/0/0 A iad04s01-in-f104.1e100.net,[|domain]

Anyone may have clue? I really appreciate that!

Sincerely,
Pu

On Fri, Apr 2, 2010 at 8:26 PM, Sayre Blades <sblades at stevens.edu> wrote:

> Look at your /var/log/messages file... there may be some trace that
> indicates why named wont accept connections.  It probably has something to
> do with how BIND is configured.
>
> On Fri, Apr 2, 2010 at 7:22 PM, Pu (Piper) Zhao <pzhao at stevens.edu> wrote:
>
>> Hi Guys,
>>
>> Maybe someone can give me some clue. Really appreciate!
>>
>> I got stuck when client host try to connect the DNS server. The client
>> host's nameserver has already been assigned to the DNS server which I made,
>> but it just can not reach the DNS server, however, two instances could ping
>> each other. I also opened DNS Port 53 in EC2 Security Groups and named.conf
>> of bind9, but it didn't work. BTW, I use Debian + bind9 as DNS server and
>> another Debian as client.
>>
>> Thanks a lot in advance!
>>
>> Best,
>> Pu
>>
>> _______________________________________________
>> cs615asa mailing list
>> cs615asa at lists.stevens.edu
>> https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs615asa
>>
>>
>
> _______________________________________________
> cs615asa mailing list
> cs615asa at lists.stevens.edu
> https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs615asa
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.stevens.edu/cgi-bin/mailman/private/cs615asa/attachments/20100404/09e9e86e/attachment.htm

More information about the cs615asa mailing list