[cs615asa] client host can't find DNS server

Sun Apr 4 10:23:02 EDT 2010

I would suggest re--checking your bind configuration.  Make sure that the
options section of the named.conf file are set such that:
-the listen-on option contains an ip address that is reachable over the
network (i.e. ifconig eth0/en0 interface)
-the allow-query option is set so that it will accept connections from that
machine.

Regards, -Sayre

On Sun, Apr 4, 2010 at 2:44 AM, Pu (Piper) Zhao <pzhao at stevens.edu> wrote:

> Hi guys,
>
> I'm sorry for bothering you again but I really could not get my DNS working
> from other host.
>
> This is the tcpdump record on the DNS when other host tried to connect it.
>
> reading from file tcp.rec, link-type EN10MB (Ethernet)
> 02:24:30.715199 arp who-has 10.254.227.** tell 169.254.1.0
> 02:24:30.715216 arp reply 10.254.227.** is-at 12:31:39:00:dc:** (oui
> Unknown)
> 02:24:30.715270 IP 10.192.199.**.32878 > 10.254.227.**.domain: 47792+ A?
> www.google.com. (32)
> 02:24:30.715483 IP 10.254.227.**.domain > 10.192.199.**.32878: 47792 *
> Refused*- 0/0/0 (32)
>
> The DNS works fine when it uses local host as DNS. This the tcpdump record
> on the DNS when I dig www.google.com on DNS itself.
>
> reading from file tcp.rec, link-type EN10MB (Ethernet)
> 02:32:24.969742 arp who-has 10.254.227.** tell 169.254.1.0
> 02:32:24.969759 arp reply 10.254.227.** is-at 12:31:39:00:dc:** (oui
> Unknown)
> 02:32:24.976295 IP 10.254.227.**.domain > j.root-servers.net.domain: 60174
> [1au] A? www.google.com. (43)
> 02:32:24.978116 IP j.root-servers.net.domain > 10.254.227.**.domain: 60174-
> 0/13/16 (531)
> 02:32:24.978567 IP 10.254.227.**.domain > a.gtld-servers.net.domain: 37986
> [1au] A? www.google.com. (43)
> 02:32:25.063362 IP a.gtld-servers.net.domain > 10.254.227.**.domain: 37986-
> 0/4/5 (179)
> 02:32:25.063573 IP 10.254.227.**.domain > ns3.google.com.domain: 22519
> [1au] A? www.google.com. (43)
> 02:32:25.094676 IP ns3.google.com.domain > 10.254.227.**.domain: 22519*-
> 5/0/0 CNAME www.l.google.com.,[|domain]
> 02:32:25.094861 IP 10.254.227.**.domain > ns1.google.com.domain: 27694
> [1au] A? www.l.google.com. (45)
> 02:32:25.114528 IP ns1.google.com.domain > 10.254.227.**.domain: 27694*-
> 4/0/0 A iad04s01-in-f104.1e100.net,[|domain]
>
> Anyone may have clue? I really appreciate that!
>
> Sincerely,
> Pu
>
> On Fri, Apr 2, 2010 at 8:26 PM, Sayre Blades <sblades at stevens.edu> wrote:
>
>> Look at your /var/log/messages file... there may be some trace that
>> indicates why named wont accept connections.  It probably has something to
>> do with how BIND is configured.
>>
>> On Fri, Apr 2, 2010 at 7:22 PM, Pu (Piper) Zhao <pzhao at stevens.edu>wrote:
>>
>>> Hi Guys,
>>>
>>> Maybe someone can give me some clue. Really appreciate!
>>>
>>> I got stuck when client host try to connect the DNS server. The client
>>> host's nameserver has already been assigned to the DNS server which I made,
>>> but it just can not reach the DNS server, however, two instances could ping
>>> each other. I also opened DNS Port 53 in EC2 Security Groups and named.conf
>>> of bind9, but it didn't work. BTW, I use Debian + bind9 as DNS server and
>>> another Debian as client.
>>>
>>> Thanks a lot in advance!
>>>
>>> Best,
>>> Pu
>>>
>>> _______________________________________________
>>> cs615asa mailing list
>>> cs615asa at lists.stevens.edu
>>> https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs615asa
>>>
>>>
>>
>> _______________________________________________
>> cs615asa mailing list
>> cs615asa at lists.stevens.edu
>> https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs615asa
>>
>>
>
> _______________________________________________
> cs615asa mailing list
> cs615asa at lists.stevens.edu
> https://lists.stevens.edu/cgi-bin/mailman/listinfo/cs615asa
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.stevens.edu/cgi-bin/mailman/private/cs615asa/attachments/20100404/452b0335/attachment.htm 