Am Mo, den 14.06.2004 schrieb Colin Paul Adams um 15:43: > I have bind running on my firewall machine (though since that is > running Redhat 7.2, it may well be an old version (9.1.0-10, in fact). > > If I run dig command on that machine, I get the correct answer, > whether I use the -t flag or not. Ok. > If I run dig from my main machine, the query without the -t flag (or > with -t A) times out, but the query with -t MX returns instantly, with > the correct answer from the firewall machine. Any iptables settings active on the workstation host? Run "iptables -L -n -v" to see. Blocking UDP/TCP port 53 in FORWARD? > resolve.conf has a line > > nameserver 10.0.1.1, which is the IP address of my firewall > machine. (on the firewall machine, resolv.conf has the line nameserver > 127.0.0.1). That is correct. The /etc/hosts file has the required localhost IP mapping line? > Colin Paul Adams If you query a different DNS server than your router, does it change anything on the workstation? dig -t ANY 3dsafety.com @dns1.earthlink.net Or if you explicitly use TCP for queries? dig +tcp -t ANY 3dsafety.com [@dns1.earthlink.net] Here the domain resolves proper, although it has a "strange" SOA set: 3dsafety.com. 86400 IN SOA localhost. hostmaster.earthlink.net. 2003082000 86400 900 2592000 86400 --> localhost!? Do you have same resolution problems with other domains too? Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.427 Serendipity 15:52:45 up 12:27, 9 users, 0.24, 0.44, 0.56
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
