So you are using a nameserver on your LAN at 192.168.1.14? Who maintains that nameserver? Is that your IP address?
Yes. And I have a CISCO PIX Firewall who will do the NAT for all local addresses in 192.168.1.x.
It's been like this for years now. Recently, my old SuSe 6.2 server crashed; it was running BIND 8 with forwarding to my ISP and very fast. When I started anew, I would like to shift to RedHat but still wondering which version is the best. I decided first to go for RH7.3 but then, IPTABLES did not seem to be complete;so I decided to go for RH9.0. I've been searching around and found that many people encountered the same problem but no clear solution.
Let me raise it again; the problem is that, I usually get this error message from named: ";;Connection timed out; no servers could be reached" when I do "# host www.yahoo.com", but after the second or third try, it responds correctly.
This points to your DNS resolver code taking a long time to do its job. AFter your second of third try, the answer has been received and is cached on your nameserver.
The tool to use to diagnose this problem is dig.
Try:
dig www.yahoo.com +trace
This will do a DNS lookup of www.yahoo.com "from first principles", starting at the root nameservers and working its way down the DNS hierarchy until it gets the answer. If you're getting slow responses from somewhere, this should be apparent in the output.
Could you suggest which RedHat/Fedora version I should use? I cannot wait for FC3.
I can't think of anything distribution-specific that would cause this problem. I don't think it's a good idea to be using an old, unmaintained version of the OS like RH9 either. I think it would be best to diagnose and fix the problem on the system you already have running, and think carefully about what to upgrade to (FC3 is out next week, or you could go for a supported distro like SuSE).
The only 3 most important packages I need are: BIND, Squid and IPTABLES. I'd like very much get RH Enterprise 3, but it's not avaiable in the market here; and don't know where and how to buy one.
You could always use Whitebox Enterprise Linux, which is virtually the same thing but available for free download: http://www.whiteboxlinux.org/
Paul.