On Sat, 2007-04-07 at 10:42 -0400, Bob Goodwin - W2BOD wrote: > This scheme worked nicely until this morning! [giving null DNS answers, locally] > Suddenly things have returned to the earlier state where the browser > downloads each ad again, requiring about a minute to bring up a news > article instead of the few seconds that were required after making the > suggested changes to /var/named/chroot/etc/blocked.conf and dead.zone, > etc. Well, no changes should have been made to the dead.zone, it was perfectly fine as it was originally provided. But as long as the serial number is set higher than previously used, that won't matter. The thing that springs to mind is for you to check whether your /etc/resolv.conf file has been changed by any dynamic processes. You'll need to have your special DNS server configured as the first one to use, for this to work. You can test how your server responds to queries with the dig command. You'd dig a domain name, and see the answers, and the address of the server that answered. e.g. dig a.blocked.domain.example.com You can also query a specific server, ignoring whatever's configured to be used in the resolv.conf file, by adding extra parameters (write the DNS server address to be queired after an @ sign). e.g. dig a.blocked.domain.example.com @127.0.0.1 -- (This box runs FC5, my others run FC4 & FC6, in case that's important to the thread.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
