BIND not responding to external queries

RedHat 7.3
BIND 9
private network 192.168.1.0

I am new to bind and although I've managed to get the server to respond to
queries initiated locally (on the dns server), I cannot get any of the other
computers on the network to "see" my new local DNS server. Turned on
query logging and nothing shows up when I do an "nslookup" on the win2k
box which has as its primary DNS server, this new server.

Its caching okay.
Goes out to bellsouth's dns servers when its supposed to
can find the other nodes I've configured (including reverse lookup)

but doesn't respond to ANY external request.

I saw a reference to a similar problem where the admin said that his
problem ended up being a firewall running on a particular nic. Unless it
was setup automagically for me during install, I am aware of no
"firewall".

hosts.allow
ALL : ALL

David <(E-Mail Removed)> wrote:

[..]

> but doesn't respond to ANY external request.

> I saw a reference to a similar problem where the admin said that his
> problem ended up being a firewall running on a particular nic. Unless it
> was setup automagically for me during install, I am aware of no
> "firewall".

Did you check 'iptables -L'? You didn't set any 'acl' in
named.conf?

I'd sniff on the device 'tcpdump', if the above fails.

Good luck

--
Michael Heiming

Remove +SIGNS and www. if you expect an answer, sorry for
inconvenience, but I get tons of SPAM

On Sun, 23 Nov 2003 15:20:47 -0500, Michael Heiming wrote:


[root@terra sbin]# ./iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@terra sbin]#




> David <(E-Mail Removed)> wrote:
>
> [..]
>
>> but doesn't respond to ANY external request.
>
>> I saw a reference to a similar problem where the admin said that his
>> problem ended up being a firewall running on a particular nic. Unless
>> it was setup automagically for me during install, I am aware of no
>> "firewall".
>
> Did you check 'iptables -L'? You didn't set any 'acl' in named.conf?
>
> I'd sniff on the device 'tcpdump', if the above fails.
>
> Good luck
>

"David" <(E-Mail Removed)> a écrit dans le message de
news(E-Mail Removed) m...
> RedHat 7.3
> BIND 9
> private network 192.168.1.0
>
> I am new to bind and although I've managed to get the server to respond to
> queries initiated locally (on the dns server), I cannot get any of the
other
> computers on the network to "see" my new local DNS server. Turned on
> query logging and nothing shows up when I do an "nslookup" on the win2k
> box which has as its primary DNS server, this new server.
>
> Its caching okay.
> Goes out to bellsouth's dns servers when its supposed to
> can find the other nodes I've configured (including reverse lookup)
>
> but doesn't respond to ANY external request.
>
> I saw a reference to a similar problem where the admin said that his
> problem ended up being a firewall running on a particular nic. Unless it
> was setup automagically for me during install, I am aware of no
> "firewall".
>
> hosts.allow
> ALL : ALL
Did you check the allow-query field (named.conf, options statement)? You
should input there the IPs of hosts allowed to query your server.

Pierre

bingo! Thanks.

The other thing I was missing was the fact that the client had selected
its server. I did not realize that the selection persisted across
multiple requests. Once I put the allow-query in AND told the client
specifically which server to use all began working. thanks.

dlm

On Mon, 24 Nov 2003 04:03:04 -0500, Pierre Tranié wrote:


> "David" <(E-Mail Removed)> a écrit dans le message de
> news(E-Mail Removed) m...
>> RedHat 7.3
>> BIND 9
>> private network 192.168.1.0
>>
>> I am new to bind and although I've managed to get the server to respond
>> to queries initiated locally (on the dns server), I cannot get any of
>> the
> other
>> computers on the network to "see" my new local DNS server. Turned on
>> query logging and nothing shows up when I do an "nslookup" on the win2k
>> box which has as its primary DNS server, this new server.
>>

snip

>
>> hosts.allow
>> ALL : ALL
> Did you check the allow-query field (named.conf, options statement)? You
> should input there the IPs of hosts allowed to query your server.
>
> Pierre