Bind9 appending .mysite.com to any outside DNS queries

[Miller88]

I am setting up a bind9 server on the most recent release of Debian. I am using the "view" statements to have internal and external clients work differently.

That, I can get working. The problem is with forwarding. Whenever I try to go to google.com it can't be found. Both the DNS server and my PC can ping the ISP's DNS servers and the firewall is allowing the DNS server to go through.

After running Ngrep on the network interface on the DNS server I see that I get the following whenever a query outside is made

Code:

U 172.16.4.95:63967 -> 172.16.2.5:53
  .............]w w w .o v e r c l o c k . n e t . m y s i t e . c o m .....

Obviously the error has the domain of where I work, but I am not posting that out in the public. so "mysite.com" is mybusiness.com or whatever

Are there any suggestions on fixing this?

Thanks in advance

[Lazydog]

Do you want to lookup site directly or relay them through your ISP?

If you want to look them up directly do you have your root hints files setup?

If you are going to relay them do you have the forwards setup?

[ptkobe]

I imagine you have something like

$ cat /etc/resolv.conf
nameserver <bind_server_IP>
search mysite.com

From man resolve.conf, search option I read:
"Resolver queries having fewer than ndots (default is 1) in them will be attempted using each component of the search path in turn until a match is found. For environments with multiple subdomains please read options ndots:n below to avoid man-in-the-middle attacks and unnecessary traffic for the root-dns-servers"

Changed ndots option? Don't really think that could be it, but...

Maybe check your db.0 file. Maybe a ending "." somewhere could produce that strange behavior?

What about your named logs?

Searched for such a bug on your bind9 version?

Regards
Luis