Find the answer to your Linux question:
Results 1 to 2 of 2
I've been struggling with this for days and I can't even think of something else to look for. I'm running Centos 5 (Linux 2.6.18-194.8.1.el5 #1 SMP Thu Jul 1 19:04:48 ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2006
    Location
    Los Angeles
    Posts
    7

    named works on 2 out of 3 ip addresses


    I've been struggling with this for days and I can't even think of something else to look for.

    I'm running Centos 5 (Linux 2.6.18-194.8.1.el5 #1 SMP Thu Jul 1 19:04:48 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux)

    There are 2 ethernet interfaces in this server. One is on the Internet and the other on my intranet behind a firewall.

    I'm running named (bind) 9.3.6 (BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -u named -t /var/named/chroot)

    In the var/log/messages (syslog) file I get:
    Code:
    listening on IPv4 interface lo, 127.0.0.1#53
    listening on IPv4 interface eth0, 192.168.47.7#53
    listening on IPv4 interface eth1, 205.147.9.2#53
    No errors are reported in the configuration files.

    If I use nslookup everything is fine on 127.0.0.1 and 205.147.9.2 but times out on 192.168...

    If I telnet on port 53 the working ones open a session and waits for a query but the 192.168 address closes the connection immediately but it does connect I get
    Code:
     telnet 192.168.47.7 53
    Trying 192.168.47.7...
    Connected to 192.168.47.7.
    Escape character is '^]'.
    Connection closed by foreign host.
    iptables opens port 53 on all interfaces and service iptables stop doesn't change anything. SELinux does not report anything.

    Other network services like ping, ssh, vnc, http ... all work fine.

    Anybody have a clue? I don't know what to look at next so don't feel you have to have the fix, all suggestions are welcome.

    thanks,
    Joe

  2. #2
    Just Joined!
    Join Date
    Oct 2006
    Location
    Los Angeles
    Posts
    7

    My solution

    Once again, the debugging technique of publicly saying "any idiot can see it's not my fault, I've cecked everything" worked.

    I tracked it down to named.conf defining the non-public ranges of ip addresses to use in the blackhole option. I use 192.168.47.0/24 for our LAN and want to reject everything else in 192.168.0.0/16. Well I did not get all the groups defined correctly and was rejecting our LAN.

    Just to document the debugery, I suspected I had something else listening on LAN port 53 so I stoped named. Nothing there was the clue that named was getting and rejecting the connection. The blackhole option is the only way I know to do that.

    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •