DNS problem using Sun Solaris 10 6/06 and BIND 9.2.4

From: Steven Sim (steven.sim@faplccc.net)
Date: Thu Dec 21 2006 - 11:27:17 EST

• Next message: Gene Beaird: "limiting password reuse in Solaris"
• Previous message: Stephanie C: "[SUMMARY] Re: Solaris 8 - SSH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Gurus;

I have setup a DNS server behind a firewall.

The server runs Solaris 6/06 and runs BIND 9.2.4 that comes with the
Solaris 10 6/06 distribution.

I am experiencing a very strange name resolution problem;

The server is set to allow recursion from internals clients only.

An internally generated recursive query to the newly setup DNS server
for say, www.microsoft.com is successful.

A query for zones the newly setup DNS server is authoritative for have
also been successful.

But there are certain domains which the server cannot resolve and chief
among them is www.sun.com!

Running the following commands locally at the DNS server;

#dig www.sun.com
#dig www.sun.com +trace

We see that the server does indeed conduct a recursive attempt to
resolve the authoritative servers for www.sun.com, (namely ns1.sun.com)
but the subsequent query to ns1.sun.com for www.sun.com times out!

A snoop of the output during the DIG trace indicates that a DNS query
packet leaves the server for the firewall (this is confirmed by firewall
logs) but I receive NO reply from ns1.sun.com.

Keep in mind that the server successfully recurses other domains e.g.
www.microsoft.com

!!!

I would really appreciate some help here.

Why am I not receiving a reply from ns1.sun.com but the server can
successfully and recursively resolve www.microsoft.com (and many other
domains)??

Warmest Regards
Steven Sim

Fujitsu Asia Pte. Ltd.
_____________________________________________________

This e-mail is confidential and may also be privileged. If you are not the intended recipient, please notify us immediately. You should not copy or use it for any purpose, nor disclose its contents to any other person.

Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Gene Beaird: "limiting password reuse in Solaris"
• Previous message: Stephanie C: "[SUMMARY] Re: Solaris 8 - SSH"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:41:23 EDT