From owner-freebsd-isp Thu Oct 21 9:59:20 1999 Delivered-To: freebsd-isp@freebsd.org Received: from pau-amma.whistle.com (pau-amma.whistle.com [207.76.205.64]) by hub.freebsd.org (Postfix) with ESMTP id BEEE314F6F for ; Thu, 21 Oct 1999 09:59:18 -0700 (PDT) (envelope-from dhw@whistle.com) Received: (from dhw@localhost) by pau-amma.whistle.com (8.9.2/8.9.2) id JAA96616; Thu, 21 Oct 1999 09:59:18 -0700 (PDT) Date: Thu, 21 Oct 1999 09:59:18 -0700 (PDT) From: David Wolfskill Message-Id: <199910211659.JAA96616@pau-amma.whistle.com> To: freebsd-isp@FreeBSD.ORG, webmaster@deancare.com Subject: Re: DNS can't resolve a single domain In-Reply-To: <3.0.6.32.19991021115032.009617d0@mailbag.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Date: Thu, 21 Oct 1999 11:50:32 -0500 >From: Jack Wenger >I can't resolve diginsite.com, or apple.com either. Also, my firewall is >Checkpoint Firewall 1 v4 running on (yeecchhh) NT (damn politics). My >(internal) DNS server is on an RS6000 running named and AIX. So it would seem to be reasonably well-established that a link to FreeBSD is unlikely, right? :-} >I'm using our providers name server for outside DNS querys. OK.... Do you have the firewall set up to pass internally-generated queries directly outside, or are you merely having them forwarded to your externally-visible nameserver? >As far as logging, ndc doesn't exist on AIX. Anyone no of the equivalent? Equivalent would be sending signals to named. In particular, the equivalent of "ndc dumpdb" is doing a "kill -INT" to the named process. >I am monitoring my >firewall logs though and I don't see _any_ request traffic for these domains. Might try firing up tcpdump (or your favorite equivalent) and seeing if the requests are actually being made in a sensible fashion. Looks from here as if your firewall configuration may not be set up to accomplish what you're trying to do. Cheers, david -- David Wolfskill dhw@whistle.com UNIX System Administrator voice: (650) 577-7158 pager: (888) 347-0197 FAX: (650) 372-5915 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message