From owner-freebsd-questions@FreeBSD.ORG Thu Jun 4 16:53:45 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3EAF5106566B for ; Thu, 4 Jun 2009 16:53:45 +0000 (UTC) (envelope-from kirk@strauser.com) Received: from kanga.honeypot.net (kanga.honeypot.net [IPv6:2001:470:a80a:1:21f:d0ff:fe22:b8a8]) by mx1.freebsd.org (Postfix) with ESMTP id 01C7A8FC1A for ; Thu, 4 Jun 2009 16:53:44 +0000 (UTC) (envelope-from kirk@strauser.com) Received: from localhost (localhost [127.0.0.1]) by kanga.honeypot.net (Postfix) with ESMTP id 38ACA21CDC for ; Thu, 4 Jun 2009 11:53:44 -0500 (CDT) X-Virus-Scanned: amavisd-new at honeypot.net Received: from kanga.honeypot.net ([127.0.0.1]) by localhost (kanga.honeypot.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TUdMAvTCgD76 for ; Thu, 4 Jun 2009 11:53:41 -0500 (CDT) Received: from athena.localnet (athena.daycos.com [IPv6:2001:470:c054:1:221:9bff:fe00:de3f]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by kanga.honeypot.net (Postfix) with ESMTPSA id 927B721CD4 for ; Thu, 4 Jun 2009 11:53:41 -0500 (CDT) From: Kirk Strauser To: freebsd-questions@freebsd.org Date: Thu, 4 Jun 2009 11:53:38 -0500 User-Agent: KMail/1.11.4 (Linux/2.6.28-11-generic; KDE/4.2.4; x86_64; ; ) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200906041153.38898.kirk@strauser.com> Subject: Named ignoring forward-only zones? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jun 2009 16:53:45 -0000 For some reason, BIND 9 (FreeBSD 7.2-RELEASE) isn't properly forwarding queries. A snippet of named.conf: acl clients { localnets; localhost; ::1; 10.45.12/19; }; view "internal" { match-clients { clients; }; zone "5.0.10.in-addr.arpa" { type forward; forward only; forwarders { 10.0.5.16; }; }; }; Now, I can query the forwarder directly to get the right answer: $ dig +noall +answer -t ptr -x 10.0.5.16 @10.0.5.16 16.5.0.10.in-addr.arpa. 86400 IN PTR kanga.honeypot.net. But I can't get the same from named: $ dig -t ptr -x 10.0.5.16 ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56485 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;16.5.0.10.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: 10.in-addr.arpa. 10800 IN SOA 10.in-addr.arpa. nobody.localhost. 42 86400 43200 604800 10800 So, why isn't named directing that query to the configured forwarder? I'm 99.9% certain this has been working recently. -- Kirk Strauser