From owner-freebsd-net@FreeBSD.ORG Fri Feb 17 16:31:10 2006 Return-Path: <owner-freebsd-net@FreeBSD.ORG> X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFC3316A420 for <freebsd-net@freebsd.org>; Fri, 17 Feb 2006 16:31:10 +0000 (GMT) (envelope-from tpeixoto@widesoft.com.br) Received: from smtp-gw.widesoft.com.br (carbono.widesoft.com.br [200.246.206.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id C31EF43D64 for <freebsd-net@freebsd.org>; Fri, 17 Feb 2006 16:31:07 +0000 (GMT) (envelope-from tpeixoto@widesoft.com.br) Received: from www.widemail.com.br (grants.widesoft.com.br [172.26.100.1]) by smtp-gw.widesoft.com.br (Postfix) with ESMTP id 46CA71168C; Fri, 17 Feb 2006 14:28:24 -0200 (BRST) Received: from 200.230.201.250 (SquirrelMail authenticated user tpeixoto) by www.widemail.com.br with HTTP; Fri, 17 Feb 2006 14:52:30 -0200 (BRST) Message-ID: <59893.200.230.201.250.1140195150.squirrel@www.widemail.com.br> Date: Fri, 17 Feb 2006 14:52:30 -0200 (BRST) From: tpeixoto@widesoft.com.br To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.5 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: bind9 + host command issue in FreeBSD-5.4 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>, <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net> List-Post: <mailto:freebsd-net@freebsd.org> List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>, <mailto:freebsd-net-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 17 Feb 2006 16:31:10 -0000 Hello all! I am not sure if this is the right place to discuss this issue but I am experiencing strange behaviour with bind9 + host command with some domains that bind are _not_ authoritative as the following example: # uname -a FreeBSD server2.mydomain.com.br 5.4-RELEASE FreeBSD 5.4-RELEASE #0: Wed Feb 1 22:18:04 BRST 2006 root@server2.mydomain.com.br:/usr/src/sys/i386/compile/SERVER2 i386 # named -v BIND 9.3.1 # host -t mx unibanco.com.br unibanco.com.br mail is handled by 10 cauexcnt001smtp.unibanco.com.br. Ok, fine so far. # host cauexcnt001smtp.unibanco.com.br. cauexcnt001smtp.unibanco.com.br has address 200.174.81.116 Host cauexcnt001smtp.unibanco.com.br not found: 2(SERVFAIL) That's the problem! host command replies with SERVFAIL. This also causes sendmail to raise "host name lookup failure" and not deliver the messages. The strange thing is that nslookup and dig work correctly: # nslookup cauexcnt001smtp.unibanco.com.br. Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: cauexcnt001smtp.unibanco.com.br Address: 200.174.81.116 # dig cauexcnt001smtp.unibanco.com.br. ; <<>> DiG 9.3.1 <<>> cauexcnt001smtp.unibanco.com.br. ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4512 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;cauexcnt001smtp.unibanco.com.br. IN A ;; ANSWER SECTION: cauexcnt001smtp.unibanco.com.br. 0 IN A 200.155.107.243 ;; AUTHORITY SECTION: cauexcnt001smtp.unibanco.com.br. 1322 IN NS ubblp01.unibanco.com.br. cauexcnt001smtp.unibanco.com.br. 1322 IN NS ubblp02.unibanco.com.br. ;; Query time: 250 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Feb 17 13:46:18 2006 ;; MSG SIZE rcvd: 109 I also have another server with the same FreeBSD and bind version and the problem is the same. On the other hand, a server with FreeBSD-4.8 and bind 8.3.4-REL works ok: # host cauexcnt001smtp.unibanco.com.br cauexcnt001smtp.unibanco.com.br has address 200.174.81.243 I've tried several things, looked into google the entire morning, but no success. It's not firewall. "ipfw add 1 allow ip from any to any" didn't help. Ports bind 9.3.2 also didn't work. Any help would be greatly appreciated. Thank you in advance, Tobias.