From owner-freebsd-questions  Tue Sep 16 19:37:01 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id TAA06657
          for questions-outgoing; Tue, 16 Sep 1997 19:37:01 -0700 (PDT)
Received: from freebie.lemis.com (gregl1.lnk.telstra.net [139.130.136.133])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id TAA06647
          for <questions@FreeBSD.ORG>; Tue, 16 Sep 1997 19:36:55 -0700 (PDT)
Received: (from grog@localhost)
	by freebie.lemis.com (8.8.7/8.8.5) id MAA01756;
	Wed, 17 Sep 1997 12:06:43 +0930 (CST)
Message-ID: <19970917120642.56857@lemis.com>
Date: Wed, 17 Sep 1997 12:06:42 +0930
From: Greg Lehey <grog@lemis.com>
To: "Jamil J. Weatherbee" <jamil@counterintelligence.ml.org>
Cc: questions@FreeBSD.ORG
Subject: Re: NAMESERVER Setup Problems
References: <19970917093031.65249@lemis.com> <Pine.BSF.3.96.970916192200.570A-100000@counterintelligence.ml.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.81e
In-Reply-To: <Pine.BSF.3.96.970916192200.570A-100000@counterintelligence.ml.org>; from Jamil J. Weatherbee on Tue, Sep 16, 1997 at 07:27:39PM -0700
Organisation: LEMIS, PO Box 460, Echunga SA 5153, Australia
Phone: +61-8-8388-8250
Fax: +61-8-8388-8250
Mobile: +61-41-739-7062
WWW-Home-Page: http://www.lemis.com/~grog
Fight-Spam-Now: http://www.cauce.org
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Tue, Sep 16, 1997 at 07:27:39PM -0700, Jamil J. Weatherbee wrote:
>
> I am setting up a secondary nameserver for my domain (acroal.com) the
> secondary name server is on a sco machine, but that is immaterial.
> The problem is that under freebsd (which runs the primary nameserver for
> my domain i get a "Query refused message when attempting to list the whole
> domain (get the zone file)"
>
> example:
>
>> nslookup - 209.76.130.130
> Default Server: shellx.acroal.com
> Address: 209.76.130.130
>
>> ls acroal.com
> [shellx.acroal.com]
> *** Can't list domain acroal.com: Query refused

Aha.  That makes more sense.

> that is the problem -- how do I allow a query at least for the secondary
> servers

Well, I can't be sure, but while prodding around, I saw at least two
configuration errors, one of which might be causing your problem.

1.  Your name server RR points to a CNAME.  This is a no-no (though
    don't ask me why), and it causes requests to be refused.  Give it
    an IP address instead.

    > 209.76.130.130
    Server:  shellx.acroal.com
    Address:  209.76.130.130

2.  You don't have any reverse mapping installed:

    > 209.76.130.130
    Server:  shellx.acroal.com
    Address:  209.76.130.130

    *** shellx.acroal.com can't find 209.76.130.130: Non-existent host/domain

Fix those first, and see if that fixes your problem.  Please let me
know either way.

Greg