Date: Fri, 19 Mar 2004 02:54:37 +0100 (MET) From: 789456123@gmx.de To: freebsd-net@freebsd.org Subject: BIND: Lookup of CNAME records Message-ID: <6686.1079661277@www27.gmx.net>
next in thread | raw e-mail | index | archive | help
I have set up a FreeBSD (5.2.1-RELEASE) box acting as a gateway and
running version 8.3.7-REL of BIND. For testing purposes my
configuration file looks as follows:
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
forward only;
forwarders {
195.62.99.42;
195.62.97.177;
};
query-source address * port 53;
};
zone "." {
type hint;
file "named.root";
};
This setup (actually a replacement for just adding the two nameservers
to resolv.conf) works fine with lookup tools like "host", "nslookup",
or "dnsquery". However, when I try to telnet or ftp a server whose
name is a CNAME record, it takes about 77 seconds until the lookup is
complete. This appears quite odd to me, as "host" does the lookup
perfectly well and fast. Connections to A name records are no problem
however.
My first assumption was that "ftp" or "telnet" were not doing lookups
properly. But modifying resolv.conf in a way that it uses the two
nameservers directly (instead of the local nameserver) solved the
CNAME lookup problem.
What makes the whole story even more obscure: Lookups of clients on
the LAN (they use the FreeBSD box as their nameserver) do work with A
records as well as with CNAME records. Even when the lookup is
initiated by some ftp or telnet client.
My firewall is widely opened, for everything in and everything out.
An upgrade to BIND-8.4.4 did not resolve my problem.
I suppose the answer is quite simple, but I don't really see it at the
moment, I'm afraid...
Any help is greatly appreciated,
Lutz
--
+++ NEU bei GMX und erstmalig in Deutschland: TÜV-geprüfter Virenschutz +++
100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6686.1079661277>