Jump to content
  • 0
Sign in to follow this  
Followers 0

Issue with Bind9 forwarding

Question

Posted

Hi All,

I have an odd problem with Bind - which is driving me a little insane, and I cannot for the life of me find the cause.

I have bind setup on a box in my network to handle internal DNS. This is setup as a forwarder to a couple of other servers. All works fine. Randomly however, Bind will stop logging and stop forwarding requests. Requests that bind has zones for work fine, however it will refuse to forward any request to any of the 3 servers its set to forward to. There's also nothing in the log - once this starts happening, bind stops writing to the log.

I've tried changing the forwarders, and reinstalling bind - but it still does the same thing. Sometimes it lasts a day, sometimes it lasts a month, and restarting bind always fixes it. Any ideas what might be causing it?

(PS I should add that this DNS server is behind my firewall, so its not publicly accessible).

Share this post


Link to post
Share on other sites

6 answers to this question

  • 0

Posted

Are you using a Samba Domain Controller?

Share this post


Link to post
Share on other sites
  • 0

Posted

Nope there's no domain controller (it's just my local network - no need for anything like that).

It's just a Debian box which has the usual LAMP stuff, mysql, netatalk and samba, etc (just the normal network stuff).

Share this post


Link to post
Share on other sites
  • 0

Posted

What version of bind 9.x? running on what version of debian and what is the config?  Is this a physical box or a virtual box where you run bind.

Share this post


Link to post
Share on other sites
  • 0

Posted

Is the box setup with DHCP and has its IP changed on a new lease?

Share this post


Link to post
Share on other sites
  • 0

Posted

It's a physical box. It has a static IP, and is set to use itself (plus a backup) for its own DNS lookups.

It's running Debian 7.4, and bind 9.8.4:

BIND 9.8.4-rpz2+rl005.12-P1 built with '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc/bind' '--localstatedir=/var' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-gnu-ld' '--with-geoip=/usr' '--enable-ipv6' 'CFLAGS=-fno-strict-aliasing -DDIG_SIGCHASE -O2'
using OpenSSL version: OpenSSL 1.0.1e 11 Feb 2013
using libxml2 version: 2.8.0

It's just setup as a standard DNS server with a zone for the domain I use here, forwarding enabled with 3 servers to forward to, and lookups limited to my IP range here. Again, it's not externally accessible (it's behind a hardware firewall).

Share this post


Link to post
Share on other sites
  • 0

Posted

May want to pastebin the config for bind as well. I assume the box its on can connect out via port 53 for both udp/tcp?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.