BIND: Lookup of CNAME records
789456123 at gmx.de
789456123 at gmx.de
Thu Mar 18 17:54:38 PST 2004
I have set up a FreeBSD (5.2.1-RELEASE) box acting as a gateway and
running version 8.3.7-REL of BIND. For testing purposes my
configuration file looks as follows:
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
forward only;
forwarders {
195.62.99.42;
195.62.97.177;
};
query-source address * port 53;
};
zone "." {
type hint;
file "named.root";
};
This setup (actually a replacement for just adding the two nameservers
to resolv.conf) works fine with lookup tools like "host", "nslookup",
or "dnsquery". However, when I try to telnet or ftp a server whose
name is a CNAME record, it takes about 77 seconds until the lookup is
complete. This appears quite odd to me, as "host" does the lookup
perfectly well and fast. Connections to A name records are no problem
however.
My first assumption was that "ftp" or "telnet" were not doing lookups
properly. But modifying resolv.conf in a way that it uses the two
nameservers directly (instead of the local nameserver) solved the
CNAME lookup problem.
What makes the whole story even more obscure: Lookups of clients on
the LAN (they use the FreeBSD box as their nameserver) do work with A
records as well as with CNAME records. Even when the lookup is
initiated by some ftp or telnet client.
My firewall is widely opened, for everything in and everything out.
An upgrade to BIND-8.4.4 did not resolve my problem.
I suppose the answer is quite simple, but I don't really see it at the
moment, I'm afraid...
Any help is greatly appreciated,
Lutz
--
+++ NEU bei GMX und erstmalig in Deutschland: TÜV-geprüfter Virenschutz +++
100% Virenerkennung nach Wildlist. Infos: http://www.gmx.net/virenschutz
More information about the freebsd-net
mailing list