Nameserver not resolving working domain

Network Protocols


  • 1. "named" startup on Fedora Core 6 (/etc/init.d/named)
    [ rant: I'm not always a fan of complex startup scripting, and this is probably one good example... ] It appears /etc/init.d/named on Fedora Core 6 (and subsequently /etc/sysconfig/named) doesn't start up BIND in a way you might expect, even if you explicitly set OPTIONS in the sysconfig/named file -- it prevents named from writing it's slave files (yes, permissions/ownership are correct): OPTIONS="-u named -c /etc/named.conf" errors: Jan 18 08:35:18 ns named: _default/de-archive.domain.tld/IN: file not found (huh??) Jan 18 08:37:29 ns named: zone subdom.domain.tld/IN: loading master file slaves/subdom.domain.tld: file not found .. which can be fixed if I just "touch" the file (with the correct ownership). Alas, if I just start it up by hand: /usr/sbin/named -u named -c /etc/named.conf no problems... zones transferred. I wonder if someone knows what the issue is... Thanks.
  • 2. Cleaning up DNS zone files...
    I've inherited a slew of DNS zonefiles which need to be cleaned up - mostly formatting. I can use tools like dnslint to indentify errors; however, I wonder if someone has a slick hack (script, regex) that can be utilized to run through and reformat the zonefiles (forward and reverse) to get them in order and tidy. Thanks.
  • 3. Asymmetric keys with rndc-confgen?
    Every time I've seen rndc-conf generat an hmac-md5 key, the text of the key has been the same everywhere. Yesterday, using 9.3.3 (I believe), I got the following result (at the end of this). Is there some syntax that will cause a public/private key by default with rndc.confgen? Note: this is not the key I am using, the one I am using IS the same in both rndc.conf and the bind include file. (PS: Maybe asymetric is not the right word?) -Dan # Start of rndc.conf key "rndc-key" { algorithm hmac-md5; secret "NlUtbtQyzxVpfQ51W1jEu+UsBN0A3vXs4K2d5Ob0Tzs="; }; options { default-key "rndc-key"; default-server; default-port 953; }; # End of rndc.conf # Use with the following in named.conf, adjusting the allow list as needed: # key "rndc-key" { # algorithm hmac-md5; # secret "K5YfO1+dX5ku5sXjzSrJyw=="; # }; # # controls { # inet port 953 # allow {; } keys { "rndc-key"; }; # }; # End of named.conf

Nameserver not resolving working domain

Postby Gilles Massen » Thu, 16 Nov 2006 19:22:17 GMT


I have a weird issue with a bind9 resolver: it fails to resolve a domainname 
that appears to be absolutely correctly configured (and which works correctly 
from another bind9 server). I even expect it to work after restarting Bind, 
but I don't want to do it yet in sake of finding what is wrong.

The host I cannot resolve is, returning no answer.
The domain is delegated to ns19 +  Both are reachable. From 
the nameserver:

ns:/usr/local/named-ns/var/log # dig @localhost

; <<>> DiG 9.3.2-P1 <<>> @localhost
; (2 servers found)
;; global options:  printcmd
;; connection timed out; no servers could be reached
ns:/usr/local/named-ns/var/log # dig

; <<>> DiG 9.3.2-P1 <<>>
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23910
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0

;         IN      A

;; ANSWER SECTION:  7200    IN      A

;; AUTHORITY SECTION:      7200    IN      NS      7200    IN      NS

;; Query time: 111 msec
;; WHEN: Wed Nov 15 11:18:38 2006
;; MSG SIZE  rcvd: 102

Where could this go wrong? Our firewall isn't logging anything. Everyone is 
reachable, even through IPv6 (the only IPv6 addresses involved being those 
for a +

Any hint to what to try, before I have to restart bind, would be much 

Best regards,
Gilles Massen

Similar Threads:

1.Domain not resolve but resolve with other ISP domain

Dear All,

I'm new to Bind and today I face one problem that one domain not resolve with our DNS server but resolve with another
ISP DNS Server.


Presently we are using latest bind 9.2.4 DNS server on Redhat Linux Ent 4.


# nslookup


;; connection timed out; no servers could be reached

> server

Default server:






Non-authoritative answer:



> exit



When I use Dig Command 



# dig


; <<>> DiG 9.2.4 <<>>

;; global options:  printcmd

;; connection timed out; no servers could be reached


Can any one help us to solve this issue.

Mohammed Nayeem


2.Nameservers not resolving - GoDaddy not helping!

3.Internal domain resolving to external domain not owned by us

Due to a merge, we are now migrating our domain - domain.internal to
the second aquired domain -
Due to certain pressure we have no choice but to migrate in that

The internal is the same name as an external domain - which is not owned by us.

Some of the machines in both trusted domains are resolving the domain
and to this external address.

the previous administrator was very cavalier and shrugged his
shoulders and explained they always sorted it with host files.

Is there a way in DNS to totally block the resolution to this external
domain, as i really dont like the thought of host files.
And how do we remove this external record from our DNS?



4.Domain and email domain the same and not working


This is going to be a little tricky to explain, but I'm 
having a BIG problem and I'm hoping there is a really easy 

I have an outside service that hosts our email under our 
business name.  Lets call it, "".  When I 
set up our 2000 cluster environment, our domain name 
is "".  

Now, we are using DSL until our T-1 gets, I 
had all the clients in the begining using the DSL modem as 
the gateway.  The problem I was having was the network 
load was heavy.  SO, I plugged in the DSL modem into a 
multihommed server, and of course changed the gateway to 
the internal address of the server.  They can use the 
internet with no problem....BUT they cannot receive any 

Going back to the begining of this email, I explained that 
I have a company that hosts our email using, lets 
say "". My domain is also 
named ""

when we try to retrieve email, the message reads that it 
cannot locate the server.

I tried adding a MX record to the DNS...I just hope I did 
it right.  But it still cannot retrieve email from the 
outside server.

I will not rename my domain, due to its a cluster 
environment and I went through hell getting it up in the 
first place.  There has to be an answer to this...I am 
sure there are a number of businesses that use an outside 
email hosting company utilizing the same name of thier 
domain.....I am definetly missing something.

Please help!


5.Authoritative Nameserver stops resolving its own queries

I would appreciate anyone's help in troubleshooting my problem.  I have an
authoritative nameserver ( running bind 9.3.0 on
Fedora Core 2.  The bind install was from sources and performed according
to the Trinity OS instructions where a chrooted version runs for both
external and internal clients.  It works perfectly to both internal
network clients and external clients but has suddenly stopped resolving
its own queries including querries for which it is authoritative.  There
have been no configuration changes and no other changes except a

For example, dig from a client like:
returns status: NOERROR

dig on a terminal on the bind server returns
"connection timed out;  no servers could be reached."

There are no unusual errors in /var/log/messages (i.e. ignoring
"out-of-zone data")

6. Caching only nameserver fails to resolve external zones periodically

7. strange behaviour of resolving nameserver

8. DNS resolving problem (was Static route not working for DNS)

Return to Network Protocols


Who is online

Users browsing this forum: No registered users and 17 guest