Hai guys,

Another problem i face today..



Internal DNS (master) = FreeBSD 7.2 (10.20.20.4)
Internal DNS (slave) = freeBSD 7.2 (10.20.20.5)
Application Server = Windows 2003 (10.20.20.22)
Proxy = FreeBSD 7.2 (172.16.100.8)

i set in rc.conf (on my internal server and my proxy)

nameserver 10.20.20.4
nameserver 10.20.20.5


why i ping from my application server ping to google and internal server is great.
but from my proxyserver i can ping google and internal server, when i using my slave DNS not my master. If i remove my slave in rc.conf i can't ping google but i can ping internal server.

what wrong with my Internal DNS server???



2 days i think about this...

DEM!

Any reply and feedback i really appreciated
thanks

This post has been edited by carnivora: Oct 21 2009, 08:45 PM

freebsd ?

look like permission issue, use ur any internal client and set nameserver to primary dns see whether it work ? not working mean ur either configure wrong or not allow query.

i already put this code in my named.conf

directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";

listen-on { 127.0.0.1; 10.20.20.4; 172.16.100.0; };

but only internal server using ip 10.20.20.x can ping google.com this server is point to 10.20.20.4 (DNS master) but when DMZ server using 172.x.x.x i can't ping google.com when i setting my dns to 10.20.20.4 (on DMZ server) but when change to 10.20.20.5 (slave) i can ping.

DMZ can read on my slave DNS not my master.

weird....

Thanks for the reply bro...

This post has been edited by carnivora: Oct 22 2009, 10:50 AM

hmmm....it doesn't look like firewall policies issue since both dns in same segment, try turn-off dns security and diagnose ....

add "allow-recursion { x.x.x.x; };" and try again.

add "allow-recursion { x.x.x.x; };" and try again.

you mean add this code at named.conf?

---

Added on October 22, 2009, 12:27 pmThanks bro it works!

i add at named.conf

example to our friend

allow-recursion { 10.20.20.0/24; 172.16.100.0/24; };

Thanks for your help bro...


This post has been edited by carnivora: Oct 22 2009, 12:27 PM

you are welcome

but now i got 1 problem

when i ping got two domain

example
PING www.house.net.my.net.my (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.021 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.028 ms


This post has been edited by carnivora: Oct 22 2009, 03:50 PM

put one more "." end of www.house.net.my in ur zone file

ok thanks bro...
i try it first