From Newsgroup: comp.protocols.dns.bind



--Apple-Mail=_55B6FF19-5E07-4D6E-91A3-8F45191DECDC
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8

Hi!

this is a new server, which answers external queries, sends notifies and = pushes axfrs.
It does not answer any query from localhost nor shows any notifies from = master in the logs.

=46rom local:
root@ns5:/ # nc -v localhost 53
Connection to localhost 53 port [tcp/domain] succeeded!
^C
root@ns5:/ # nc -vu localhost 53
Connection to localhost 53 port [udp/domain] succeeded!

=46rom master server:
[hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
^C
[hermes:local/etc/namedb] root# nc -vu ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [udp/domain] succeeded!


Any help greatly appreciated,
Axel

PS:

part of named.conf:
allow-notify {
hermes-ns5;
};
allow-transfer {
full-trusted;
ns5-ping;
ns4-he;
management-hosts;
};
allow-query { any; };
allow-query-cache { recursive-users; };
allow-recursion { recursive-users; };


root@ns5:/usr/local/etc/namedb/working/slave # named -V
BIND 9.16.5 (Stable Release) <id:c00b458>
running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
built by make with '--disable-linux-caps' '--localstatedir=3D/var' = '--sysconfdir=3D/usr/local/etc/namedb' '--with-dlopen=3Dyes' =
'--with-libxml2' '--with-openssl=3D/usr' =
'--with-readline=3D-L/usr/local/lib -ledit' '--with-dlz-filesystem=3Dyes' = '--disable-dnstap' '--disable-fixed-rrset' '--disable-geoip' = '--without-maxminddb' '--without-gssapi' '--with-libidn2=3D/usr/local' = '--with-json-c' '--disable-largefile' '--with-lmdb=3D/usr/local' = '--disable-native-pkcs11' '--without-python' '--disable-querytrace' = 'STD_CDEFINES=3D-DDIG_SIGCHASE=3D1' '--enable-tcp-fastopen' = '--with-tuning=3Ddefault' '--disable-symtable' '--prefix=3D/usr/local' = '--mandir=3D/usr/local/man' '--infodir=3D/usr/local/share/info/' = '--build=3Damd64-portbld-freebsd12.1' = 'build_alias=3Damd64-portbld-freebsd12.1' 'CC=3Dcc' 'CFLAGS=3D-O2 -pipe = -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include = -fno-strict-aliasing ' 'LDFLAGS=3D -L/usr/local/lib -ljson-c = -fstack-protector-strong ' 'LIBS=3D-L/usr/local/lib' = 'CPPFLAGS=3D-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=3Dcpp' = 'PKG_CONFIG=3Dpkgconf'
compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 = (tags/RELEASE_801/final 366581)
compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd 10 Sep 2019
linked to OpenSSL version: OpenSSL 1.1.1d-freebsd 10 Sep 2019
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.14
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled

default paths:
named configuration: /usr/local/etc/namedb/named.conf
rndc configuration: /usr/local/etc/namedb/rndc.conf
DNSSEC root key: /usr/local/etc/namedb/bind.keys
nsupdate session key: /var/run/named/session.key
named PID file: /var/run/named/pid
named lock file: /var/run/named/named.lock

---
PGP-Key: CDE74120 =E2=98=80 computing @ chaos claudius


--Apple-Mail=_55B6FF19-5E07-4D6E-91A3-8F45191DECDC
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEl5evOTfnjZdhkBzKaPxTRM3nQSAFAl9OVpAACgkQaPxTRM3n QSDjUA//VbssBPV6jd2b4pibGz2LMsp9N8PagIjTBLlji/De8FrEX9hLSBDe2Z4e UiccRiY0A9G3NL3X9KYD4Hx/ue3D97EGmRJmBd6UrO59DQF7/bTSM3gl7i3bwjS8 cD219WwkDPYsFNULkzkL68htWllZzNl3gq6YQfTiyyjJnZdKRF5An5AzqGlUb7As G+eyT6+lyPC4yKcN8iIyC8NKtI5oivZDjy5IQ/Y3VNXolPLOI03QVFX4ixArrbGY yiP5iAPm24n4Kln1/yLxSdD9+CobMojF5VWcb2e39mD61Lpn+/elTqBkaviwY3ym EqA5pe+Yy14BfifsvaOWzziK2MdImvvqcaVwsdo0rjd4QWBlwMGs34GHa19Q1PWP crBODN5MQ5D/qEhtMjQadYYOGaDtsditP49vqH8hG222HCt2cG1cl4nEEKBDIG7T gKZyqWvPl2Svs0jOjzyjwEYt2/S3/YvUXL0V5DNdgex8p0iRqG0NUlHWnKIXGMJz DTjxLYRvAfoMKqDmBvXPTcLceTMG9Mc3Guwxp1pS+xqPYruIDeWqtESvSg6b/PD7 hEenyaJP+nxzW0Wt+iwALieyxaAfaGTsLTc+kOoCDGT1KguPPwtTfTd8YwLuG2Fz 0Z+/Jl6C/xhUawVAIR1oy/wQr+5vRkOIE3zKcz/H20KRYkDwBDo=
=CI+F
-----END PGP SIGNATURE-----

--Apple-Mail=_55B6FF19-5E07-4D6E-91A3-8F45191DECDC--
--- Synchronet 3.21d-Linux NewsLink 1.2

From Newsgroup: comp.protocols.dns.bind

Hi Axel,
the `nc` commands you used for testing neither proves that
itrCOs that specific `named` listening on that port nor DNS
daemon at all. FWIW it could be a dummy UDP/TCP server
and you would not know.
First you need to use a tool from your operating system
to check what is listening on those ports, and then use
`dig` (or other DNS debugging tool) to send actual DNS
queries.
Ondrej
--
Ond+Oej Sur|+ (He/Him)
ondrej@isc.org

On 1. 9. 2020, at 16:11, Axel Rau <Axel.Rau@chaos1.de> wrote:

Hi!

this is a new server, which answers external queries, sends notifies and pushes axfrs.
It does not answer any query from localhost nor shows any notifies from master in the logs.

From local:
root@ns5:/ # nc -v localhost 53
Connection to localhost 53 port [tcp/domain] succeeded!
^C
root@ns5:/ # nc -vu localhost 53
Connection to localhost 53 port [udp/domain] succeeded!

From master server:
[hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
^C
[hermes:local/etc/namedb] root# nc -vu ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [udp/domain] succeeded!

Any help greatly appreciated,
Axel

PS:

part of named.conf:
allow-notify {
hermes-ns5;
};
allow-transfer {
full-trusted;
ns5-ping;
ns4-he;
management-hosts;
};
allow-query { any; };
allow-query-cache { recursive-users; };
allow-recursion { recursive-users; };

root@ns5:/usr/local/etc/namedb/working/slave # named -V
BIND 9.16.5 (Stable Release) <id:c00b458>
running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC built by make with '--disable-linux-caps' '--localstatedir=/var' '--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2' '--with-openssl=/usr' '--with-readline=-L/usr/local/lib -ledit' '--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-fixed-rrset' '--disable-geoip' '--without-maxminddb' '--without-gssapi' '--with-libidn2=/usr/local' '--with-json-c' '--disable-largefile' '--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python' '--disable-querytrace' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-tcp-fastopen' '--with-tuning=default' '--disable-symtable' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd12.1' 'build_alias=amd64-portbld-freebsd12.1' 'CC=cc' 'CFLAGS=-O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing ' 'LDFLAGS= -L/usr/local/lib -ljson-c -fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 (tags/RELEASE_801/final 366581)
compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd 10 Sep 2019
linked to OpenSSL version: OpenSSL 1.1.1d-freebsd 10 Sep 2019
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.14
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled

default paths:
named configuration: /usr/local/etc/namedb/named.conf
rndc configuration: /usr/local/etc/namedb/rndc.conf
DNSSEC root key: /usr/local/etc/namedb/bind.keys
nsupdate session key: /var/run/named/session.key
named PID file: /var/run/named/pid
named lock file: /var/run/named/named.lock

---
PGP-Key: CDE74120 ryC computing @ chaos claudius

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

--- Synchronet 3.21d-Linux NewsLink 1.2