I don't know if this is right place to ask this type of questions, but, I will try...
I have BIND 9.14 running on the gateway machine configured as DNS recursor.
it is weird and funny but I was unable resolve IP of kb.isc.org:
** and at the same time/same machine: **
weird enough, I found an old PC running bind 9.10 I put the same configuration and it does resolves this host correctly.
My questions:
- Am I doing something wrong ?
- how can I enable query trace on bind ?
here is the configuration:
named.conf
Thanks
I have BIND 9.14 running on the gateway machine configured as DNS recursor.
it is weird and funny but I was unable resolve IP of kb.isc.org:
Code:
$ host kb.isc.org 127.0.0.1
Using domain server:
Name: 127.0.0.1
Address: 127.0.0.1#53
Aliases:
Host kb.isc.org not found: 3(NXDOMAIN)
Code:
$ host kb.isc.org 1.1.1.1
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases:
kb.isc.org is an alias for kb-isc.document360.io.
kb-isc.document360.io is an alias for document360-user-website.azurewebsites.net.
document360-user-website.azurewebsites.net is an alias for waws-prod-am2-079.vip.azurewebsites.windows.net.
waws-prod-am2-079.vip.azurewebsites.windows.net is an alias for waws-prod-am2-079.cloudapp.net.
waws-prod-am2-079.cloudapp.net has address 104.40.179.243
weird enough, I found an old PC running bind 9.10 I put the same configuration and it does resolves this host correctly.
My questions:
- Am I doing something wrong ?
- how can I enable query trace on bind ?
here is the configuration:
named.conf
Code:
logging {
channel querylog{
file "/var/log/bind.log" versions 3 size 5m;
severity debug 3;
print-category yes;
print-time yes;
print-severity yes;
};
category queries {
querylog;
};
};
options {
directory "/usr/local/etc/namedb/working";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
#filter-aaaa-on-v4 yes;
#dnssec-validation no;
# Query logging
querylog yes;
recursion yes;
allow-query { any; };
#allow-recursion { localhost; 10.51.0.0/24; 127.0.0.1; };
allow-recursion { any; };
allow-query-cache { any; };
listen-on { 127.0.0.1; 10.51.0.1; };
disable-empty-zone "255.255.255.255.IN-ADDR.ARPA";
disable-empty-zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
/*
forwarders {
1.1.1.1;
};
*/
};
Thanks