I have a bind server which, when you query it this way (from localhost, obviously) :
host nomachinehasthisname 127.0.0.1
replies :
;; connection timed out; no servers could be reached
It throws the same error if I query it using its public address.
It throws the same error no matter from which client I do this query.
It does not throw the error if I use a fqdn as the query value.
It throws the error only if the query is on a A record not present in my dns.
If I query a non-existant A record using a fqdn query replies NXDOMAIN as expected.
If I query it using dig +trace :
dig +trace nomachinehasthisname @127.0.0.1
it shows that my server tries to query the root servers and then times out (which is logical).
The odd thing is that I have 4 other bind servers with pretty much identical configurations and none of them have this behavior. I can't figure what it is that is missing on this server which is making it fail to reply the same way as the other servers.
I have these options in my named.conf :
options {
directory "/var/spool/named";
auth-nxdomain no;
allow-recursion { internal_networks; }; // restrict recursion
};
and it's more or less the same for the other servers.
I would like my server to default to the search domain listed in /etc/resolv.conf for non-fqdn A record queries, which is what the other servers do.
The resolv.conf is similar between this server and the others. I even have some servers which have less info (no "search domain" info for example) and do not have this problem.
How do you get bind to default to a particular domain for non-fqdn A record queries?
0 Answers