[MaraDNS list] Fwd: MaraDNS doesn't respond to queries from the bind addr subnet
Remco Rijnders
remco at webconquest.com
Wed Jun 5 13:47:35 EDT 2013
On Wed, Jun 05, 2013 at 09:50:32AM -0700, Dave wrote in
<CA+OQrzjE=fsUNbhQDesgXqSF_rvs+Qis4N02=iuAvYwtMj9zhA at mail.gmail.com>:
>Hi Sam and list members,
>
>I have a mararc.base like this:
>
>ipv4_bind_addresses = "192.168.50.250"
>synth_soa_origin = "ns1.teamunify.net"
>maradns_uid = 65500
>maradns_gid = 65500
>chroot_dir = "/etc/maradns"
>default_rrany_set = 15
>verbose_level = 2
>hide_disclaimer = "yes"
>tcp_convert_acl = "0.0.0.0/0"
>tcp_convert_server = "192.168.50.250"
>recursive_acl = "192.168.50.0/24, 10.10.0.0/16, 127.0.0.1"
>csv2 = {}
>
>I have added a record to the teamunify.com.zone file like this:
>
>topica.% 192.168.50.141 ~
>
>I am able to get the A record returned when I query the server from the
>local subnet. I am not able to get the A record returned when I query the
>server remotely.
>
>Logging at verbose_level = 3 shows that MaraDNS does receive the query:
>Query from: $PUBLIC_IP Atopica.teamunify.com.
>...but there are no errors in the log related to the query.
>
>We have other private IP A records in that zone file, and all can return A
>records when queried remotely. None of the working addresses are in the
>192.168.50.0/24 subnet, however.
Hi Dave,
While I don't know the answer to your query right now... am I correct in
understanding that remotely querying for an address with an A record in
the 10.10 range for example works?
What version of maradns are you using?
Then, I notice the use of both teamunify.net and teamunify.com domains
in your example. Is that not causing any issues / explain the difference
between the internal and external set up?
[remmy at silvertown ~ (master)]$ askmara Atopica.teamunify.com.
208.100.130.99
# Querying the server with the IP 208.100.130.99
# Hard Error: Timeout
[remmy at silvertown ~ (master)]$ askmara Atopica.teamunify.net.
208.100.130.99
# Querying the server with the IP 208.100.130.99
# Remote server said: NAME ERROR
# Question: Atopica.teamunify.net.
# NS replies:
#teamunify.net. +86400 soa ns1.teamunify.net. hostmaster at teamunify.net.
176478890 7200 3600 604800 3600
# AR replies:
The timeout in the first commands makes me ask: Any firewalling in place?
Remmy
More information about the list
mailing list