Groups | Search | Server Info | Login | Register

Groups > comp.protocols.dns.bind > #16082

No response from localhost with "allow-query { any; };"

Path csiph.com!aioe.org!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail
From Axel Rau <Axel.Rau@chaos1.de>
Newsgroups comp.protocols.dns.bind
Subject No response from localhost with "allow-query { any; };"
Date Tue, 1 Sep 2020 16:11:28 +0200
Lines 120
Approved bind-users@lists.isc.org
Message-ID <mailman.849.1598969462.942.bind-users@lists.isc.org> (permalink)
References <E375AF41-87FC-480C-A553-D3731E5F5E46@Chaos1.DE>
NNTP-Posting-Host lists.isc.org
Mime-Version 1.0
Content-Type multipart/signed; protocol="application/pgp-signature"; boundary="Apple-Mail=_55B6FF19-5E07-4D6E-91A3-8F45191DECDC"; micalg=pgp-sha256
X-Trace usenet.stanford.edu 1598969514 16266 149.20.1.60 (1 Sep 2020 14:11:54 GMT)
X-Complaints-To action@cs.stanford.edu
To bind-users@lists.isc.org
Return-Path <Axel.Rau@Chaos1.DE>
X-Original-To bind-users@lists.isc.org
Delivered-To bind-users@lists.isc.org
DKIM-Signature v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=chaos1.de; s=email1; h=To:Date:Message-Id:Subject:Mime-Version:Content-Type:From:Sender: Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=4kg1oEND/YAkT5ad9k+O7aRm80YHDaFUzRaKE9Xy3KM=; b=Ojcgf1gArWzId0GMrZAwlTtfQy z/S8xBEAbV6wH6vk6kyI0BcNHHMfBnFXGnVuG/suD2HYbVOGFfo6OCRq0J+Ace9xEXBnPEAmAk2cj Jm3cOyAQEUF/zS9wWVMukN5URzVb7EhnKeoHegGQ6i49Oj7SFygX0puLIvUkz16T3nfAoGbMaFsQp /bzJVY/BQR80uGfFyb7byDLT5G34ZUBU8u6gapBBiM4Yfm5sN7lGF6oRFm9PQW4ARkzj3sW4aVu90 RuBvFu1j9u0jgN1ZArhghEqMwLnH3UTsC/shi5kfFlnl7tBzggEI7S2GJSE1fCyBihq13XHJdLM1m mQYkq5NA==;
X-Mailer Apple Mail (2.3445.104.15)
X-Spam-Status No, score=-2.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,GPG_SIGNED,SPF_HELO_NONE,SPF_NONE autolearn=disabled version=3.4.2
X-Spam-Checker-Version SpamAssassin 3.4.2 (2018-09-13) on mx.pao1.isc.org
X-BeenThere bind-users@lists.isc.org
X-Mailman-Version 2.1.29
Precedence list
List-Id BIND Users Mailing List <bind-users.lists.isc.org>
List-Unsubscribe <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe>
List-Archive <https://lists.isc.org/pipermail/bind-users/>
List-Post <mailto:bind-users@lists.isc.org>
List-Help <mailto:bind-users-request@lists.isc.org?subject=help>
List-Subscribe <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe>
X-Mailman-Original-Message-ID <E375AF41-87FC-480C-A553-D3731E5F5E46@Chaos1.DE>
Xref csiph.com comp.protocols.dns.bind:16082

Show key headers only | View raw

[Multipart message — attachments visible in raw view] - view raw

Hi!

this is a new server, which answers external queries, sends notifies and pushes axfrs.
It does not answer any query from localhost nor shows any notifies from master in the logs.

From local:
root@ns5:/ # nc -v localhost 53
Connection to localhost 53 port [tcp/domain] succeeded!
^C
root@ns5:/ # nc -vu localhost 53
Connection to localhost 53 port [udp/domain] succeeded!

From master server:
[hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
^C
[hermes:local/etc/namedb] root#	nc -vu ns5.lrau.net 53
Connection to ns5.lrau.net 53 port [udp/domain] succeeded!


Any help greatly appreciated,
Axel

PS:

part of named.conf:
	allow-notify {
		hermes-ns5;
	};
	allow-transfer {
		full-trusted;
		ns5-ping;
		ns4-he;
		management-hosts;
	};
	allow-query { any; };
	allow-query-cache { recursive-users; };
	allow-recursion { recursive-users; };


root@ns5:/usr/local/etc/namedb/working/slave # named -V
BIND 9.16.5 (Stable Release) <id:c00b458>
running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 GENERIC
built by make with '--disable-linux-caps' '--localstatedir=/var' '--sysconfdir=/usr/local/etc/namedb' '--with-dlopen=yes' '--with-libxml2' '--with-openssl=/usr' '--with-readline=-L/usr/local/lib -ledit' '--with-dlz-filesystem=yes' '--disable-dnstap' '--disable-fixed-rrset' '--disable-geoip' '--without-maxminddb' '--without-gssapi' '--with-libidn2=/usr/local' '--with-json-c' '--disable-largefile' '--with-lmdb=/usr/local' '--disable-native-pkcs11' '--without-python' '--disable-querytrace' 'STD_CDEFINES=-DDIG_SIGCHASE=1' '--enable-tcp-fastopen' '--with-tuning=default' '--disable-symtable' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/share/info/' '--build=amd64-portbld-freebsd12.1' 'build_alias=amd64-portbld-freebsd12.1' 'CC=cc' 'CFLAGS=-O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing ' 'LDFLAGS= -L/usr/local/lib -ljson-c -fstack-protector-strong ' 'LIBS=-L/usr/local/lib' 'CPPFLAGS=-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=cpp' 'PKG_CONFIG=pkgconf'
compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 (tags/RELEASE_801/final 366581)
compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
linked to OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
compiled with libxml2 version: 2.9.10
linked to libxml2 version: 20910
compiled with json-c version: 0.14
linked to json-c version: 0.15
compiled with zlib version: 1.2.11
linked to zlib version: 1.2.11
threads support is enabled

default paths:
 named configuration:  /usr/local/etc/namedb/named.conf
 rndc configuration:   /usr/local/etc/namedb/rndc.conf
 DNSSEC root key:      /usr/local/etc/namedb/bind.keys
 nsupdate session key: /var/run/named/session.key
 named PID file:       /var/run/named/pid
 named lock file:      /var/run/named/named.lock

---
PGP-Key: CDE74120  ☀  computing @ chaos claudius

Back to comp.protocols.dns.bind | Previous | Next | Find similar

Thread

No response from localhost with "allow-query { any; };" Axel Rau <Axel.Rau@chaos1.de> - 2020-09-01 16:11 +0200

csiph-web