Path: csiph.com!newsfeed.xs4all.nl!newsfeed9.news.xs4all.nl!news.uzoreto.com!news.etla.org!nntp-feed.chiark.greenend.org.uk!ewrotcd!usenet-its.stanford.edu!usenet.stanford.edu!not-for-mail
From: =?utf-8?B?T25kxZllaiBTdXLDvQ==?= <ondrej@isc.org>
Newsgroups: comp.protocols.dns.bind
Subject: Re: No response from localhost with "allow-query { any; };"
Date: Tue, 1 Sep 2020 16:14:27 +0200
Lines: 119
Approved: bind-users@lists.isc.org
Message-ID: <mailman.850.1598969621.942.bind-users@lists.isc.org>
References: <E375AF41-87FC-480C-A553-D3731E5F5E46@Chaos1.DE> <A387A919-5751-4706-8972-3A21B395717F@isc.org>
NNTP-Posting-Host: lists.isc.org
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.0.3\))
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Trace: usenet.stanford.edu 1598969673 16277 149.20.1.60 (1 Sep 2020 14:14:33 GMT)
X-Complaints-To: action@cs.stanford.edu
Cc: bind-users@lists.isc.org
To: Axel Rau <Axel.Rau@chaos1.de>
Return-Path: <ondrej@isc.org>
X-Original-To: bind-users@lists.isc.org
Delivered-To: bind-users@lists.isc.org
In-Reply-To: <E375AF41-87FC-480C-A553-D3731E5F5E46@Chaos1.DE>
X-Mailer: Apple Mail (2.3654.0.3)
X-BeenThere: bind-users@lists.isc.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BIND Users Mailing List <bind-users.lists.isc.org>
List-Unsubscribe: <https://lists.isc.org/mailman/options/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=unsubscribe>
List-Archive: <https://lists.isc.org/pipermail/bind-users/>
List-Post: <mailto:bind-users@lists.isc.org>
List-Help: <mailto:bind-users-request@lists.isc.org?subject=help>
List-Subscribe: <https://lists.isc.org/mailman/listinfo/bind-users>, <mailto:bind-users-request@lists.isc.org?subject=subscribe>
X-Mailman-Original-Message-ID: <A387A919-5751-4706-8972-3A21B395717F@isc.org>
X-Mailman-Original-References: <E375AF41-87FC-480C-A553-D3731E5F5E46@Chaos1.DE>
Xref: csiph.com comp.protocols.dns.bind:16083

Hi Axel,

the `nc` commands you used for testing neither proves that
it=E2=80=99s that specific `named` listening on that port nor DNS
daemon at all.  FWIW it could be a dummy UDP/TCP server
and you would not know.

First you need to use a tool from your operating system
to check what is listening on those ports, and then use
`dig` (or other DNS debugging tool) to send actual DNS
queries.

Ondrej
--
Ond=C5=99ej Sur=C3=BD (He/Him)
ondrej@isc.org

> On 1. 9. 2020, at 16:11, Axel Rau <Axel.Rau@chaos1.de> wrote:
>=20
> Hi!
>=20
> this is a new server, which answers external queries, sends notifies =
and pushes axfrs.
> It does not answer any query from localhost nor shows any notifies =
from master in the logs.
>=20
> =46rom local:
> root@ns5:/ # nc -v localhost 53
> Connection to localhost 53 port [tcp/domain] succeeded!
> ^C
> root@ns5:/ # nc -vu localhost 53
> Connection to localhost 53 port [udp/domain] succeeded!
>=20
> =46rom master server:
> [hermes:local/etc/namedb] root# nc -v ns5.lrau.net 53
> Connection to ns5.lrau.net 53 port [tcp/domain] succeeded!
> ^C
> [hermes:local/etc/namedb] root#	nc -vu ns5.lrau.net 53
> Connection to ns5.lrau.net 53 port [udp/domain] succeeded!
>=20
>=20
> Any help greatly appreciated,
> Axel
>=20
> PS:
>=20
> part of named.conf:
> 	allow-notify {
> 		hermes-ns5;
> 	};
> 	allow-transfer {
> 		full-trusted;
> 		ns5-ping;
> 		ns4-he;
> 		management-hosts;
> 	};
> 	allow-query { any; };
> 	allow-query-cache { recursive-users; };
> 	allow-recursion { recursive-users; };
>=20
>=20
> root@ns5:/usr/local/etc/namedb/working/slave # named -V
> BIND 9.16.5 (Stable Release) <id:c00b458>
> running on FreeBSD amd64 12.1-RELEASE-p8 FreeBSD 12.1-RELEASE-p8 =
GENERIC
> built by make with '--disable-linux-caps' '--localstatedir=3D/var' =
'--sysconfdir=3D/usr/local/etc/namedb' '--with-dlopen=3Dyes' =
'--with-libxml2' '--with-openssl=3D/usr' =
'--with-readline=3D-L/usr/local/lib -ledit' '--with-dlz-filesystem=3Dyes' =
'--disable-dnstap' '--disable-fixed-rrset' '--disable-geoip' =
'--without-maxminddb' '--without-gssapi' '--with-libidn2=3D/usr/local' =
'--with-json-c' '--disable-largefile' '--with-lmdb=3D/usr/local' =
'--disable-native-pkcs11' '--without-python' '--disable-querytrace' =
'STD_CDEFINES=3D-DDIG_SIGCHASE=3D1' '--enable-tcp-fastopen' =
'--with-tuning=3Ddefault' '--disable-symtable' '--prefix=3D/usr/local' =
'--mandir=3D/usr/local/man' '--infodir=3D/usr/local/share/info/' =
'--build=3Damd64-portbld-freebsd12.1' =
'build_alias=3Damd64-portbld-freebsd12.1' 'CC=3Dcc' 'CFLAGS=3D-O2 -pipe =
-DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include =
-fno-strict-aliasing ' 'LDFLAGS=3D -L/usr/local/lib -ljson-c =
-fstack-protector-strong ' 'LIBS=3D-L/usr/local/lib' =
'CPPFLAGS=3D-DLIBICONV_PLUG -isystem /usr/local/include' 'CPP=3Dcpp' =
'PKG_CONFIG=3Dpkgconf'
> compiled by CLANG 4.2.1 Compatible FreeBSD Clang 8.0.1 =
(tags/RELEASE_801/final 366581)
> compiled with OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
> linked to OpenSSL version: OpenSSL 1.1.1d-freebsd  10 Sep 2019
> compiled with libxml2 version: 2.9.10
> linked to libxml2 version: 20910
> compiled with json-c version: 0.14
> linked to json-c version: 0.15
> compiled with zlib version: 1.2.11
> linked to zlib version: 1.2.11
> threads support is enabled
>=20
> default paths:
> named configuration:  /usr/local/etc/namedb/named.conf
> rndc configuration:   /usr/local/etc/namedb/rndc.conf
> DNSSEC root key:      /usr/local/etc/namedb/bind.keys
> nsupdate session key: /var/run/named/session.key
> named PID file:       /var/run/named/pid
> named lock file:      /var/run/named/named.lock
>=20
> ---
> PGP-Key: CDE74120  =E2=98=80  computing @ chaos claudius
>=20
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to =
unsubscribe from this list
>=20
> ISC funds the development of this software with paid support =
subscriptions. Contact us at https://www.isc.org/contact/ for more =
information.
>=20
>=20
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users