Solved: was: DNS queries being denied
Madison Kelly
linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Tue Oct 6 03:29:57 UTC 2009
Madison Kelly wrote:
> Ok, new thread, (hopefully) less stupid.
>
> My DNS server decided to stop answering queries this evening. When I try
> a query, ie:
>
> ------------------------------------------------------
> digimer at lework:~$ dig google.ca @192.139.81.117
>
> ; <<>> DiG 9.5.1-P2 <<>> google.ca @192.139.81.117
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 55559
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;google.ca. IN A
>
> ;; Query time: 44 msec
> ;; SERVER: 192.139.81.117#53(192.139.81.117)
> ;; WHEN: Mon Oct 5 22:49:52 2009
> ;; MSG SIZE rcvd: 27
> ------------------------------------------------------
>
> I see in /var/log/syslog:
>
> ------------------------------------------------------
> named[9307]: client 206.108.5.162#49710: query (cache) 'google.ca/A/IN'
> denied
> ------------------------------------------------------
>
> Have I done something silly?
>
> Madi
Apparently, it suddenly needed to have:
allow-query { any; };
Added to the options file. I know that it should be restricted to a
certain set of hosts, but I've long offered it to clients and friends,
so I can't restrict it.
Madi
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list