Joe, Thanks for your reply... > >>It looks like the problem is that the lookups are going out UDP. (from a >>netstat -a) but the responses are not coming back. At least not with the >>address that is being looked up. The address of the authoritative >nameserver >>is what gets returned. (from tehtereal). >> >> >Yes, that sounds correct - your system should then look it up using the >authoritative address. It is not looking it up at this point. It times out and fails. I have gone as far as to change the resolv.conf nameserver entries to include the IP multiple times and it still times out. > >>If I issue a host www.google.com it times out. If I issue a host -T >>www.google.com it works find and returns the addresses. >> >> > >If you did an upgrade, you will need to look in /etc for all config >files named *.rpmsave or *.rpmnew, and reconcile them by hand, since >there could be something out of whack there. I have already gone and resolved all the rpmsavs and rpmnews and the problem still driving me up a wall. > >>I am using ipchains and have a router between the machine and the cable >>modem. I have set both TCP and UDP ports 53 open in both locations. >> >> >FWIW, ipchains emulation is a really bad choice, one of the reasons is >that it is very inefficient. > >Why not use iptables? I will give it a shot. But I want to get this issue fixed before I introduce more variables into the picture. Can you think of any other configuration info that might cause this kind of problem? I have covered everything that I can think of. Short of going in and rebuilding Bind, which has the resolver libraries. Thanks, Carlos -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
