Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

query (cache) 'xxxxxxxxxxxx/A/IN' denied

952 views

Skip to first unread message

Riccardo Castellani

unread,

Feb 9, 2010, 1:06:24 PM2/9/10

to bind-...@lists.isc.org

I'm using Debian Sarge with Bind 9.5.1 for my DNS server and I'd like
understanding because my Fedora Core 3 client (machine A) is not able to
solve domains when it queries to this DNS server.
I can see this error on named.log of DNS server:

security: client A.B.C.D#yyyy : query (cache) 'xxxxxxxxxxxx/A/IN' denied

"allow-query" option contains machine A
"allow-recursion" option doesn't contain machine A

I'd like machine A could resolve only domains which DNS server has in cache
! It has not to do resursive queries !
If record is in cache, server gives answer otherwise it gives nxdomain !

Todd Snyder

unread,

Feb 9, 2010, 1:18:54 PM2/9/10

to Riccardo Castellani, bind-...@lists.isc.org

checkout "allow-query-cache"

_______________________________________________
bind-users mailing list
bind-...@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.

Riccardo Castellani

unread,

Feb 9, 2010, 2:02:49 PM2/9/10

to Todd Snyder, bind-...@lists.isc.org

I migrated from Bind 9.2 to 9.5.1 version but there was not his problem!
This option was not present in mi prevoius configuration and it works fine.
What do you think ?

Lightner, Jeff

unread,

Feb 9, 2010, 2:14:56 PM2/9/10

to Riccardo Castellani, Todd Snyder, bind-...@lists.isc.org

It changed between 9.3 and 9.4.

See this link:
http://support.menandmice.com/jforum/posts/list/25.page

checkout "allow-query-cache"

Proud partner. Susan G. Komen for the Cure.

Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------

0 new messages