[BlueOnyx:23249] Re: DNS issues on 5209R since 7.7 update
Chris Gebhardt - VIRTBIZ Internet
cobaltfacts at virtbiz.com
Wed Sep 18 06:55:58 -05 2019
On 9/18/2019 6:30 AM, Colin Jack wrote:
> Something has changed with bind since the update.
> I have it all working but Nagios cannot check - even though it has always been allowed ... it is now denied.
>
> I have checked allow cache access entries in the GUI and all good. Saved it all again.
> Still getting 208.67.249.xxx#49077 (www.google.com): query (cache) 'www.google.com/A/IN' denied
>
> Anybody any thoughts?
What is your Nagios instance checking? Is it trying to run an
authoritative or recursive lookup? I should tell you we typically do
not recommend allowing any recursive service on these boxes to the
outside world. You *should* be able to operate recursive on just
specified ranges by locking it down in the "Allow Cache access from
these Networks". It looks like you've done that.
What happens when you run a manual nslookup from remote against the
box? (make sure you add the remote system to your "Allow Cache access...")
--
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ
More information about the Blueonyx
mailing list