Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Query Forwarding in bind9 is not working

    Scheduled Pinned Locked Moved DHCP and DNS
    5 Posts 4 Posters 882 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bananosky
      last edited by

      Re: Do the bind9 webconfigurator screens generate zones files?

      I came across this issue after I lost my both pfsense primary and secondary and restored them from backup. I have bind9 with master/slave configuration. After restoring both servers I realized my Master bind was not resolving external names (www.google.com etc), but the Slave was working fine. There was not a problem resolving local names (myname.local) on either server. I googled around and I found few people having the same issue, but not a real solution. After digging for a couple of days I found the problem. named.root file was empty in my Master server. I copied that file from my Slave and it fixed the problem. The location of the file is here:
      /cf/named/etc/namedb/named.root

      I have not idea how it happened, but it got to be something to do with the restore that I did

      1 Reply Last reply Reply Quote 2
      • M
        miken32
        last edited by

        Nothing to do with restoring from backup, I had the same thing happen on a new install of the Bind package. Thanks for the tip. Here are the contents of the file if anyone needs them:

        ;       This file holds the information on root name servers needed to 
        ;       initialize cache of Internet domain name servers
        ;       (e.g. reference this file in the "cache  .  <file>"
        ;       configuration file of BIND domain name servers). 
        ; 
        ;       This file is made available by InterNIC 
        ;       under anonymous FTP as
        ;           file                /domain/named.cache 
        ;           on server           FTP.INTERNIC.NET
        ;       -OR-                    RS.INTERNIC.NET
        ; 
        ;       last update:     November 16, 2017 
        ;       related version of root zone:     2017111601
        ; 
        ; FORMERLY NS.INTERNIC.NET 
        ;
        .                        3600000      NS    A.ROOT-SERVERS.NET.
        A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
        A.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:ba3e::2:30
        ; 
        ; FORMERLY NS1.ISI.EDU 
        ;
        .                        3600000      NS    B.ROOT-SERVERS.NET.
        B.ROOT-SERVERS.NET.      3600000      A     199.9.14.201
        B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b
        ; 
        ; FORMERLY C.PSI.NET 
        ;
        .                        3600000      NS    C.ROOT-SERVERS.NET.
        C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
        C.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2::c
        ; 
        ; FORMERLY TERP.UMD.EDU 
        ;
        .                        3600000      NS    D.ROOT-SERVERS.NET.
        D.ROOT-SERVERS.NET.      3600000      A     199.7.91.13
        D.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2d::d
        ; 
        ; FORMERLY NS.NASA.GOV
        ;
        .                        3600000      NS    E.ROOT-SERVERS.NET.
        E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
        E.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:a8::e
        ; 
        ; FORMERLY NS.ISC.ORG
        ;
        .                        3600000      NS    F.ROOT-SERVERS.NET.
        F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
        F.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:2f::f
        ; 
        ; FORMERLY NS.NIC.DDN.MIL
        ;
        .                        3600000      NS    G.ROOT-SERVERS.NET.
        G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
        G.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:12::d0d
        ; 
        ; FORMERLY AOS.ARL.ARMY.MIL
        ;
        .                        3600000      NS    H.ROOT-SERVERS.NET.
        H.ROOT-SERVERS.NET.      3600000      A     198.97.190.53
        H.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:1::53
        ; 
        ; FORMERLY NIC.NORDU.NET
        ;
        .                        3600000      NS    I.ROOT-SERVERS.NET.
        I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
        I.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fe::53
        ; 
        ; OPERATED BY VERISIGN, INC.
        ;
        .                        3600000      NS    J.ROOT-SERVERS.NET.
        J.ROOT-SERVERS.NET.      3600000      A     192.58.128.30
        J.ROOT-SERVERS.NET.      3600000      AAAA  2001:503:c27::2:30
        ; 
        ; OPERATED BY RIPE NCC
        ;
        .                        3600000      NS    K.ROOT-SERVERS.NET.
        K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129
        K.ROOT-SERVERS.NET.      3600000      AAAA  2001:7fd::1
        ; 
        ; OPERATED BY ICANN
        ;
        .                        3600000      NS    L.ROOT-SERVERS.NET.
        L.ROOT-SERVERS.NET.      3600000      A     199.7.83.42
        L.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:9f::42
        ; 
        ; OPERATED BY WIDE
        ;
        .                        3600000      NS    M.ROOT-SERVERS.NET.
        M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
        M.ROOT-SERVERS.NET.      3600000      AAAA  2001:dc3::35
        ; End of file
        
        1 Reply Last reply Reply Quote 1
        • J
          Jim Coogan
          last edited by

          @bananosky said in Query Forwarding in bind9 is not working:

          /cf/named/etc/namedb/named.root

          Very helpful. I had to populate /cf/named/etc/namedb/named.root on fresh bind install with this as well.

          1 Reply Last reply Reply Quote 0
          • R
            Risfold
            last edited by

            Wow. Thank you to all here! In a fresh install of the bind package, I had the same issue. I populated named.root using the "Edit File" diagnostic tool and this was resolved.

            I would only add that the file contents commented above by @miken32 is outdated (it may still work, and I haven't dug into if there are any differences). The location of the current version of the file is here: https://www.internic.net/domain/named.root I used the current version and it worked.

            1 Reply Last reply Reply Quote 1
            • R
              Risfold
              last edited by

              Noted this issue in redmine bug tracker as well: https://redmine.pfsense.org/issues/10506

              1 Reply Last reply Reply Quote 1
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.