On Fri, Sep 12, 2008 at 03:55:42PM +0900, Ian Masters wrote:
> Hello,


Hi,

>
> I'm using BIND 9.3.4-P1 on Linux CentOS 5.2.
>
> I'm trying to set up a local caching DNS server but when I try to test
> my set-up using:
>
> dig google.com +trace
>
> I get the message:
>
> dig: couldn't get address for 'F.ROOT-SERVERS.NET': failure
>
> I'm pretty much a DNS beginner but I'd really like to understand why
> this is happening.
>
> From what I've read, when I do a dig query, BIND checks its own cache
> and if the domain's info is not in there, it consults the root name
> servers as contained in /var/named/chroot/var/named/named.ca
>
> From the output of dig, I'm presuming it's failing at that point.
>
> I can ping the IP addresses of most of the root DNS servers but not all
> of them.
>
> The only way I can make dig work properly is to insert my ISP's DNS
> servers into my named.conf, thus:
>
> forwarders { 165.76.12.2; 165.76.116.2; };
> forward only;
>
> If anyone can shed any light on my problem, I'd be very grateful.
>
> Thanks
>
> Ian Masters
>
> p.s. As I understand it, the entries in /etc/resolv.conf are irrelevant
> to servers running BIND.
>


Are you sure that firewalls/NATs on the way are configured correctly?
What happen when you try "dig @198.41.0.4 ns" ? (198.41.0.4 is address
of A root server)

Adam

--
Adam Tkac, Red Hat, Inc.