On 13.10.08 14:23, Chris Henderson wrote:
> I have solved this problem. Here's what I did: I have more than one
> DNS server. I can telnet to all of them on port 53 except for one: the
> primary NS. I killed the process ID (PID) of bind on the primary,
> started Bind again and zone transfer happened immediately. And
> everything is good. I guess something went wrong when I made the
> mistake on "domain.com" zone file while editing it, I corrected my
> mistake and HUP'd the PID but somehow it made port 53 "filtered". And
> now I killed the PID and started a new Bind PID and everything is
> good.


Seems your named did not listen at tcp/53 from some reason when it was
started. some OSes can be configured to drop packets coming to ports
nobody's listening on, instead of sending tcp reset back (FreeBSD calls it
net.inet.tcp.blackhole and net.inet.udp.blackhole). They seem "filtered" to
nmap then.

Hmmm I should have ask you for checking udp and tcp answers before, we'd
quickly find the reason
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Christian Science Programming: "Let God Debug It!".