Thursday, October 31, 2002
Breaking names
I hate it when things just stop working for no apparent reason.
DNS stopped working here in the Facility in the Middle of Nowhere. It was working fine yesturday but not today and as far as I could tell, nothing on our end changed.
At first, I thought it might be another attack on the root DNS servers but in checking outside sources proved that wasn't the case.
Then I thought maybe our Internet provider was filtering out DNS traffic or something silly like that but Spring's Linux box, which was running a DNS server, could resolve fine.
I didn't have a clue, and Rob didn't either—and both of us weren't really in a condition to think things through (he's fighting a cold; I had just gotten up).
Eventually, I was able to get it working. First, I had to remove
query-source address * port 53;
from /etc/named.conf and making that change required me to relax
the firewall rules to allow all UDP in, since the name server will pick a random port to
send the queries out on. I could probably specify an unreserved port for
the name server to send queries and then strengthen the firewall back up.
Sigh.
It's still very annoying though.
![[The future's so bright, I gotta wear shades]](https://www.conman.org/people/spc/about/2023/1023.t.jpg "The future's so bright, I gotta wear shades")