I got stuck on this as well. I had to allow TMM to query named from its 127.1.1.2 address and enable recursion. As long as I was enabling recursion, I created a new view for just loopback address clients.
For my later reference, to view more verbose named debug output you can stop named using 'bigstart stop named' and then run it from the command line using:
/usr/sbin/named -g -t /var/named -u named -c /config/named.conf -d 2
[bigip945:Active] cat /var/named/config/named.conf
restrict rndc access to local machines
use the key in the default place: /config/rndc.key
controls { inet 127.0.0.1 port 953 allow { 127.0.0.1 ;}; };
logging {
channel logfile {
syslog daemon;
severity error;
print-category yes;
print-severity yes;
print-time yes;
};
category default {
logfile;
};
category config {
logfile;
};
category notify {
logfile;
};
};
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
set this to yes when you want to resolve off
box. setting it to yes when you dont actuallly
have a bind server configured will result in
bind timeouts for many commmands
recursion no;
directory "/config/namedb";
allow-transfer {
localhost;
};
check-names master warn;
change to "no" if you want to be able to add
MX records that do not reference a record that has an A record
check-integrity yes;
};
acl "zrd-acl-000-000" {
127.10.0.0;
};
acl "local-loopback-clients" {
127.0.0.0/8;
};
view "internal" {
match-clients { "local-loopback-clients"; };
recursion yes;
};
view "external" {
match-clients { "zrd-acl-000-000"; any; };
};
Aaron