Caching DNS server still queries forwarding nameservers

Nelson, Brad bradn at s2systems.com
Wed Apr 19 22:06:59 UTC 2000 

Additional info: I turned on debug level 1 with "ndc trace" and tried two
nslookups on my guinea pig www.fogdog.com. The named.run is below:

$ more named.run
Debug level 1
Version = named 8.2.2-P5 Wed Apr 19 02:42:33 CDT 2000
        root at nitro:/usr/installs/bind/src/bin/named
conffile = /etc/named.conf
datagram from [127.0.0.1].1565, fd 20, len 40
req: nlookup(1.0.0.127.in-addr.arpa) id 55792 type=12 class=1
req: found '1.0.0.127.in-addr.arpa' as '1.0.0.127.in-addr.arpa' (cname=0)
sysquery: send -> [209.250.238.2].53 dfd=4 nsid=52619 id=0 retry=956182504
ns_req: answer -> [127.0.0.1].1565 fd=20 id=55792 size=97 rc=0
datagram from [127.0.0.1].1566, fd 20, len 32
req: nlookup(www.fogdog.com) id 55793 type=1 class=1
req: missed 'www.fogdog.com' as '' (cname=0)
forw: forw -> [209.250.238.2].53 ds=4 nsid=20398 id=55793 -1ms retry 4sec
datagram from [209.250.238.2].53, fd 4, len 100
ncache: dname localhost, type 1, class 1
datagram from [209.250.238.2].53, fd 4, len 48
send_msg -> [127.0.0.1].1566 (UDP 20) id=55793

   [note: the above was where the output from the first query ended,]
   [it was the first query to the newly-started named]

   [below was what was printed on the second attempt]

datagram from [127.0.0.1].1567, fd 20, len 40
req: nlookup(1.0.0.127.in-addr.arpa) id 60158 type=12 class=1
req: found '1.0.0.127.in-addr.arpa' as '1.0.0.127.in-addr.arpa' (cname=0)
sysquery: send -> [209.250.238.2].53 dfd=4 nsid=9942 id=0 retry=956182623
ns_req: answer -> [127.0.0.1].1567 fd=20 id=60158 size=97 rc=0
datagram from [127.0.0.1].1568, fd 20, len 32
req: nlookup(www.fogdog.com) id 60159 type=1 class=1
req: found 'www.fogdog.com' as 'www.fogdog.com' (cname=0)
ns_req: answer -> [127.0.0.1].1568 fd=20 id=60159 size=467 rc=0
datagram from [209.250.238.2].53, fd 4, len 100
update failed  6
ncache: dname localhost, type 1, class 1
db_update failed (-10), cache_n_resp()

    [end]

The "db_update failed" looks rather suspicious; a quick search of the
archived yielded no hits. 

Any ideas?

Thanks,

Brad

-----Original Message-----
From: Nelson, Brad [mailto:bradn at s2systems.com]
Sent: Wednesday, April 19, 2000 3:58 PM
To: 'bind-users at isc.org'
Subject: Caching DNS server still queries forwarding nameservers


Greetings all, I'm trying to set up a simple caching name server on my Linux
box. I have a permanent Internet connection with a static IP address, so
that part is pretty easy. My ISP has DNS servers that I wish to use as
forwarders. 

I've installed and configured BIND 8 as per the Linux DNS HOW-TO, and the
good news is that the server actually does work, insofar as it goes to my
local server first:

nslookup www.fogdog.com
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    www.fogdog.com
Address:  209.1.55.139

However, a tcpdump reveals that, even after repeated nslookups, my ISP's DNS
servers (which I have set up as forwarders) still get hit on each request;
in the example below, I have tcpdump running in the background, thus it
spews out it's results in near-real-time:

$ nslookup www.fogdog.com
15:20:10.857028 h84-212-210-245.notarealdomain.net.1499 > dns2.domain:
21474+ (27)
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    www.fogdog.com
Address:  209.1.55.139

15:20:10.947028 dns2.domain > h84-212-210-245.notarealdomain.net.1499: 21474
NXDomain 0/1/0 (100)

The whole h84-xxxxxx thing is my ISP-assigned address (munged), and dns2 is
of course their DNS server. I get the same results every time I run a
lookup; it always still goes to the ISP DNS. 

My assumption would be that if my caching nameserver were working properly,
it would not have to query the ISP DNS on subsequent lookups of the same
address; in other words, I would expect to see no traffic to the net with
just a simple lookup on the second and subsequent tries. Is this a valid
assumption?

Here is my config right now, though I've tried a multitude of different
things with the same result:

/etc/resolv.conf:

nameserver 127.0.0.1

// Config file for caching only name server

options {
        directory "/var/named";

      forward first;
       forwarders {
                xxx.xxx.xxx.xxx; // **NOTE** I have the real servers in my
actual file
                xxx.xxx.xxx.yyy;
       };

        // Uncommenting this might help if you have to go through a
        // firewall and things are not working out:

        // query-source port 53;
};

zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";
};

zone "." {
        type hint;
        file "root.hints";

/var/named/root.hints:

; <<>> DiG 2.2 <<>> @h.root-servers.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd; Ques: 1, Ans: 13, Auth: 0, Addit: 13
;; QUESTIONS:
;;      ., type = NS, class = IN

;; ANSWERS:
.       518400  NS      L.ROOT-SERVERS.NET.
.       518400  NS      M.ROOT-SERVERS.NET.
.       518400  NS      I.ROOT-SERVERS.NET.
.       518400  NS      E.ROOT-SERVERS.NET.
.       518400  NS      D.ROOT-SERVERS.NET.
.       518400  NS      A.ROOT-SERVERS.NET.
.       518400  NS      H.ROOT-SERVERS.NET.
.       518400  NS      C.ROOT-SERVERS.NET.
.       518400  NS      G.ROOT-SERVERS.NET.
.       518400  NS      F.ROOT-SERVERS.NET.
.       518400  NS      B.ROOT-SERVERS.NET.
.       518400  NS      J.ROOT-SERVERS.NET.
.       518400  NS      K.ROOT-SERVERS.NET.

;; ADDITIONAL RECORDS:
L.ROOT-SERVERS.NET.     3600000 A       198.32.64.12
M.ROOT-SERVERS.NET.     3600000 A       202.12.27.33
I.ROOT-SERVERS.NET.     3600000 A       192.36.148.17
E.ROOT-SERVERS.NET.     3600000 A       192.203.230.10
D.ROOT-SERVERS.NET.     3600000 A       128.8.10.90
A.ROOT-SERVERS.NET.     3600000 A       198.41.0.4
H.ROOT-SERVERS.NET.     3600000 A       128.63.2.53
C.ROOT-SERVERS.NET.     3600000 A       192.33.4.12
G.ROOT-SERVERS.NET.     3600000 A       192.112.36.4
F.ROOT-SERVERS.NET.     3600000 A       192.5.5.241
B.ROOT-SERVERS.NET.     3600000 A       128.9.0.107
J.ROOT-SERVERS.NET.     3600000 A       198.41.0.10
K.ROOT-SERVERS.NET.     3600000 A       193.0.14.129

;; Total query time: 533 msec
;; FROM: nitro to SERVER: h.root-servers.net  128.63.2.53
;; WHEN: Tue Apr 18 23:24:18 2000
;; MSG SIZE  sent: 17  rcvd: 436

/var/named/pz/127.0.0:

@               IN      SOA     localhost. root.localhost. (
                                1       ; Serial
                                28800   ; Refresh
                                7200    ; Retry
                                604800  ; Expire
                                86400)  ; Minimum TTL
                        NS      localhost.
1                       PTR     localhost.

I've also tried the "bone stock" 127.0.0 file from the Linux DNS HOW-TO,
exactly as is appears there, with the "linux.bogus" etc., but same results. 

Any ideas? Thanks very much in advance...

Brad

More information about the bind-users mailing list