named tries to look up "" (null string)
Kevin Darcy
kcd at daimlerchrysler.com
Tue Feb 15 00:31:21 UTC 2000
Manfred Bartz wrote:
> (I posted this in comp.protocols.tcp-ip.domains about an hour ago,
> then discovered this NG.)
>
> I have a LAN with 5 PCs on it, one is a nameserver (bind-8.1.2).
> Connection to the Internet is transient. Most PCs run Linux and X11.
> While disconnected, I experienced long delays on xdm logins.
> Turning on named debugging with "kill -USR1 `pidof named`" showed that
> the system tries to look up "" (null string). Why this is generated
> in the first place is a mystery to me. However, named takes this
> request and refers it to upstream nameservers. Why? Is there
> something I can configure that would stop this behaviour?
That's just the way DNS works. If your nameserver gets a query it can't
resolve from local data, it goes and tries to ask other nameservers about
the name. In the worst case, it tries to ask the root nameservers about
the name (which are probably the "" queries you're seeing).
What names are you using within XDM? If your nameserver were
authoritative for those names, then it wouldn't be trying to resolve them
externally. (When I say "names", I'm also including reverse-lookups,
since it's quite likely that XDM is doing those as well.) Can you make
your server authoritative (master or slave) for the appropriate zones?
Given your transient Internet connectivity, though, you'd probably want
to fiddle with the "dialup" and "heartbeat-interval" options if you did
that. If you have private addresses, then you can of course just make
yourself master for your own reverse-zone.
> I have implemented a work-around which automatically reconfigures
> named for _no_ _recursion_ while the LAN is disconnected from the
> Inet. This works fine, but I would like to understand what is going
> on.
>
> Also, is there a better solution?
In the absence of being authoritative for the data being looked up during
XDM, switching between "connected" and "disconnected" named
configurations seems to me to be the next best solution. If you want to
return "no such name" (NXDOMAIN) responses to your clients in
"disconnected" mode -- as opposed to the referrals they currently get
when you turn off recursion -- then you could make the
"disconnected" configuration a full-blown internal root. But that would
be more configuration, and I doubt it makes any difference to your
clients...
- Kevin
More information about the bind-users
mailing list