Connection timed out: BIND 9.0.1
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Thu Nov 30 01:22:07 UTC 2000
GDS does not respond to EDNS probes (queries w/ additional data).
What you are seeing is the server trying with a EDNS query then
after timing out retrying w/o EDNS.
The GDS server should at least meet RFC 1035 and either ignore
the additional data in the query or send a FORMERR. It does
neither. It appears to just drop the ENDS query on the floor.
Mark
> I have a strange problem with BIND 9.0.1 that I've never seen with our
> 8.2.x servers. We are delegating a zone to our mail server (which uses
> Critical Path's Global Directory Server (GDS) for a name server). The
> first time I ask BIND 9 for an answer, I get a Connection timed out,
> and the second time I ask, BIND 9 answers until the RR expires. Then
> the cycle repeats. Since all of our machines will point to this group
> of BIND name servers, I need BIND 9 to answer on the first query.
>
> lyra.u.arizona.edu (the BIND 9 server) should be authoritative for
> email.arizona.edu.
>
> lyra should delegate inbox.email.arizona.edu to phobos.email.arizona.edu
> and deimos.email.arizona.edu.
>
> listserv and dns.ccit.arizona.edu are our production BIND 8 servers. They
> always answer on the first try. Lyra and dns.ccit.arizona.edu are slaves
> to listserv, so I'm sure they all use the same zone file.
>
> (First try)
> $ dig @lyra.u.arizona.edu murphy.inbox.email.arizona.edu
>
> ; <<>> DiG 8.2 <<>> @lyra.u.arizona.edu murphy.inbox.email.arizona.edu
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; res_nsend to server lyra.u.arizona.edu 128.196.137.175: Connection timed
> out
>
> (Command recall and enter)
> $ dig @lyra.u.arizona.edu murphy.inbox.email.arizona.edu
>
> ; <<>> DiG 8.2 <<>> @lyra.u.arizona.edu murphy.inbox.email.arizona.edu
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; murphy.inbox.email.arizona.edu, type = A, class = IN
>
> ;; ANSWER SECTION:
> murphy.inbox.email.arizona.edu. 5M IN CNAME phobos.email.arizona.edu.
> phobos.email.arizona.edu. 3H IN A 128.196.133.160
>
> ;; AUTHORITY SECTION:
> email.arizona.edu. 3H IN NS listserv.ccit.arizona.edu.
> email.arizona.edu. 3H IN NS dns.ccit.arizona.edu.
>
> ;; ADDITIONAL SECTION:
> listserv.ccit.arizona.edu. 1D IN A 128.196.137.14
> dns.ccit.arizona.edu. 1D IN A 128.196.139.46
>
> ;; Total query time: 2240 msec
> ;; FROM: beavis.ccit.arizona.edu to SERVER: lyra.u.arizona.edu 128.196.137.1
> 75
> ;; WHEN: Wed Nov 29 16:34:31 2000
> ;; MSG SIZE sent: 48 rcvd: 163
>
> (querying the inbox.email.arizona.edu authority)
> $ dig @phobos.email.arizona.edu murphy.inbox.email.arizona.edu
>
> ; <<>> DiG 8.2 <<>> @phobos.email.arizona.edu murphy.inbox.email.arizona.edu
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; murphy.inbox.email.arizona.edu, type = A, class = IN
>
> ;; ANSWER SECTION:
> murphy.inbox.email.arizona.edu. 5M IN CNAME phobos.email.arizona.edu.
> phobos.email.arizona.edu. 5M IN A 128.196.133.160
>
> ;; Total query time: 10 msec
> ;; FROM: beavis.ccit.arizona.edu to SERVER: phobos.email.arizona.edu 128.196
> .133.160
> ;; WHEN: Wed Nov 29 17:02:08 2000
> ;; MSG SIZE sent: 48 rcvd: 85
>
>
> Phobos and Deimos (the Critical Path DNS servers) seem to give short answers,
> but is that the problem? Should they be filling the authority section with
> themselves? If they are doing something wrong, I need to know exactly what
> it is to pass onto the Critical Path engineers. Regardless, why does BIND 9
> appear inconsistent?
>
> I would be happy to provide more info if I've missed anything.
>
> Thank you.
>
> Brian Murphy
>
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list