change in reverse dns lookup behavior
Kevin Darcy
kcd at daimlerchrysler.com
Thu May 12 21:30:31 UTC 2005
cool burn wrote:
>Hello,
>
>We have an internal network of the form 10.x.x.x
>
>We have two DNS servers (bind 9.2.1) that are
>multi-homed, but are used by the internal network at
>10.0.0.10 and 10.0.0.11
>
>All of the internal servers have resolv.conf setup as:
>nameserver 10.0.0.10
>nameserver 10.0.0.11
>
>This has worked perfectly for 8 months.
>
>Today, we suddenly started getting timeouts in our
>application server connecting to our db server. Then,
>I saw I was also getting very slow times to connect
>using SSH. I knew right away this was DNS related.
>
>The DNS servers were still responding perfectly to
>requests ("dig google.com" worked fine on all internal
>servers, and was getting responses from both 10.0.0.10
>and 10.0.0.11)
>
>The problem is, they were giving extremely slow
>responses to "dig -x 10.0.0.5", etc.
>
>I realize now that the problem is, we had no reverse
>DNS defined for these internal IP addreses. I simply
>added them into the hosts file on the servers that
>needed them, and connection times between our
>applications, and ssh connection times became instant.
>
Hosts file? Surely that's only a stopgap measure. You should define a
10.in-addr.arpa zone in your internal DNS to prevent any "garbage"
queries leaking out to the Internet DNS infrastructure.
>My question is, why did we only just now start
>noticing this behavior?
>
No idea. Nothing on the Internet side changed, maybe something in your
network did...
- Kevin
More information about the bind-users
mailing list