BIND 9.7 behavior - lack of response causes
Fr34k
freaknetboy at yahoo.com
Tue Apr 5 13:30:10 UTC 2011
----- Original Message ----
> From: Mark Andrews <marka at isc.org>
> To: Fr34k <freaknetboy at yahoo.com>
> Cc: Bindlist <bind-users at isc.org>
> Sent: Mon, April 4, 2011 9:02:35 PM
> Subject: Re: BIND 9.7 behavior - lack of response causes
>
>
> What do you have lame-ttl set to?
I don't. That is, I don't have lame-ttl explicitly listed in my named.conf.
>
> In message <361220.19486.qm at web121407.mail.ne1.yahoo.com>, Fr34k writes:
> > Hello,
> >
> > Given: BIND 9.7.2-P2 on Solaris 10.
> >
> > For about an hour, I had a network event where a caching DNS server could
>not
> >
> > get recursive queries back from authoritative DNS servers on the Internet.
> >
> > Obviously, this is a problem.
> >
> > Moreover, the authority for our most popular hostnames have set very low
>TTLs
> >
> > (less than a minute), so nothing in cache for the server to call upon during
>
> > this hour long event.
> >
> > Yuck.
> >
> > A snoop of port 53 traffic at the time shows client PCs requested hostname
> > resolution -- as they would normally do.
> >
> > Now, for the interesting part.
> >
> > >From the same snoop of traffic, the caching DNS server did not send ANY
>resp
> > onse
> > back to these PC clients for these low TTL popular hostnames.
> >
> > Keep in mind that I did snoop until *after* the event started.
> >
> > So, it may be the case that some BIND mechanism was behaving appropriate for
>
> > queries which it could not act upon. I can appreciate that BIND makes
>decisi
> > ons
> > with network performance in mind.
> >
> > In my attempts to understand negative caching, Sections 7.1 and 7.2 of RFC
>23
> > 08
> > list Server Failure and Dead / Unreachable Server as "(OPTIONAL)"
utilities.
> >
> > Bind 9.7 ARM says that "the server stores negative answers" for (default) 3
> > hours; however, I'm not sure what the expected BIND behavior is.
> >
> > Would some mechanism, such has max-ncache-ttl or clients-per-query, be
> > responsible for this lack of return traffic?
> >
> > Anyone have ideas to share?
> >
> > Thank you.
> >
> > _______________________________________________
> > bind-users mailing list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
>
More information about the bind-users
mailing list