DNS Failures

[John Coutts]

I posted an article a while ago with regards to port 53 on our DNS hanging up 
once or twice a week. Well I believe I have solved the problem, but I would 
still like to know why? 

I traced 3 of the failures to a simple DNS request that was submitted using TCP 
rather than UDP. Coincidently, all 3 requests were from different domains for 
the same Domain Name that we host for a client. The requests were not for the 
server itself, and received a negative response. After these requests, port 53 
shut down and would not respond to any further requests. All other ports still 
responded correctly.

We were using Version 2.1 of MetaInfo's port of BIND, and NT 3.51 SP5. MetaInfo 
was of no assistance what-so-ever. Since I had to upgrade the operating system 
to be able to upgrade the DNS, I undertook that step first. It has been running 
on NT 4.0 SP3 now for almost 2 weeks and no failures. This is a relatively low 
powered machine, and my concerns about resource utilzation proved to be 
unfounded. Other when operating the server locally, resourse utilization is 
actually better under 4.0.

But my real question is why did we suddenly start to have problems after 2 
years of no problems at all? Why did we suddenly start to see simple DNS 
requests using TCP? The RFC's strongly recommend using UDP because of the much 
better efficiency. Is there some new function or feature that people have 
started using?

Any light on the subject would be much appreciated.

J.A. Coutts
Systems Engineer
Edsonet/TravPro