Won't resolve domain but all other DNS servers do
David LaPorte
david_laporte at harvard.edu
Sat Apr 1 05:11:06 UTC 2000
We had a similar problem recently. Several hostmasters had been contacting
us and claiming that machines within our domain were not resolving.
Interestingly, all the locations that were failing were geographically
distant (eastern Europe primarily). After banging our heads trying to
figure out what could be wrong, I stumbled upon this link:
http://www.switch.ch/docs/ttl_info.html
Turns out, some operating systems (Tru64 and AIX are two) have a very low
default UDP TTL value - on Tru64 (which we run) the default UDP TTL is 30.
Due to backbone changes, the hop count to the domains in question was pushed
above 30 and query responses started timing out. Typically, there are
kernel parameters for a UDP TTL and a TCP TTL - increasing the UDP TTL value
fixed our problem.
Note that a ping will not correctly diagnose this problem since it uses
ICMP, not UDP. Running a traceroute to the questionable nameserver will
give you an idea of the hop count.
This may or may not solve your problem. I thought I'd point it out as a
possible explanation for what's happening. If this is the case, then the
problem resides at the other nameserver, not yours.
Hope this helps...
Dave LaPorte
-----Original Message-----
From: news at news3.infoave.net [mailto:news at news3.infoave.net]On Behalf Of
Michael Long
Sent: Wednesday, March 29, 2000 4:59 PM
To: comp-protocols-dns-bind at moderators.isc.org
Subject: Won't resolve domain but all other DNS servers do
I am admin for 3 DNS servers, all running the latest 8.2.2P5 I
believe. We host a couple thousand domains, and for the most part,
have no problems.
However, someone brought a domain to me "yorko.com" which would not
resolve for clients using our DNS server for resolving. When you did
a nslookup it would sit there for like 30 seconds then come back and
say it did not exist.
Now we don't host this domain, and we never have. When I go to other
DNS servers (mindspring.com, aol, etc.) they have no trouble resolving
it.
It seems to me this should be transparent - named should go to the
root server, then to dell (the host of this domain), then come back to
us with the IP.
Why is this failing for us and not for any other dns servers?
The only way I could fix it was to put the zone in as master on our
servers for now unti I figure out what is happening
More information about the bind-users
mailing list