Odd resolving problem

Terrence Koeman root at mediamonks.net
Sun Dec 9 05:51:16 UTC 2001 

> -----Original Message-----
> From: Danny Mayer [mailto:mayer at gis.net]
> Sent: Sunday, December 09, 2001 04:56
> To: root at mediamonks.net; Bind Users
> Subject: Re: Odd resolving problem

> >Hello,
> >
> >My DNS servers suddenly stopped resolving one particular hostname,
> >while others around the globe can resolve this host just fine.
> >
> >The hostname is irc.quakenet.org (and a CNAME of it:
> >irc.quakenet.eu.org).
> >
> >Other hosts that are in the same domain and have the same authorative
> >nameservers resolve fine, i.e. www.quakenet.org and
> >irc.uk.quakenet.org.
> >
> >I'm running BIND 8.2.0 on Windows 2000 Advanced Server SP2.
>
> What version is this really? Is it BIND 9.2.0 or 8.2.5?  Your
> version of dig
> is from BIND 8.2.5 but you don't seem to be running it on the same node.

BIND 8.2.5-NT on the server, and the dig that came with it on my home
connection.

> >I included some dig's to show my problem at the end.
> >
> >The last dig is a lookup of irc.quakenet.org through some other DNS
> >server, and it shows a lot of A records for this host. So I figured the
> >answer might be bigger than a UDP packet and I could be accidentally
> >blocking port 53 TCP. This is not the case.
>
> Running Dig 9.2.0 shows that it's getting a UDP truncation and it retries
> in TCP mode.

Yes, I figured that as the reply is too big for an UDP packet.

> >And I'd like to note that until some hours ago the host resolved fine.
> >
> >Does someone have an idea what this could be? The logs don't give me
> >any clues.
>
> Probably the sheer number of A records for that address.  What were they
> thinking? Try a BIND 9.2.0 version of Dig. From the test I
> conducted against
> my 8.2.5 version of BIND on NT, it looks like it takes too long for the
> nameserver to get the answer because it has to retry in TCP mode and
> dig is timing out before the server can get the answer. If you
> install BIND
> 9.2.0
> it will work though dig may timeout initially.

Well I tried installing BIND 9.2.0, but it runs abnormally slow on that
server. Like 1 query per second. I currently don't have the time to find the
problem, so I just want to keep running a 8.2.x version.

I included a part of the log with debug level 4. I let BIND use some other
IP-address, cleared the log and restarted it. The I did 2 queries using dig.
One on irc.uk.quakenet.org, which succeeded, and one on irc.quakenet.org,
which failed.

It seems to me that BIND is trying to send something to the nameserver using
TCP, fails and tries to resend it to the next nameserver in line, fails
again and tries the third, fails and then stops alltogether, never returning
something to dig.

If I use 'dig @ns1.mediamonks.net irc.quakenet.org +qr +time=60' it still
times out.

I still think something at my side is wrong as thousands of people can still
resolve irc.quakenet.org.

Please advice.


--
Regards,

Terrence Koeman

Technical Director/Administrator
MediaMonks B.V. (www.mediamonks.nl)

Please quote all replies in correspondence.



-- Binary/unsupported file stripped by Ecartis --
-- Type: application/octet-stream
-- File: named.log

More information about the bind-users mailing list