BIND 8.2.3 problem

Tue Mar 27 21:19:03 UTC 2001

If you have full Internet connectivity, you probably shouldn't be
configuring forwarding at all (except possibly for performance).

But it still seems like your nameserver is having trouble resolving
root-zone data. Is this happening more frequently than every 6 days? That's
the TTL on the root NS records. Every time the root NS records expire, your
nameserver may need to fetch a new set, and to do so, it may "prime" using
the hints file data at that time. If you're having connectivity issues at
that particular time, that would explain the errors you're seeing.

- Kevin

Juan P. Cerezo wrote:

> Kevin Darcy wrote:
>
> > Sounds like you might lack direct Internet connectivity, and therefore
> > have forwarding configured, but did not specify "forward only". If
> > that's the case, then whenever a query to the forwarders times out
> > (which can happen from time to time, even in the absence of a specific
> > failure), named will try to "prime" the root zone based on what is in
> > the hints file. This priming then fails for the same reason that the
> > original query timed out.
> >
>
> After configuring forward only, all external queries fail. The DNS has
> full conectivity to Internet and the
> root servers. We are using the named.root directly downloaded from
> Internic.
>
> >
> > When using forwarding to deal with a network connectivity issue, use
> > "forward only". "Forward first", the default forwarding mode, is only
> > for when you have full connectivity but you're trying to improve
> > performance by forwarding queries to a central cache.
> >
>
> Why the failures are intermitent using 'Forward First', and continuous
> when
> using 'Forward only' ??  Where is BIND asking for external names with
> 'Forward
> First' ???
>
> For informational purposes, I include a trace 10  failed query:
>
> datagram from [212.49.179.3].53, fd 22, len 45
> ns_req(from [212.49.179.3].53)
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36208
> ;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;;      91.252.189.157.in-addr.arpa, type = PTR, class = IN
> req: nlookup(91.252.189.157.in-addr.arpa) id 36208 type=12 class=1
> req: found '91.252.189.157.in-addr.arpa' as 'in-addr.arpa' (cname=0)
> findns: np 0xe1960 'in-addr'
> findns: np 0xd59a4 'arpa'
> findns: np 0xe0910 ''
> findns: 13 NS's added for ''
> ns_forw()
> qnew(0x36fa4c)
> find_zone(91.252.189.157.in-addr.arpa, 1)
> find_zone: unknown zone
> find_zone(252.189.157.in-addr.arpa, 1)
> find_zone: unknown zone
> find_zone(189.157.in-addr.arpa, 1)
> find_zone: unknown zone
> find_zone(157.in-addr.arpa, 1)
> find_zone: unknown zone
> find_zone(in-addr.arpa, 1)
> find_zone: unknown zone
> find_zone(arpa, 1)
> find_zone: unknown zone
> find_zone(., 1)
> find_zone: existing zone 1
> forw: no nameservers found
> ns_freeqry(0x36fa4c)
> ns_req: no address for root server
> free_nsp: A.ROOT-SERVERS.NET rcnt 1
> free_nsp: B.ROOT-SERVERS.NET rcnt 1
> free_nsp: C.ROOT-SERVERS.NET rcnt 1
> free_nsp: D.ROOT-SERVERS.NET rcnt 1
> free_nsp: E.ROOT-SERVERS.NET rcnt 1
> free_nsp: F.ROOT-SERVERS.NET rcnt 1
> free_nsp: G.ROOT-SERVERS.NET rcnt 1
> free_nsp: H.ROOT-SERVERS.NET rcnt 1
> free_nsp: I.ROOT-SERVERS.NET rcnt 1
> free_nsp: J.ROOT-SERVERS.NET rcnt 1
> free_nsp: K.ROOT-SERVERS.NET rcnt 1
> free_nsp: L.ROOT-SERVERS.NET rcnt 1
> free_nsp: M.ROOT-SERVERS.NET rcnt 1
> ns_req: answer -> [212.49.179.3].53 fd=22 id=36208 size=45 rc=2
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 36208
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;;      91.252.189.157.in-addr.arpa, type = PTR, class = IN
> ctl_new_state: /usr/local/etc/ndc.d/nd: reading -> idling (ctl_stop_read)
>
> ctl_docommand: /usr/local/etc/ndc.d/nd: "notrace" [9]
> ctl_new_state: /usr/local/etc/ndc.d/nd: idling -> processing
> (ctl_docommand)
> ctl_new_state: /usr/local/etc/ndc.d/nd: processing -> writing
> (ctl_response)
> ctl_response: [27] 250 Debugging turned off.^M
>
> >
> > - Kevin
>
> Juan P. Cerezo
> BT TEL
> juan.cerezo at remove_this_bt.es