No name resolve after IP-Change
Mark Andrews
Mark_Andrews at isc.org
Thu Sep 2 01:26:23 UTC 2004
> Hi,
>
> I have Bind (9.2.3) Server installed on Debian Linux (2.4.18 Kernel)
> and SuSE Linux 9.1 (2.6.5 Kernel). Bind-Servers listen on local
> interfaces and resolving local names and IPs and it works fine.
> For external names the bind forwards to my ISPs DNS-Servers. To access
> Internet Bindservers use a NAT-Router based on Debian Linux (2.4.26
> Kernel) "iptables" using a DSL dial-up connection.
>
> NOW the problem
>
> After reinitiate dial-up connection the external name resolution fails
> with
>
> bash:nslookup
>
> ##
> #> test4.de
> #;; connection timed out; no servers could be reached
> #>
> ##
>
> or
>
> ##
> #> test4.de
> #;; Warning: ID mismatch: expected ID 18389, got 8398
> #;; Warning: ID mismatch: expected ID 18389, got 8398
> #;; Warning: ID mismatch: expected ID 18389, got 55750
> #;; Warning: ID mismatch: expected ID 18389, got 55750
> #Server: 192.168.0.8
> #Address: 192.168.0.8#53
> #
> #** server can't find test4.de: SERVFAIL
> ##
>
> The only way to solve the problem is a manual restart of the
> nameservers.
>
>
> I've sniffed the DNS-traffic on the router and recognized that
> DNS-requests goes to the forwarders but not response returns.
>
>
> Has anyone ever seen such a problem or a suggestion how to proceed?
>
>
> THANKS
>
> SWus
>
I've seen Linux based NAT's fail like this in the past.
Lack of answers points to the NAT. You didn't say which
side of the NAT you were sniffing but it sounds like the
inside.
Restarting named causes it to use a different ports for its
own queries.
The ID mismatches is just named finally giving up and
sending a SERVFAIl for the original queries.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list