Problem resolving a domain on my cache server. (part II)

Fabiano Silos Reis fsilos at ig.com
Wed Mar 23 12:25:36 UTC 2005 

Hi Mark,

I know what you mean. The problem is that my cache server keeps
resolving for a while but somehow from time to times this host
(www.redecard.com.br) cannot be resolved by my cache server (my server
answer with timeout responses). But when this host cannot be resolved by
my cache server I setup a script that dig this host directly from their
two ns

dig -b mycacheserver_ip_address#the_same_src_port_namded_is_using
www.redecard.com.br @200.211.224.110
dig -b mycacheserver_ip_address#the_same_src_port_namded_is_using
www.redecard.com.br @200.211.224.111

I get positive answers. So I suppose it is not communication fault or
their fault.

Don't you think my cache server daemon may be losing something when it
tries to resolve this specific host?
=20
Thanks in advance,

Fabiano

-----Original Message-----
From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org]=20
Sent: Tuesday, March 22, 2005 6:08 PM
To: Fabiano Silos Reis
Cc: bind-users at isc.org
Subject: Re: Problem resolving a domain on my cache server. (part II)=20


>=20
> Hi list,
>=20
> Some months ago I asked here about a domain I can=3DB4t resolve on my =
=3D
> cache server because of a firewall on the dns that hosts this domain =
=3D
> (they were blocking everyone doing queries using source udp port
bellow =3D
> 53). Today I will ask again about one domain I can=3DB4t resolve on my =
=3D
> cache server.=3D20
>=20
> To make sure the problem is not firewall issue again I tested it using
=3D
> DIG and setting the source ip/port exactly to what named process is =
=3D
> using to make queries. I receive answer without problems.
>=20
> Actually I have problem to resolve just one hostname -> =3D
> www.redecard.com.br. When I startup my cache server process and make
one =3D
> query to it I receive the answer from my server. But after some time =
=3D
> running (and memory cache getting bigger) only this domain stops =3D
> working. I=3DB4m not owner of domain redecard.com.br but the problem =
is
=3D
> some of my cache clients are complaining that they could not resolve =
=3D
> this domain using my cache server. I couldn't understand why and how =
=3D
> this is happening. I tried some things trying to fix it. Doing rndc =
=3D
> flusname for some times I can resolve this domain but some times rndc
=3D
> flushname makes no difference.
>=20
> Do someone have a clue on how to trace this kind of problem? Is the =
=3D
> problem my cache or the problem is on a mistake at redecard.com.br dns
=3D
> servers?
>=20
> Bellow I will paste my named configure line, version and named.conf. I
=3D
> would appreciate any help on this.=3D20
>=20
> Thanks
>=20
> Fabiano

	Well they don't have a robust nameserver setup.  There
	are plenty of opportunities for single point failures to
	make both nameservers unreachable when using consecutive
	addresses.

	Any routing problems will affect both servers simultaneously
	(same AS path).

	Highly likely that there are common power failure points that
	will make both servers unreachable.

	Mark

; <<>> DiG 8.3 <<>> redecard.com.br ns=20
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29000
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUERY SECTION:
;;	redecard.com.br, type =3D NS, class =3D IN

;; ANSWER SECTION:
redecard.com.br.	59m49s IN NS	canopus1.credicard.com.br.
redecard.com.br.	59m49s IN NS	regulus1.credicard.com.br.

;; ADDITIONAL SECTION:
canopus1.credicard.com.br.  52m28s IN A  200.211.224.111
regulus1.credicard.com.br.  52m29s IN A  200.211.224.110

;; Total query time: 0 msec
;; FROM: drugs.dv.isc.org to SERVER: 127.0.0.1
;; WHEN: Wed Mar 23 08:02:52 2005
;; MSG SIZE  sent: 33  rcvd: 121


--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list