How to handle bind 9 as resolver on bad wireless links

Mark Andrews Mark_Andrews at isc.org
Mon Aug 20 23:16:12 UTC 2007 

> Hi,
> 
> I am running a local bind9 on my notebook which is frequently
> connected to the Internet via UMTS or GPRS while on a train. As you
> might know, especially GPRS is famous for its abysmally high latency
> and packet loss characteristics, which is supplemented by outages of
> tens of seconds when the card is moving from one cell to another. In
> this circumstances, I find it desireable to have a local DNS cache so
> that network access does only fail when the "real" connection is made
> and DNS reduces its role as a failure source.
> 
> Because the connectivity is so bad, I have bind misbehave though: When
> it is resolving a recursive query, it keeps sending out the same query
> over and over to a bundle of name servers. I suspect that the answers
> that are (eventually) coming in are coming in too late for bind to
> honor them, so the query goes out over and over.
> 
> This monopolizes the narrow upstream bandwidth that is available and
> keeps other communication (for example the OpenVPN tunnel to my shell
> host) from happening.
> 
> Is there any possibility to make bind
> 
> (1) wait longer for answers before resending a query?
> (2) not send out a query to _this_ much hosts at once?
> (3) be a little more careful with the bandwidth if there is not much
>     bandwidth available?
> 
> Thanks for helping.
> 
> Greetings
> Marc

	Lossy links are hard to distingish from non RFC 1034/1035
	compliant nameservers that fail to reply to EDNS queries
	and broken firewalls that don't let through EDNS packets
	bigger than 512 octets.  No reply is No reply.

	The recovery path for both of these is to retransmit.
	Firstly using EDNS @512 octets and then with plain DNS.

	You may be better using a forwarder and TSIG.  That way
	the interation is done remotely and you are still secure
	from MiM attacks.

	Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list