Problem with some domains and some domain resolved
Dawn Connelly
dawn.connelly at gmail.com
Tue Jul 10 20:39:32 UTC 2007
no more recursive clients: quota reached usually indicates that your DNS
server is overloaded. I *think* that by default, BIND allows for 1000
concurrent sessions at the same time (I'm sure someone will correct me on
the actual number if that is incorrect). If you are maxing out your
recursion that means that something is DoS'ing your server. You can up the
default number with the following entry in your Global options:
recursive-clients 5000;
I would recommend only using this as a temporary measure to buy you some
time to figure out what is sucking up your resources. Think about how many
queries your server can handle before you up the clients by too much.
Take a good look at your tcpdump to figure out what it maxing your quota. Is
someone hitting you repeatedly and quickly? If so, blackhole them until you
can contact that server's admin and get things worked out. Or are you caught
in some kind of freakish loop and querying someone else spastically? Try
stopping and starting named to see if that clears it.
Getting rid of the recursive client error will most likely clear up the
problem you are seeing. If you server is freaking out trying to handle too
many queries it's going to start dropping random things.
On 7/10/07, Nayeem <nayeem at ksa.zajil.com> wrote:
>
> I put $tail -f /var/log/messages
>
> [root at ns1 ~]# cd /var/log
> [root at ns1 log]# tail -f messages
> Jul 11 00:48:11 ns1 named[4862]: client 85.194.115.35#1044: no more
> recursive clients: quota reached
> Jul 11 00:48:12 ns1 named[4862]: client 85.194.76.14#1655: no more
> recursive
> clients: quota reached
> Jul 11 00:48:13 ns1 named[4862]: client 85.194.100.138#1085: no more
> recursive clients: quota reached
> Jul 11 00:48:14 ns1 named[4862]: client 85.194.123.112#53973: no more
> recursive clients: quota reached
> Jul 11 00:48:15 ns1 named[4862]: client 172.29.0.16#1025: no more
> recursive
> clients: quota reached
> Jul 11 00:48:15 ns1 named[4862]: unexpected RCODE (SERVFAIL) resolving
> '62.57.194.212.in-addr.arpa/PTR/IN': 193.0.0.193#53
> Jul 11 00:48:16 ns1 named[4862]: client 212.24.245.170#10005: no more
> recursive clients: quota reached
> Jul 11 00:48:16 ns1 named[4862]: lame server resolving
> 'USER-TDTIHMA1DL.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:16 ns1 named[4862]: lame server resolving
> 'USER-TDTIHMA1DL.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:17 ns1 named[4862]: client 85.194.114.98#1039: no more
> recursive clients: quota reached
> Jul 11 00:48:18 ns1 named[4862]: client 82.147.202.73#49855: no more
> recursive clients: quota reached
> Jul 11 00:48:19 ns1 named[4862]: client 172.18.52.57#3386: no more
> recursive
> clients: quota reached
> Jul 11 00:48:19 ns1 named[4862]: lame server resolving
> 'PC-SHEIKH.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:19 ns1 named[4862]: lame server resolving
> 'PC-SHEIKH.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:20 ns1 named[4862]: client 82.147.209.117#1051: no more
> recursive clients: quota reached
> Jul 11 00:48:21 ns1 named[4862]: client 172.18.52.57#3542: no more
> recursive
> clients: quota reached
> Jul 11 00:48:21 ns1 named[4862]: lame server resolving
> 'CHIEF-ACC-CMP.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:21 ns1 named[4862]: lame server resolving
> 'CHIEF-ACC-CMP.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:22 ns1 named[4862]: client 172.18.52.57#3618: no more
> recursive
> clients: quota reached
> Jul 11 00:48:23 ns1 named[4862]: client 212.24.224.38#58544: no more
> recursive clients: quota reached
> Jul 11 00:48:24 ns1 named[4862]: lame server resolving '
> P4-JOEY.secl.com.sa'
> (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:24 ns1 named[4862]: lame server resolving '
> P4-JOEY.secl.com.sa'
> (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:24 ns1 named[4862]: client 85.194.104.40#60467: no more
> recursive clients: quota reached
> Jul 11 00:48:25 ns1 named[4862]: client 85.194.115.35#1044: no more
> recursive clients: quota reached
> Jul 11 00:48:26 ns1 named[4862]: client 172.18.52.57#4135: no more
> recursive
> clients: quota reached
> Jul 11 00:48:26 ns1 named[4862]: lame server resolving
> 'SEC-797F9N7MK67.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:26 ns1 named[4862]: lame server resolving
> 'SEC-797F9N7MK67.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:27 ns1 named[4862]: client 172.18.52.57#4249: no more
> recursive
> clients: quota reached
> Jul 11 00:48:27 ns1 named[4862]: client 82.147.192.209#45991: update
> 'threed.com.sa/IN' denied
> Jul 11 00:48:27 ns1 named[4862]: client 82.147.192.209#45991: update
> 'threed.com.sa/IN' denied
> Jul 11 00:48:28 ns1 named[4862]: client 212.24.224.151#55409: no more
> recursive clients: quota reached
> Jul 11 00:48:29 ns1 named[4862]: client 82.147.200.145#3872: no more
> recursive clients: quota reached
> Jul 11 00:48:30 ns1 named[4862]: client 172.18.52.57#4590: no more
> recursive
> clients: quota reached
> Jul 11 00:48:31 ns1 named[4862]: client 82.147.200.217#10130: no more
> recursive clients: quota reached
> Jul 11 00:48:32 ns1 named[4862]: client 85.194.76.35#1037: no more
> recursive
> clients: quota reached
> Jul 11 00:48:33 ns1 named[4862]: client 212.24.234.22#3010: no more
> recursive clients: quota reached
> Jul 11 00:48:33 ns1 named[4862]: lame server resolving '
> P4-JOEY.secl.com.sa'
> (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:33 ns1 named[4862]: lame server resolving '
> P4-JOEY.secl.com.sa'
> (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:34 ns1 named[4862]: client 85.194.117.81#1342: no more
> recursive clients: quota reached
> Jul 11 00:48:35 ns1 named[4862]: client 172.18.52.57#1194: no more
> recursive
> clients: quota reached
> Jul 11 00:48:36 ns1 named[4862]: client 172.18.52.57#1392: no more
> recursive
> clients: quota reached
> Jul 11 00:48:36 ns1 named[4862]: lame server resolving 'PC-COM.secl.com.sa
> '
> (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:36 ns1 named[4862]: lame server resolving 'PC-COM.secl.com.sa
> '
> (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:36 ns1 named[4862]: unexpected RCODE (SERVFAIL) resolving
> '62.57.194.212.in-addr.arpa/PTR/IN': 193.0.0.193#53
> Jul 11 00:48:37 ns1 named[4862]: client 172.18.52.57#1563: no more
> recursive
> clients: quota reached
> Jul 11 00:48:38 ns1 named[4862]: client 172.18.52.57#1652: no more
> recursive
> clients: quota reached
> Jul 11 00:48:38 ns1 named[4862]: client 87.109.228.61#50268: updating zone
> 'saudi-ericsson.com/IN': update unsuccessful:
> GSMJEFFREYLT.saudi-ericsson.com/A: 'RRset exists (value dependent)'
> prerequisite not satisfied (NXRRSET)
> Jul 11 00:48:38 ns1 named[4862]: lame server resolving
> 'CHIEF-ACC-CMP.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:38 ns1 named[4862]: lame server resolving
> 'CHIEF-ACC-CMP.secl.com.sa' (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:39 ns1 named[4862]: client 85.194.104.240#4553: no more
> recursive clients: quota reached
> Jul 11 00:48:40 ns1 named[4862]: client 212.24.224.38#58848: no more
> recursive clients: quota reached
> Jul 11 00:48:41 ns1 named[4862]: client 172.17.5.11#52084: no more
> recursive
> clients: quota reached
> Jul 11 00:48:41 ns1 named[4862]: client 82.147.199.98#1855: updating zone
> 'pilogksa.com/IN': update unsuccessful: pilogksadevap1.PILOGKSA.COM/A:
> 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
> Jul 11 00:48:41 ns1 named[4862]: client 82.147.199.98#1858: update
> 'pilogksa.com/IN' denied
> Jul 11 00:48:41 ns1 named[4862]: lame server resolving 'IT-PC1.secl.com.sa
> '
> (in 'secl.com.sa'?): 212.93.192.5#53
> Jul 11 00:48:41 ns1 named[4862]: lame server resolving 'IT-PC1.secl.com.sa
> '
> (in 'secl.com.sa'?): 212.93.192.4#53
> Jul 11 00:48:42 ns1 named[4862]: client 172.18.52.57#1846: no more
> recursive
> clients: quota reached
>
>
> Regards,
> Nayeem.
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf
> Of Stephane Bortzmeyer
> Sent: Tuesday, July 10, 2007 6:19 PM
> To: Nayeem
> Cc: bind-users at isc.org
> Subject: Re: Problem with some domains and some domain resolved
>
> On Tue, Jul 10, 2007 at 05:29:58PM +0300,
> Nayeem <nayeem at ksa.zajil.com> wrote
> a message of 63 lines which said:
>
> > Is it really DNS problem or network problem.
>
> I do not know but I can send a few free advices.
>
> > [root at ns1 named]# nslookup
>
> Use dig to debug, nslookup is deprecated and brings its own problems.
>
> > > www.cnn.com
> >
> > Server: 127.0.0.1
> >
> > Address: 127.0.0.1#53
> >
> >
> >
> > ** server can't find www.cnn.com: SERVFAIL
>
> What software does 127.0.0.1 run? BIND, of course, but which one? Can
> you go to CNN's name servers directly:
>
> dig @twdns-01.ns.aol.com. ANY cnn.com
>
> If no, use ping and traceroute to see if it is a network problem.
>
> > > www.google.com
> >
> > ;; connection timed out; no servers could be reached
>
> Same question.
>
> > So please tell me where to trace this problem.
>
> 1) Read the BIND log. This is mandatory.
>
> 2) [Much more difficult] Run tcpdump on the name server. Something
> like 'tcpdump -n port 53'.
>
>
>
>
More information about the bind-users
mailing list