Recursive queries fail if query source port is not fixed
JINMEI Tatuya / 神明達哉
Jinmei_Tatuya at isc.org
Fri Oct 17 22:56:59 UTC 2008
At Wed, 10 Sep 2008 13:59:36 +0200,
"Hans F. Nordhaug" <Hans.F.Nordhaug at hiMolde.no> wrote:
> I finally learned some more about the Cisco ASA and was able to
> capture all packages to and from the name server. When the recursive
> requests fail, there is no trace of communication on the ASA - not
> even the first outgoing package in the recursive request. It seems the
> name server fails to send the request (or that the ASA is stopping
> without logging it) - what's going on? I can also see that when the
> request completes successfully (after 2-3 or 10+ tries), it does the
> complete recursive request - it's not completing because it has cached
> the authorative name server(s).
>
> For some reason I couldn't find sockstat on the (CentOS) box that runs
> bind...
Do you still have this problem? If so, please first try the latest
beta versions (or at least the P2 version). If the problem still
happens, please let us know again. It might then be necessary to
apply some specific debugging patch to diagnose the problem.
Thanks,
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list