No such Name, and 5second dns delay.
Barry Margolin
barmar at alum.mit.edu
Mon Mar 1 03:30:11 UTC 2010
In article <mailman.671.1267407068.21153.bind-users at lists.isc.org>,
Tory M Blue <tmblue at gmail.com> wrote:
> On Sun, Feb 28, 2010 at 4:16 PM, Barry Margolin <barmar at alum.mit.edu> wrote:
> >
> > There are probably at least a half dozen queries that occur in
> > performing that command. Which of these resulted in the "No such name"
> > response?
> >
> > What was in the Question section of that response, i.e. specifically
> > which name did it say doesn't exist?
> >
> >>
> >> the 5 second delay is just really odd and trying to run it down. Is
> >> there more debug type logs I could turn on that would yield more
> >> information?
> >
> > The packet capture should provide the detailed information.
> >
>
> Thanks again Barry. Since I'm a tad new at troubleshooting, I'm going
> to attempt to provide the data that you require.
>
> Even in the snipet of logs I captured, I can only believe that the "no
> such name" was the qdb.domain.com
> i'm hoping this is what you were asking for,
Yes, although I don't see how this is related to looking up
apps.domain.com. I think this is unrelated to the delay problem you're
experiencing, and it's coincidence that something happened to look up
this nonexistent name at the same time. Is the name qdb.domain.com
supposed to exist?
It sure would help if you didn't obscure the actual domain you're
dealing with. How are we supposed to tell you if there's a problem with
the domain if you don't tell us what domain it is?
>
> Also I could be barking up the wrong tree, but I can't find where that
> 5 second delay is coming from and the timed dig command with the
> +trace at least provides it to me on occasion. I don't see the 5
> second with numerous host calls, so again I'm kind of shooting in the
> dark (in the dark with data).
>
> -Tory
>
> No. Time Source Destination Protocol Info
> 163 8.822323 10.13.200.154 0.0.0.15 DNS
> Standard query A qdb.domain.com
>
> Frame 163 (77 bytes on wire, 77 bytes captured)
> Arrival Time: Feb 27, 2010 15:52:41.146884000
> [Time delta from previous captured frame: 0.000036000 seconds]
> [Time delta from previous displayed frame: 0.000036000 seconds]
> [Time since reference or first frame: 8.822323000 seconds]
> Frame Number: 163
> Frame Length: 77 bytes
> Capture Length: 77 bytes
> [Frame is marked: False]
> [Protocols in frame: eth:ip:udp:dns]
> [Coloring Rule Name: ___tmp_color_filter___01]
> [Coloring Rule String: dns.flags.recdesired == 0]
> Ethernet II, Src: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7), Dst:
> F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> Destination: F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> Address: F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
> .... ..0. .... .... .... .... = LG bit: Globally unique
> address (factory default)
> Source: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> Address: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
> .... ..0. .... .... .... .... = LG bit: Globally unique
> address (factory default)
> Type: IP (0x0800)
> Internet Protocol, Src: 10.13.200.154 (10.13.200.154), Dst: 0.0.0.15
> (0.0.0.15)
> Version: 4
> Header length: 20 bytes
> Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
> Total Length: 63
> Identification: 0x0000 (0)
> Flags: 0x02 (Don't Fragment)
> 0.. = Reserved bit: Not Set
> .1. = Don't fragment: Set
> ..0 = More fragments: Not Set
> Fragment offset: 0
> Time to live: 64
> Protocol: UDP (0x11)
> Header checksum: 0x76fe [correct]
> [Good: True]
> [Bad : False]
> Source: 10.13.200.154 (10.13.200.154)
> Destination: 0.0.0.15 (0.0.0.15)
> User Datagram Protocol, Src Port: 57269 (57269), Dst Port: domain (53)
> Source port: 57269 (57269)
> Destination port: domain (53)
> Length: 43
> Checksum: 0xc3ec [validation disabled]
> [Good Checksum: False]
> [Bad Checksum: False]
> Domain Name System (query)
> [Response In: 164]
> Transaction ID: 0x460d
> Flags: 0x0000 (Standard query)
> 0... .... .... .... = Response: Message is a query
> .000 0... .... .... = Opcode: Standard query (0)
> .... ..0. .... .... = Truncated: Message is not truncated
> .... ...0 .... .... = Recursion desired: Don't do query recursively
> .... .... .0.. .... = Z: reserved (0)
> .... .... ...0 .... = Non-authenticated data OK:
> Non-authenticated data is unacceptable
> Questions: 1
> Answer RRs: 0
> Authority RRs: 0
> Additional RRs: 0
> Queries
> qdb.domain.com: type A, class IN
> Name: qdb.domain.com
> Type: A (Host address)
> Class: IN (0x0001)
>
> No. Time Source Destination Protocol Info
> 164 8.822818 0.0.0.15 10.13.200.154 DNS
> Standard query response, No such name
>
> Frame 164 (126 bytes on wire, 126 bytes captured)
> Arrival Time: Feb 27, 2010 15:52:41.147379000
> [Time delta from previous captured frame: 0.000495000 seconds]
> [Time delta from previous displayed frame: 0.000495000 seconds]
> [Time since reference or first frame: 8.822818000 seconds]
> Frame Number: 164
> Frame Length: 126 bytes
> Capture Length: 126 bytes
> [Frame is marked: False]
> [Protocols in frame: eth:ip:udp:dns]
> [Coloring Rule Name: ___tmp_color_filter___01]
> [Coloring Rule String: dns.flags.recdesired == 0]
> Ethernet II, Src: F5Networ_67:e6:85 (00:01:d7:67:e6:85), Dst:
> Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> Destination: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> Address: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
> .... ..0. .... .... .... .... = LG bit: Globally unique
> address (factory default)
> Source: F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> Address: F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
> .... ..0. .... .... .... .... = LG bit: Globally unique
> address (factory default)
> Type: IP (0x0800)
> Internet Protocol, Src: 0.0.0.15 (0.0.0.15), Dst: 10.13.200.154
> (10.13.200.154)
> Version: 4
> Header length: 20 bytes
> Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
> Total Length: 112
> Identification: 0x807a (32890)
> Flags: 0x02 (Don't Fragment)
> 0.. = Reserved bit: Not Set
> .1. = Don't fragment: Set
> ..0 = More fragments: Not Set
> Fragment offset: 0
> Time to live: 255
> Protocol: UDP (0x11)
> Header checksum: 0x3752 [correct]
> [Good: True]
> [Bad : False]
> Source: 0.0.0.15 (0.0.0.15)
> Destination: 10.13.200.154 (10.13.200.154)
> User Datagram Protocol, Src Port: domain (53), Dst Port: 57269 (57269)
> Source port: domain (53)
> Destination port: 57269 (57269)
> Length: 92
> Checksum: 0x1cf7 [validation disabled]
> [Good Checksum: False]
> [Bad Checksum: False]
> Domain Name System (response)
> [Request In: 163]
> [Time: 0.000495000 seconds]
> Transaction ID: 0x460d
> Flags: 0x8483 (Standard query response, No such name)
> 1... .... .... .... = Response: Message is a response
> .000 0... .... .... = Opcode: Standard query (0)
> .... .1.. .... .... = Authoritative: Server is an authority for
> domain
> .... ..0. .... .... = Truncated: Message is not truncated
> .... ...0 .... .... = Recursion desired: Don't do query recursively
> .... .... 1... .... = Recursion available: Server can do
> recursive queries
> .... .... .0.. .... = Z: reserved (0)
> .... .... ..0. .... = Answer authenticated: Answer/authority
> portion was not authenticated by the server
> .... .... .... 0011 = Reply code: No such name (3)
> Questions: 1
> Answer RRs: 0
> Authority RRs: 1
> Additional RRs: 0
> Queries
> qdb.domain.com: type A, class IN
> Name: qdb.domain.com
> Type: A (Host address)
> Class: IN (0x0001)
> Authoritative nameservers
> domain.com: type SOA, class IN, mname ns1.domain.com
> Name: domain.com
> Type: SOA (Start of zone of authority)
> Class: IN (0x0001)
> Time to live: 5 minutes
> Data length: 37
> Primary name server: ns1.domain.com
> Responsible authority's mailbox: domadmin.domain.com
> Serial number: 2010021107
> Refresh interval: 10 minutes
> Retry interval: 5 minutes
> Expiration limit: 14 days
> Minimum TTL: 5 minutes
>
> No. Time Source Destination Protocol Info
> 165 8.846412 193.0.14.129 10.13.200.154 DNS
> Standard query response
>
> Frame 165 (537 bytes on wire, 537 bytes captured)
> Arrival Time: Feb 27, 2010 15:52:41.170973000
> [Time delta from previous captured frame: 0.023594000 seconds]
> [Time delta from previous displayed frame: 0.023594000 seconds]
> [Time since reference or first frame: 8.846412000 seconds]
> Frame Number: 165
> Frame Length: 537 bytes
> Capture Length: 537 bytes
> [Frame is marked: True]
> [Protocols in frame: eth:ip:udp:dns]
> [Coloring Rule Name: UDP]
> [Coloring Rule String: udp]
> Ethernet II, Src: F5Networ_67:e6:85 (00:01:d7:67:e6:85), Dst:
> Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> Destination: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> Address: Dell_dd:b4:b7 (00:19:b9:dd:b4:b7)
> .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
> .... ..0. .... .... .... .... = LG bit: Globally unique
> address (factory default)
> Source: F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> Address: F5Networ_67:e6:85 (00:01:d7:67:e6:85)
> .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
> .... ..0. .... .... .... .... = LG bit: Globally unique
> address (factory default)
> Type: IP (0x0800)
> Internet Protocol, Src: 193.0.14.129 (193.0.14.129), Dst:
> 10.13.200.154 (10.13.200.154)
> Version: 4
> Header length: 20 bytes
> Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
> Total Length: 523
> Identification: 0x7a7a (31354)
> Flags: 0x00
> 0.. = Reserved bit: Not Set
> .0. = Don't fragment: Not Set
> ..0 = More fragments: Not Set
> Fragment offset: 0
> Time to live: 54
> Protocol: UDP (0x11)
> Header checksum: 0x663f [correct]
> [Good: True]
> [Bad : False]
> Source: 193.0.14.129 (193.0.14.129)
> Destination: 10.13.200.154 (10.13.200.154)
> User Datagram Protocol, Src Port: domain (53), Dst Port: 57267 (57267)
> Source port: domain (53)
> Destination port: 57267 (57267)
> Length: 503
> Checksum: 0x6463 [validation disabled]
> [Good Checksum: False]
> [Bad Checksum: False]
> Domain Name System (response)
> [Request In: 149]
> [Time: 0.165116000 seconds]
> Transaction ID: 0x7e31
> Flags: 0x8000 (Standard query response, No error)
> 1... .... .... .... = Response: Message is a response
> .000 0... .... .... = Opcode: Standard query (0)
> .... .0.. .... .... = Authoritative: Server is not an
> authority for domain
> .... ..0. .... .... = Truncated: Message is not truncated
> .... ...0 .... .... = Recursion desired: Don't do query recursively
> .... .... 0... .... = Recursion available: Server can't do
> recursive queries
> .... .... .0.. .... = Z: reserved (0)
> .... .... ..0. .... = Answer authenticated: Answer/authority
> portion was not authenticated by the server
> .... .... .... 0000 = Reply code: No error (0)
> Questions: 1
> Answer RRs: 0
> Authority RRs: 13
> Additional RRs: 14
> Queries
> qdb.domain.com: type A, class IN
> Name: qdb.domain.com
> Type: A (Host address)
> Class: IN (0x0001)
> Authoritative nameservers
> net: type NS, class IN, ns a.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 17
> Name server: a.gtld-servers.net
> net: type NS, class IN, ns b.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: b.gtld-servers.net
> net: type NS, class IN, ns c.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: c.gtld-servers.net
> net: type NS, class IN, ns d.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: d.gtld-servers.net
> net: type NS, class IN, ns e.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: e.gtld-servers.net
> net: type NS, class IN, ns f.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: f.gtld-servers.net
> net: type NS, class IN, ns g.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: g.gtld-servers.net
> net: type NS, class IN, ns h.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: h.gtld-servers.net
> net: type NS, class IN, ns i.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: i.gtld-servers.net
> net: type NS, class IN, ns j.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: j.gtld-servers.net
> net: type NS, class IN, ns k.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: k.gtld-servers.net
> net: type NS, class IN, ns l.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: l.gtld-servers.net
> net: type NS, class IN, ns m.gtld-servers.net
> Name: net
> Type: NS (Authoritative name server)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Name server: m.gtld-servers.net
> Additional records
> a.gtld-servers.net: type A, class IN, addr 192.5.6.30
> Name: a.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.5.6.30
> b.gtld-servers.net: type A, class IN, addr 192.33.14.30
> Name: b.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.33.14.30
> c.gtld-servers.net: type A, class IN, addr 192.26.92.30
> Name: c.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.26.92.30
> d.gtld-servers.net: type A, class IN, addr 192.31.80.30
> Name: d.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.31.80.30
> e.gtld-servers.net: type A, class IN, addr 192.12.94.30
> Name: e.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.12.94.30
> f.gtld-servers.net: type A, class IN, addr 192.35.51.30
> Name: f.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.35.51.30
> g.gtld-servers.net: type A, class IN, addr 192.42.93.30
> Name: g.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.42.93.30
> h.gtld-servers.net: type A, class IN, addr 192.54.112.30
> Name: h.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.54.112.30
> i.gtld-servers.net: type A, class IN, addr 192.43.172.30
> Name: i.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.43.172.30
> j.gtld-servers.net: type A, class IN, addr 192.48.79.30
> Name: j.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.48.79.30
> k.gtld-servers.net: type A, class IN, addr 192.52.178.30
> Name: k.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.52.178.30
> l.gtld-servers.net: type A, class IN, addr 192.41.162.30
> Name: l.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.41.162.30
> m.gtld-servers.net: type A, class IN, addr 192.55.83.30
> Name: m.gtld-servers.net
> Type: A (Host address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 4
> Addr: 192.55.83.30
> a.gtld-servers.net: type AAAA, class IN, addr 2001:503:a83e::2:30
> Name: a.gtld-servers.net
> Type: AAAA (IPv6 address)
> Class: IN (0x0001)
> Time to live: 2 days
> Data length: 16
> Addr: 2001:503:a83e::2:30
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list