[ghicks at hicks-net.net: Re: noob; looks like a caching issue?]--solved
Jay G. Scott
gl at arlut.utexas.edu
Tue May 25 20:21:24 UTC 2010
okay, just got the answer -- problem with the firewall.
our firewall was doing a stateful inspection of dns packets,
and botching it somehow. (i didn't hear the details.)
the inspection was turned off, and now, the problem
i talked about here AND another problem i was having
both got fixed.
lucky me.
(FWIW i did try this w/ a somewhat later version of bind
on solaris, didn't help.)
thanks for trying to help.
j.
----- Forwarded message from Gregory Hicks <ghicks at hicks-net.net> -----
Date: Tue, 25 May 2010 13:10:10 -0700 (PDT)
From: Gregory Hicks <ghicks at hicks-net.net>
To: gl at arlut.utexas.edu
Cc: ghicks at hicks-net.net
Subject: Re: noob; looks like a caching issue?
X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.5.7 SunOS 5.9 sun4u sparc
> Date: Tue, 25 May 2010 14:45:37 -0500
> From: "Jay G. Scott" <gl at arlut.utexas.edu>
> To: bind-users at lists.isc.org
> Subject: noob; looks like a caching issue?
>
>
> my setup:
> linux/redhat name servers
> bind-9.3.6-4.P1.el5_4.2
Jay:
I'd advise upgrading to a later version of bind and dig if you can.
I've got BIND 9.6.1-P1 w/dig 9.6.1-P1 running. The query
dig weather.gov
worked for me the first time. (IOW, no errors...)
As for your query as to WHY your first query failed but, when followed
by another query, that second query succeeded, it could be that the
response back to BIND took longer than BIND expected so BIND issued the
SERVFAIL to you. However, in the background, the expected response WAS
received and cached. Then when you queried again, BIND provided the
cached response.
Regards,
Gregory Hicks
>
>
> beginning yesterday i'm seeing something i haven't seen before.
> if i do this (for example):
> # dig weather.gov +short
> ;; connection timed out; no servers could be reached
> and then immediately do this:
> # dig weather.gov +short
> 140.90.113.200
>
> the first line takes a while to fail. i do an up arrow and return,
> and the second command responds instantly.
>
>
> MOST THINGS ARE WORKING FINE. i've only found two addresses
> w/ this fail-then-work problem. the other is
> rs.dns-oarc.net
> i'm being told this is a problem with their name servers;
> in the specific case of dns-oarc.net i find that
> particularly hard to believe. once it works it will continue
> to work if i keep doing the command rapidly. if i let it
> sit for a while, then i can get the failure again. that's
> probably my cache doing the right thing. what i can't figure
> out is this fail-then-work behavior. oh, i've checked the
> logs. there's zillions of messages about notifies and
> transfers. once i clean those out, i don't see anything
> interesting at all.
>
>
>
> now i'm also getting this:
> (the first response doesn't have answers, the second does.
> but i'm NOT getting "no servers....")
> # dig weather.gov
>
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> weather.gov
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35953
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;weather.gov. IN A
>
> ;; Query time: 834 msec
> ;; SERVER: 146.6.211.1#53(146.6.211.1)
> ;; WHEN: Tue May 25 14:28:03 2010
> ;; MSG SIZE rcvd: 29
>
>
> # dig weather.gov
>
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> weather.gov
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18861
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
>
> ;; QUESTION SECTION:
> ;weather.gov. IN A
>
> ;; ANSWER SECTION:
> weather.gov. 490 IN A 140.90.113.200
>
> ;; AUTHORITY SECTION:
> weather.gov. 33577 IN NS ns-mw.noaa.gov.
> weather.gov. 33577 IN NS ns-nw.noaa.gov.
> weather.gov. 33577 IN NS ns-e.noaa.gov.
>
> ;; ADDITIONAL SECTION:
> ns-e.noaa.gov. 74082 IN A 140.90.33.237
> ns-nw.noaa.gov. 74082 IN A 161.55.32.2
> ns-mw.noaa.gov. 74082 IN A 140.172.17.237
>
> ;; Query time: 7 msec
> ;; SERVER: 216.136.95.2#53(216.136.95.2)
> ;; WHEN: Tue May 25 14:28:17 2010
> ;; MSG SIZE rcvd: 157
>
> i'm relatively new at named/bind. can someone shed some light
> on this?
>
> j.
>
> --
> Jay Scott 512-835-3553 gl at arlut.utexas.edu
> Head of Sun Support, Sr. Operating Systems Specialist
> Applied Research Labs, Computer Science Div. S224
> University of Texas at Austin
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
---------------------------------------------------------------------
Gregory Hicks | Principal Systems Engineer
| Direct: 408.569.7928
People sleep peaceably in their beds at night only because rough men
stand ready to do violence on their behalf -- George Orwell
The price of freedom is eternal vigilance. -- Thomas Jefferson
"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton
----- End forwarded message -----
--
Jay Scott 512-835-3553 gl at arlut.utexas.edu
Head of Sun Support, Sr. Operating Systems Specialist
Applied Research Labs, Computer Science Div. S224
University of Texas at Austin
More information about the bind-users
mailing list