[ghicks at hicks-net.net: Re: noob; looks like a caching issue?]--solved

Jay G. Scott gl at arlut.utexas.edu
Tue May 25 20:21:24 UTC 2010 

okay, just got the answer -- problem with the firewall.
our firewall was doing a stateful inspection of dns packets,
and botching it somehow.  (i didn't hear the details.)
the inspection was turned off, and now, the problem
i talked about here AND another problem i was having
both got fixed.

lucky me.

(FWIW i did try this w/ a somewhat later version of bind
on solaris, didn't help.)

thanks for trying to help.

j.


----- Forwarded message from Gregory Hicks <ghicks at hicks-net.net> -----

Date: Tue, 25 May 2010 13:10:10 -0700 (PDT)
From: Gregory Hicks <ghicks at hicks-net.net>
To: gl at arlut.utexas.edu
Cc: ghicks at hicks-net.net
Subject: Re: noob; looks like a caching issue?
X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.5.7 SunOS 5.9 sun4u sparc 


> Date: Tue, 25 May 2010 14:45:37 -0500
> From: "Jay G. Scott" <gl at arlut.utexas.edu>
> To: bind-users at lists.isc.org
> Subject: noob; looks like a caching issue?
> 
> 
> my setup:
> linux/redhat name servers
> bind-9.3.6-4.P1.el5_4.2

Jay:

I'd advise upgrading to a later version of bind and dig if you can.

I've got BIND 9.6.1-P1 w/dig 9.6.1-P1 running.  The query

dig weather.gov

worked for me the first time.  (IOW, no errors...)

As for your query as to WHY your first query failed but, when followed 
by another query, that second query succeeded, it could be that the 
response back to BIND took longer than BIND expected so BIND issued the 
SERVFAIL to you.  However, in the background, the expected response WAS 
received and cached.  Then when you queried again, BIND provided the 
cached response.

Regards,
Gregory Hicks

> 
> 
> beginning yesterday i'm seeing something i haven't seen before.
> 	  if i do this (for example):
> # dig weather.gov +short
> ;; connection timed out; no servers could be reached
> 	and then immediately do this:
> # dig weather.gov +short
> 140.90.113.200
> 
> the first line takes a while to fail.  i do an up arrow and return,
> and the second command responds instantly.
> 
> 
> MOST THINGS ARE WORKING FINE.  i've only found two addresses
> w/ this fail-then-work problem.  the other is
> rs.dns-oarc.net
> i'm being told this is a problem with their name servers;
> in the specific case of dns-oarc.net i find that
> particularly hard to believe.  once it works it will continue
> to work if i keep doing the command rapidly.  if i let it
> sit for a while, then i can get the failure again.  that's
> probably my cache doing the right thing.  what i can't figure
> out is this fail-then-work behavior.  oh, i've checked the
> logs.  there's zillions of messages about notifies and
> transfers.  once i clean those out, i don't see anything
> interesting at all.
> 
> 
> 
> now i'm also getting  this:
> (the first response doesn't have answers, the second does.
> but i'm NOT getting "no servers....")
> # dig weather.gov
> 
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> weather.gov
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 35953
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;weather.gov.                   IN      A
> 
> ;; Query time: 834 msec
> ;; SERVER: 146.6.211.1#53(146.6.211.1)
> ;; WHEN: Tue May 25 14:28:03 2010
> ;; MSG SIZE  rcvd: 29
> 
> 
> # dig weather.gov
> 
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> weather.gov
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18861
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
> 
> ;; QUESTION SECTION:
> ;weather.gov.                   IN      A
> 
> ;; ANSWER SECTION:
> weather.gov.            490     IN      A       140.90.113.200
> 
> ;; AUTHORITY SECTION:
> weather.gov.            33577   IN      NS      ns-mw.noaa.gov.
> weather.gov.            33577   IN      NS      ns-nw.noaa.gov.
> weather.gov.            33577   IN      NS      ns-e.noaa.gov.
> 
> ;; ADDITIONAL SECTION:
> ns-e.noaa.gov.          74082   IN      A       140.90.33.237
> ns-nw.noaa.gov.         74082   IN      A       161.55.32.2
> ns-mw.noaa.gov.         74082   IN      A       140.172.17.237
> 
> ;; Query time: 7 msec
> ;; SERVER: 216.136.95.2#53(216.136.95.2)
> ;; WHEN: Tue May 25 14:28:17 2010
> ;; MSG SIZE  rcvd: 157
> 
> 	i'm relatively new at named/bind.  can someone shed some light
> on this?
> 
> j.
> 
> -- 
> Jay Scott		512-835-3553		gl at arlut.utexas.edu
> Head of Sun Support, Sr. Operating Systems Specialist
> Applied Research Labs, Computer Science Div.                   S224
> University of Texas at Austin
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

---------------------------------------------------------------------
Gregory Hicks                           | Principal Systems Engineer
                                        | Direct:   408.569.7928

People sleep peaceably in their beds at night only because rough men
stand ready to do violence on their behalf -- George Orwell

The price of freedom is eternal vigilance.  -- Thomas Jefferson

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

----- End forwarded message -----

-- 
Jay Scott		512-835-3553		gl at arlut.utexas.edu
Head of Sun Support, Sr. Operating Systems Specialist
Applied Research Labs, Computer Science Div.                   S224
University of Texas at Austin

More information about the bind-users mailing list