BIND 9.7 behavior - lack of response causes

Fr34k freaknetboy at yahoo.com
Tue Apr 5 13:30:10 UTC 2011 


----- Original Message ----
> From: Mark Andrews <marka at isc.org>
> To: Fr34k <freaknetboy at yahoo.com>
> Cc: Bindlist <bind-users at isc.org>
> Sent: Mon, April 4, 2011 9:02:35 PM
> Subject: Re: BIND 9.7 behavior - lack of response causes
> 
> 
> What do you have lame-ttl set to?

I don't.  That is, I don't have lame-ttl explicitly listed in my named.conf.

> 
> In message <361220.19486.qm at web121407.mail.ne1.yahoo.com>,  Fr34k writes:
> > Hello,
> > 
> > Given:  BIND 9.7.2-P2 on  Solaris 10.
> > 
> > For about an hour, I had a network event where a  caching DNS server could 
>not
> >  
> > get recursive queries back  from authoritative DNS servers on the Internet.
> > 
> > Obviously, this  is a problem.
> > 
> > Moreover, the authority for our most popular  hostnames have set very low 
>TTLs
> >  
> > (less than a minute), so  nothing in cache for the server to call upon during 
>
> > this hour long  event.
> > 
> > Yuck.
> > 
> > A snoop of port 53 traffic at the  time shows client PCs requested hostname 
> > resolution -- as they would  normally do.
> > 
> > Now, for the interesting part.
> > 
> >  >From the same snoop of traffic, the caching DNS server did not send ANY  
>resp
> > onse 
> > back to these PC clients for these low TTL popular  hostnames.
> > 
> > Keep in mind that I did snoop until *after* the  event started.
> > 
> > So, it may be the case that some BIND mechanism  was behaving appropriate for 
>
> > queries which it could not act upon.   I can appreciate that BIND makes 
>decisi
> > ons 
> > with network  performance in mind.
> > 
> > In my attempts to understand negative  caching, Sections 7.1 and 7.2 of RFC 
>23
> > 08 
> > list Server Failure  and Dead / Unreachable Server as "(OPTIONAL)" 
utilities.
> > 
> > Bind  9.7 ARM says that "the server stores negative answers" for (default) 3 

> >  hours; however, I'm not sure what the expected BIND behavior is.
> > 
> > Would some mechanism, such has max-ncache-ttl or clients-per-query, be 
> > responsible for this lack of return traffic?
> > 
> > Anyone  have ideas to share?
> > 
> > Thank you.
> > 
> >  _______________________________________________
> > bind-users mailing  list
> > bind-users at lists.isc.org
> > https://lists.isc.org/mailman/listinfo/bind-users
> -- 
> Mark Andrews,  ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871  4742                 INTERNET: marka at isc.org
>

More information about the bind-users mailing list