Bind not caching AAAA records
Mark Andrews
marka at isc.org
Sat Mar 2 00:44:08 UTC 2013
In message <CAEy9Ut761zwgkMvb4JtXc-fPpWE4duXDWLOgJXEtGW-rW6pN7w at mail.gmail.com>
, Stephen Wood writes:
>
> Thank you for the response, Mark!
>
> It's comforting to know that it's not something I have misconfigured on my
> end.
>
> Just a followup question, can you point me in a direction for learning
> about what a "good" or "cachable" AAAA answer would be? How do I ascertain
> the quality of results I'm getting from my upstream DNS server?
Here is a example of a incorrect SOA being returned. The correct
SOA should be for refer.ccbill.com not ccbill.com as refer.ccbill.com
is the name of the delegated zone. This is the end of the output
from "dig +trace refer.ccbill.com AAAA".
refer.ccbill.com. 3600 IN NS gtm1.cwie.net.
refer.ccbill.com. 3600 IN NS gtm3.cwie.net.
refer.ccbill.com. 3600 IN NS gtm2.cwie.net.
;; Received 110 bytes from 64.38.242.21#53(ns5.ccbill.com) in 1696 ms
ccbill.com. 60 IN SOA gtm1.cwie.net. hostmaster.gtm1.cwie.net. 16 10800 3600 604800 60
;; Received 105 bytes from 64.38.242.14#53(gtm3.cwie.net) in 198 ms
If you grep your logs for FORMERR you will likely find lots of
examples which is how I picked this example.
01-Mar-2013 12:55:22.435 error (FORMERR) resolving 'refer.ccbill.com/AAAA/IN': 64.38.242.14#53
Mark
> On Fri, Mar 1, 2013 at 4:02 PM, Mark Andrews <marka at isc.org> wrote:
>
> >
> > In message <CAEy9Ut5ooYJCcSXi3aHCnZz5vD578yqsBpNoTzw3Xmh=
> > BZmjOA at mail.gmail.com>
> > , Stephen Wood writes:
> > >
> > > Hello.
> > >
> > > I have bind set up as a cache and forwarder only. I am having trouble
> > > getting bind to cache AAAA records. I can see from the rndc stats file
> > that
> > > A records are being cached quite nicely, but all AAAA requests are
> > flowing
> > > through to the upstream servers.
> >
> > Unfortunately some load balancers don't return good / cacheable
> > negative answers for AAAA queries. They either have no SOA record
> > or return the wrong SOA record.
> >
> > > Here's a snippet from my stats file:
> > >
> > > ++ Incoming Queries ++
> > > 17394 A
> > > 17387 AAAA
> > > ++ Outgoing Queries ++
> > > [View: default]
> > > 202 A
> > > 17354 AAAA
> > >
> > > Unless I'm reading the stats output, it looks like all of the AAAA
> > requests
> > > are cache misses.
> > >
> > > My bind.conf.options file has the following contents:
> > >
> > > options {
> > > recursing-file "/etc/bind/bind.recurse";
> > > forward only;
> > >
> > > minimal-responses yes;
> > >
> > > statistics-file "/etc/bind/stats";
> > >
> > > forwarders {
> > > 172.16.0.23;
> > > } ;
> > >
> > > recursive-clients 10000;
> > >
> > > allow-query { any ; } ;
> > > allow-recursion { any ; } ;
> > > listen-on { any ; };
> > > listen-on-v6 { any ; };
> > >
> > > recursion yes;
> > > };
> > >
> > >
> > > The contents of my /etc/defaults/bind9 file is as follows:
> > >
> > > //
> > > # run resolvconf?
> > > RESOLVCONF=no
> > >
> > > # startup options for the server
> > > OPTIONS="-u bind"
> > > //
> > >
> > > My operating system is Ubuntu 12.04.
> > >
> > > Is there someone that can point me in the right direction? I tried
> > googling
> > > "Bind9 AAAA record not caching" and things like "bind AAAA cache hit" but
> > > can't seem to figure out what's happening.
> > >
> > > --047d7b603bce0e609504d6e57a83
> > > Content-Type: text/html; charset=ISO-8859-1
> > > Content-Transfer-Encoding: quoted-printable
> > >
> > > Hello.<div><br></div><div>I have bind set up as a cache and forwarder
> > only.=
> > > I am having trouble getting bind to cache AAAA records. I can see from
> > the=
> > > rndc stats file that A records are being cached quite nicely, but all
> > AAAA=
> > > requests are flowing through to the upstream servers.</div>
> > >
> > > <div><br></div><div>Here's a snippet from my stats
> > file:</div><div><br>=
> > > </div><div><div>++ Incoming Queries ++</div><div>=A0 =A0 =A0 =A0 =A0 =A0
> > =
> > > =A0 =A017394 A</div><div>=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A017387
> > AAAA</div><di=
> > > v>++ Outgoing Queries ++</div>
> > >
> > > <div>[View: default]</div><div>=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0202
> > A</di=
> > > v><div>=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A017354
> > AAAA</div></div><div><br></div>=
> > > <div>Unless I'm reading the stats output, it looks like all of the
> > AAAA=
> > > requests are cache misses.</div>
> > >
> > > <div><br></div><div>My bind.conf.options file has the following
> > contents:</=
> > > div><div><br></div><div><div>options {</div><div>=A0 =A0 recursing-file
> > &qu=
> > > ot;/etc/bind/bind.recurse";</div><div>=A0 =A0 forward
> > only;</div><div>=
> > > <br>
> > >
> > > </div><div>=A0 =A0 minimal-responses yes;</div><div><br></div><div>=A0
> > =A0 =
> > > statistics-file
> > "/etc/bind/stats";</div><div><br></div><div>=A0 =
> > > =A0 forwarders {</div><div>=A0 =A0 =A0 =A0 172.16.0.23;</div><div>=A0
> > =A0 }=
> > > ;</div><div><br></div>
> > >
> > > <div>=A0 =A0 recursive-clients 10000;</div><div><br></div><div>=A0 =A0
> > allo=
> > > w-query { any ; } ;</div><div>=A0 =A0 allow-recursion { any ; }
> > ;</div><div=
> > > >=A0 =A0 listen-on { any ; };</div><div>=A0 =A0 listen-on-v6 { any ;
> > };</di=
> > > v><div><br></div>
> > >
> > > <div>=A0 =A0 recursion
> > yes;</div><div>};</div><div><br></div></div><div><br=
> > > ></div><div>The contents of my /etc/defaults/bind9 file is as
> > follows:</div=
> > > ><div><br></div><div>//</div><div><div># run
> > resolvconf?</div><div>RESOLVCO=
> > > NF=3Dno</div>
> > >
> > > <div><br></div><div># startup options for the
> > server</div><div>OPTIONS=3D&q=
> > > uot;-u bind"</div></div><div>//</div><div><br></div><div>My
> > operating =
> > > system is Ubuntu 12.04.=A0</div><div><br></div><div>Is there someone
> > that c=
> > > an point me in the right direction? I tried googling "Bind9 AAAA
> > recor=
> > > d not caching" and things like "bind AAAA cache hit" but
> > can=
> > > 't seem to figure out what's happening.</div>
> > >
> > >
> > > --047d7b603bce0e609504d6e57a83--
> > >
> > > --===============6431643929279798256==
> > > Content-Type: text/plain; charset="us-ascii"
> > > MIME-Version: 1.0
> > > Content-Transfer-Encoding: 7bit
> > > Content-Disposition: inline
> > >
> > > _______________________________________________
> > > Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> > unsubscribe
> > > from this list
> > >
> > > bind-users mailing list
> > > bind-users at lists.isc.org
> > > https://lists.isc.org/mailman/listinfo/bind-users
> > > --===============6431643929279798256==--
> > --
> > Mark Andrews, ISC
> > 1 Seymour St., Dundas Valley, NSW 2117, Australia
> > PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
> >
>
> --047d7b621afcc5a35b04d6e5e8a4
> Content-Type: text/html; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
>
> Thank you for the response, Mark!<div><br></div><div>It's comforting to=
> know that it's not something I have misconfigured on my end.=A0</div><=
> div><br></div><div>Just a followup question, can you point me in a directio=
> n for learning about what a "good" or "cachable" AAAA a=
> nswer would be? How do I ascertain the quality of results I'm getting f=
> rom my upstream DNS server?</div>
>
> <div><br><div class=3D"gmail_quote">On Fri, Mar 1, 2013 at 4:02 PM, Mark An=
> drews <span dir=3D"ltr"><<a href=3D"mailto:marka at isc.org" target=3D"_bla=
> nk">marka at isc.org</a>></span> wrote:<br><blockquote class=3D"gmail_quote=
> " style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
>
> <br>
> In message <CAEy9Ut5ooYJCcSXi3aHCnZz5vD578yqsBpNoTzw3Xmh=3D<a href=3D"ma=
> ilto:BZmjOA at mail.gmail.com">BZmjOA at mail.gmail.com</a>><br>
> <div class=3D"im">, Stephen Wood writes:<br>
> ><br>
> > Hello.<br>
> ><br>
> > I have bind set up as a cache and forwarder only. I am having trouble<=
> br>
> > getting bind to cache AAAA records. I can see from the rndc stats file=
> that<br>
> > A records are being cached quite nicely, but all AAAA requests are flo=
> wing<br>
> > through to the upstream servers.<br>
> <br>
> </div>Unfortunately some load balancers don't return good / cacheable<b=
> r>
> negative answers for AAAA queries. =A0They either have no SOA record<br>
> or return the wrong SOA record.<br>
> <div><div class=3D"h5"><br>
> > Here's a snippet from my stats file:<br>
> ><br>
> > ++ Incoming Queries ++<br>
> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A017394 A<br>
> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A017387 AAAA<br>
> > ++ Outgoing Queries ++<br>
> > [View: default]<br>
> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0202 A<br>
> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A017354 AAAA<br>
> ><br>
> > Unless I'm reading the stats output, it looks like all of the AAAA=
> requests<br>
> > are cache misses.<br>
> ><br>
> > My bind.conf.options file has the following contents:<br>
> ><br>
> > options {<br>
> > =A0 =A0 recursing-file "/etc/bind/bind.recurse";<br>
> > =A0 =A0 forward only;<br>
> ><br>
> > =A0 =A0 minimal-responses yes;<br>
> ><br>
> > =A0 =A0 statistics-file "/etc/bind/stats";<br>
> ><br>
> > =A0 =A0 forwarders {<br>
> > =A0 =A0 =A0 =A0 172.16.0.23;<br>
> > =A0 =A0 } ;<br>
> ><br>
> > =A0 =A0 recursive-clients 10000;<br>
> ><br>
> > =A0 =A0 allow-query { any ; } ;<br>
> > =A0 =A0 allow-recursion { any ; } ;<br>
> > =A0 =A0 listen-on { any ; };<br>
> > =A0 =A0 listen-on-v6 { any ; };<br>
> ><br>
> > =A0 =A0 recursion yes;<br>
> > };<br>
> ><br>
> ><br>
> > The contents of my /etc/defaults/bind9 file is as follows:<br>
> ><br>
> > //<br>
> > # run resolvconf?<br>
> > RESOLVCONF=3Dno<br>
> ><br>
> > # startup options for the server<br>
> > OPTIONS=3D"-u bind"<br>
> > //<br>
> ><br>
> > My operating system is Ubuntu 12.04.<br>
> ><br>
> > Is there someone that can point me in the right direction? I tried goo=
> gling<br>
> > "Bind9 AAAA record not caching" and things like "bind A=
> AAA cache hit" but<br>
> > can't seem to figure out what's happening.<br>
> ><br>
> </div></div>> --047d7b603bce0e609504d6e57a83<br>
> > Content-Type: text/html; charset=3DISO-8859-1<br>
> > Content-Transfer-Encoding: quoted-printable<br>
> ><br>
> > Hello.<div><br></div><div>I have bind set up a=
> s a cache and forwarder only.=3D<br>
> > =A0I am having trouble getting bind to cache AAAA records. I can see f=
> rom the=3D<br>
> > =A0rndc stats file that A records are being cached quite nicely, but a=
> ll AAAA=3D<br>
> > =A0requests are flowing through to the upstream servers.</div><b=
> r>
> ><br>
> > <div><br></div><div>Here's a snippet f=
> rom my stats file:</div><div><br>=3D<br>
> > </div><div><div>++ Incoming Queries ++</div>&l=
> t;div>=3DA0 =3DA0 =3DA0 =3DA0 =3DA0 =3DA0 =3D<br>
> > =3DA0 =3DA017394 A</div><div>=3DA0 =3DA0 =3DA0 =3DA0 =3DA0=
> =3DA0 =3DA0 =3DA017387 AAAA</div><di=3D<br>
> > v>++ Outgoing Queries ++</div><br>
> ><br>
> > <div>[View: default]</div><div>=3DA0 =3DA0 =3DA0 =3D=
> A0 =3DA0 =3DA0 =3DA0 =3DA0 =3DA0202 A</di=3D<br>
> > v><div>=3DA0 =3DA0 =3DA0 =3DA0 =3DA0 =3DA0 =3DA0 =3DA017354 A=
> AAA</div></div><div><br></div>=3D<br>
> > <div>Unless I'm reading the stats output, it looks like =
> all of the AAAA=3D<br>
> > =A0requests are cache misses.</div><br>
> ><br>
> > <div><br></div><div>My bind.conf.options file =
> has the following contents:</=3D<br>
> > div><div><br></div><div><div>options =
> {</div><div>=3DA0 =3DA0 recursing-file &qu=3D<br>
> > ot;/etc/bind/bind.recurse";</div><div>=3DA0 =3DA0=
> forward only;</div><div>=3D<br>
> > <br><br>
> ><br>
> > </div><div>=3DA0 =3DA0 minimal-responses yes;</div>&=
> lt;div><br></div><div>=3DA0 =3DA0 =3D<br>
> > statistics-file "/etc/bind/stats";</div><di=
> v><br></div><div>=3DA0 =3D<br>
> > =3DA0 forwarders {</div><div>=3DA0 =3DA0 =3DA0 =3DA0 172.1=
> 6.0.23;</div><div>=3DA0 =3DA0 }=3D<br>
> > =A0;</div><div><br></div><br>
> ><br>
> > <div>=3DA0 =3DA0 recursive-clients 10000;</div><div>=
> <br></div><div>=3DA0 =3DA0 allo=3D<br>
> > w-query { any ; } ;</div><div>=3DA0 =3DA0 allow-recursion =
> { any ; } ;</div><div=3D<br>
> > >=3DA0 =3DA0 listen-on { any ; };</div><div>=3DA0 =3DA0=
> listen-on-v6 { any ; };</di=3D<br>
> > v><div><br></div><br>
> ><br>
> > <div>=3DA0 =3DA0 recursion yes;</div><div>};</div=
> ><div><br></div></div><div><br=3D<br>
> > ></div><div>The contents of my /etc/defaults/bind9 file=
> is as follows:</div=3D<br>
> > ><div><br></div><div>//</div><div&=
> gt;<div># run resolvconf?</div><div>RESOLVCO=3D<br>
> > NF=3D3Dno</div><br>
> ><br>
> > <div><br></div><div># startup options for the =
> server</div><div>OPTIONS=3D3D&q=3D<br>
> > uot;-u bind"</div></div><div>//</div>=
> <div><br></div><div>My operating =3D<br>
> > system is Ubuntu 12.04.=3DA0</div><div><br></div&=
> gt;<div>Is there someone that c=3D<br>
> > an point me in the right direction? I tried googling "Bind9 A=
> AAA recor=3D<br>
> > d not caching" and things like "bind AAAA cache hit&=
> amp;quot; but can=3D<br>
> > 't seem to figure out what's happening.</div><br=
> >
> ><br>
> ><br>
> > --047d7b603bce0e609504d6e57a83--<br>
> ><br>
> > --=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D6431643929279798256=3D=
> =3D<br>
> > Content-Type: text/plain; charset=3D"us-ascii"<br>
> > MIME-Version: 1.0<br>
> > Content-Transfer-Encoding: 7bit<br>
> > Content-Disposition: inline<br>
> ><br>
> > _______________________________________________<br>
> > Please visit <a href=3D"https://lists.isc.org/mailman/listinfo/bind-us=
> ers" target=3D"_blank">https://lists.isc.org/mailman/listinfo/bind-users</a=
> > to unsubscribe<br>
> > =A0from this list<br>
> ><br>
> > bind-users mailing list<br>
> > <a href=3D"mailto:bind-users at lists.isc.org">bind-users at lists.isc.org</=
> a><br>
> > <a href=3D"https://lists.isc.org/mailman/listinfo/bind-users" target=
> =3D"_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
> > --=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D6431643929279798256=3D=
> =3D--<br>
> <span class=3D"HOEnZb"><font color=3D"#888888">--<br>
> Mark Andrews, ISC<br>
> 1 Seymour St., Dundas Valley, NSW 2117, Australia<br>
> PHONE: <a href=3D"tel:%2B61%202%209871%204742" value=3D"+61298714742">+61 2=
> 9871 4742</a> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 INTERNET: <a href=3D"mailto:=
> marka at isc.org">marka at isc.org</a><br>
> </font></span></blockquote></div><br></div>
>
> --047d7b621afcc5a35b04d6e5e8a4--
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list