initial lookup fails every time
Mike Hoskins (michoski)
michoski at cisco.com
Sun Jul 13 19:35:35 UTC 2014
-----Original Message-----
From: Matus UHLAR - fantomas <uhlar at fantomas.sk>
Date: Sunday, July 13, 2014 at 6:24 AM
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org>
Subject: Re: initial lookup fails every time
>On 12.07.14 01:19, Tony Publiski wrote:
>> I'm hoping someone has seen this before. I'm running a couple of BIND
>> 9.8.2 DNS servers and having an issue with them for some reason. The
>> servers end up failing to lookup on the initial lookup of a domain that
>> hasn't been previously cached every time. If you immediately retry, the
>> lookup succeeds without issue. I've looked all over but not been able
>>to
>> find any answers, and it's driving me crazy. Anyone seen this before or
>> have an idea?
>>
>>[root at ns ~]# nslookup www.chase.com
>>;; connection timed out; trying next origin
>>Server: 127.0.0.1
>>Address: 127.0.0.1#53
>>
>>** server can't find www.chase.com: NXDOMAIN
>>
>>[root at ns ~]# nslookup www.chase.com
>>Server: 127.0.0.1
>>Address: 127.0.0.1#53
>>
>>Non-authoritative answer:
>>www.chase.com canonical name = wwwbcchase.gslb.bankone.com.
>>Name: wwwbcchase.gslb.bankone.com
>>Address: 159.53.84.126
>
>there's too much places where the issue can be.
>First, use "dig" or at least "host" to track DNS problems.
+1
only idea from info given, is upstream firewall or other network device
doing inspection or filtering and causing timeouts due to edns
fall-back...a race condition where the answer ultimately gets cached but
not before the client times out, so it works next time.
that's just one idea thought, as said above many things could cause the
behavior. to rule out my idea, you can test yourself:
https://www.dns-oarc.net/oarc/services/replysizetest/
More information about the bind-users
mailing list