Frequent timeout
Alex
mysqlstudent at gmail.com
Sun Sep 2 03:45:46 UTC 2018
On Sat, Sep 1, 2018 at 11:25 PM Carl Byington <carl at byington.org> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On Fri, 2018-08-31 at 17:18 -0400, Alex wrote:
> > ../../../lib/dns/resolver.c:3927 for support.coxbusiness.com/A in
>
> After 4 seconds, I get SERVFAIL on that name.
Thank you for your help. Perhaps I picked a bad example?
I happened to have a grep running against my current named.debug.log,
and as I received your email, what I believe is a much more
representative display of the problem occurred. I also have a packet
capture below.
It's probably mangled posting it here, so I'll also put it on
pastebin, but it's a rapid-fire display of a series of failed queries
at once. I've cut out much of the info preceding and following to make
it more clear here. These all occurred in less than 20ms of each
other.
(71.161.85.209.ubl.unsubscore.com): query failed (SERVFAIL)
(71.161.85.209.dnsbl-2.uceprotect.net): query failed (SERVFAIL)
(71.161.85.209.dnsbl.sorbs.net): query failed (SERVFAIL)
(71.161.85.209.bad.psky.me): query failed (SERVFAIL)
(71.161.85.209.score.senderscore.com): query failed (SERVFAIL)
(71.161.85.209.list.dnswl.org): query failed (SERVFAIL)
(71.161.85.209.zz.countries.nerd.dk): query failed (SERVFAIL)
(71.161.85.209.cidr.bl.mcafee.com): query failed (SERVFAIL)
(71.161.85.209.bl.mailspike.net): query failed (SERVFAIL)
(71.161.85.209.wl.mailspike.net): query failed (SERVFAIL)
(71.161.85.209.db.wpbl.info): query failed (SERVFAIL)
(71.161.85.209.sip.helpfulblacklist.xyz): query failed (SERVFAIL)
(71.161.85.209.dnsbl-3.uceprotect.net): query failed (SERVFAIL)
(71.161.85.209.backscatter.spameatingmonkey.net): query failed (SERVFAIL)
(71.161.85.209.hostkarma.junkemailfilter.com): query failed (SERVFAIL)
(71.161.85.209.bl.score.senderscore.com): query failed (SERVFAIL)
When trying to resolve any of these manually, it just returns NXDOMAIN.
See the entirety of the log here:
https://pastebin.com/JpHCDdQs
Each of the lines above also has a corresponding entry like this:
01-Sep-2018 23:31:06.701 query-errors: debug 2: fetch completed at
../../../lib/dns/resolver.c:3927 for 71.161.85.209.bad.psky.me/A in
10.000078: timed out/success
[domain:psky.me,referral:0,restart:4,qrysent:8,timeout:7,lame:0,quota:0,neterr:0,badresp:0,adberr:0,findfail:0,valfail:0]
I also isolated a packet with the "server failure" information, but
I'm unable to figure out what the data means. Would someone be
interested in evaluating it for me? It's a 146-byte pcap file.
https://drive.google.com/open?id=1Ui893Lg61psZCR8I_9SJtNqs-Sil_br
Thanks for any ideas.
Alex
More information about the bind-users
mailing list