change in reverse dns lookup behavior
Barry Margolin
barmar at alum.mit.edu
Fri May 13 00:57:07 UTC 2005
In article <d60mib$114j$1 at sf1.isc.org>,
Ole Michaelsen <omic+usenet4 at fys.ku.dk> wrote:
> Kevin Darcy wrote:
> > cool burn wrote:
> >
> > >Hello,
> > >
> > >We have an internal network of the form 10.x.x.x
> > >
> > >We have two DNS servers (bind 9.2.1) that are
> > >multi-homed, but are used by the internal network at
> > >10.0.0.10 and 10.0.0.11
> > >
> > >All of the internal servers have resolv.conf setup as:
> > >nameserver 10.0.0.10
> > >nameserver 10.0.0.11
> > >
> > >This has worked perfectly for 8 months.
> > >
> > >Today, we suddenly started getting timeouts in our
> > >application server connecting to our db server. Then,
> > >I saw I was also getting very slow times to connect
> > >using SSH. I knew right away this was DNS related.
>
> We had the exact same problem. Also noticed with SSH first. With
> 10.17.34 which we dont have a zonefile for. Since 16:00 (CEST) we have
> had timeouts whenever trying to lookup stuff in that range - we never
> had this before. This also affected the ability to lookup some 192.168
> addresses - it partly worked, partly didn't work.
>
> But now, since 00:15 CEST approx suddenly the timeouts have disappeared
> and everything seem to work again!
>
> A global glitch in the matrix?
The servers that the public delegations for 10.in-addr.arpa point to may
have gone down or been overloaded. I've seen this happen a number of
times over the years. When I was at an ISP, I arranged for our caching
servers to be authoritative for all the RFC 1918 reverse zones, so that
we wouldn't be dependent on these remote servers.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list