BIND 8.2: 99% server load when lame delegation occurs (reprised)
John N Dvorak
dvorak at capu.net
Fri Jun 4 21:32:22 UTC 1999
On Fri, 4 Jun 1999, Joseph S D Yao wrote:
>Have you tried making only two servers for the domain? This is just a
>patch, not a cure.
I'm not sure what you mean. These are domains which we do not support.
They were registered to us. For example:
gruppo.com
I can cause the loop by doing an external DNS lookup on gruppo.com.
(I can also cause it by starting the lookup on one of my servers.) Both
ns.capu.net and ns2.capu.net produce this:
Jun 4 17:11:17 ns named[611]: default: ns_forw: query(gruppo.com)
contains our address (NS.CAPU.NET:205.252.27.1)
Another example:
May 29 04:21:06 ns named[611]: default: ns_resp: query(tc.gruppo.com)
contains our address (NS.CAPU.NET:205.252.27.1)
May 29 04:21:06 ns named[611]: default: ns_forw: query(tc.gruppo.com)
contains our address (NS.CAPU.NET:205.252.27.1)
>Have you checked your 'syslog' output, to see whether the domain in
>question was perhaps rejected on both servers for some piddling
>inconsequential [;-)] syntax error?
There's not entry in our DNS for this domain. We removed it from our DNS
over a year ago. :(
>Could you post "real" data, such as domain and server names - or, if
>not, could you e-mail them?
>
>I am a bit puzzled by your phrase "SOA sources". The InterNIC will
Sorry. Quick typing, poor thinking on my part. I meant to say that
InterNIC points to two public servers:
ns.capu.net
ns2.capu.net
Both of which are slaves, not that that should matter.
When a request for this domain is received, the loop begins, resulting
in a temporary DOS.
This is true for all lame delegations, BTW, and I can reproduce the result
with 100% success.
Any ideas?
JD
===========================================
John N Dvorak | dvorak at capu.net
Director, Technology and Development
CapuNet, LLC - Corporate Internet Solutions
(301) 881-4900 x8018
===========================================
More information about the bind-users
mailing list