Caching DNS server still queries forwarding nameservers

Kevin Darcy kcd at daimlerchrysler.com
Wed Apr 19 23:13:15 UTC 2000


It's trying to glue-fetch "localhost." which you have defined as the nameserver
for 1.0.0.127.in-addr.arpa. Either a) turn off glue-fetching altogether,
b) create a zone just for "localhost.", or c) change the NS entry to something
that is resolvable.

I think the "db_update failed" message just means that it couldn't create a
negative cache entry for "localhost." because it already had one. (Apparently
BIND's glue-fetching code doesn't check negative caching, so the negative cache
entry is useless anyways in this case).


- Kevin

Nelson, Brad wrote:

> Additional info: I turned on debug level 1 with "ndc trace" and tried two
> nslookups on my guinea pig www.fogdog.com. The named.run is below:
>
> $ more named.run
> Debug level 1
> Version = named 8.2.2-P5 Wed Apr 19 02:42:33 CDT 2000
>         root at nitro:/usr/installs/bind/src/bin/named
> conffile = /etc/named.conf
> datagram from [127.0.0.1].1565, fd 20, len 40
> req: nlookup(1.0.0.127.in-addr.arpa) id 55792 type=12 class=1
> req: found '1.0.0.127.in-addr.arpa' as '1.0.0.127.in-addr.arpa' (cname=0)
> sysquery: send -> [209.250.238.2].53 dfd=4 nsid=52619 id=0 retry=956182504
> ns_req: answer -> [127.0.0.1].1565 fd=20 id=55792 size=97 rc=0
> datagram from [127.0.0.1].1566, fd 20, len 32
> req: nlookup(www.fogdog.com) id 55793 type=1 class=1
> req: missed 'www.fogdog.com' as '' (cname=0)
> forw: forw -> [209.250.238.2].53 ds=4 nsid=20398 id=55793 -1ms retry 4sec
> datagram from [209.250.238.2].53, fd 4, len 100
> ncache: dname localhost, type 1, class 1
> datagram from [209.250.238.2].53, fd 4, len 48
> send_msg -> [127.0.0.1].1566 (UDP 20) id=55793
>
>    [note: the above was where the output from the first query ended,]
>    [it was the first query to the newly-started named]
>
>    [below was what was printed on the second attempt]
>
> datagram from [127.0.0.1].1567, fd 20, len 40
> req: nlookup(1.0.0.127.in-addr.arpa) id 60158 type=12 class=1
> req: found '1.0.0.127.in-addr.arpa' as '1.0.0.127.in-addr.arpa' (cname=0)
> sysquery: send -> [209.250.238.2].53 dfd=4 nsid=9942 id=0 retry=956182623
> ns_req: answer -> [127.0.0.1].1567 fd=20 id=60158 size=97 rc=0
> datagram from [127.0.0.1].1568, fd 20, len 32
> req: nlookup(www.fogdog.com) id 60159 type=1 class=1
> req: found 'www.fogdog.com' as 'www.fogdog.com' (cname=0)
> ns_req: answer -> [127.0.0.1].1568 fd=20 id=60159 size=467 rc=0
> datagram from [209.250.238.2].53, fd 4, len 100
> update failed  6
> ncache: dname localhost, type 1, class 1
> db_update failed (-10), cache_n_resp()
>
>     [end]
>
> The "db_update failed" looks rather suspicious; a quick search of the
> archived yielded no hits.
>
> Any ideas?
>
> Thanks,
>
> Brad
>
> -----Original Message-----
> From: Nelson, Brad [mailto:bradn at s2systems.com]
> Sent: Wednesday, April 19, 2000 3:58 PM
> To: 'bind-users at isc.org'
> Subject: Caching DNS server still queries forwarding nameservers
>
> Greetings all, I'm trying to set up a simple caching name server on my Linux
> box. I have a permanent Internet connection with a static IP address, so
> that part is pretty easy. My ISP has DNS servers that I wish to use as
> forwarders.
>
> I've installed and configured BIND 8 as per the Linux DNS HOW-TO, and the
> good news is that the server actually does work, insofar as it goes to my
> local server first:
>
> nslookup www.fogdog.com
> Server:  localhost
> Address:  127.0.0.1
>
> Non-authoritative answer:
> Name:    www.fogdog.com
> Address:  209.1.55.139
>
> However, a tcpdump reveals that, even after repeated nslookups, my ISP's DNS
> servers (which I have set up as forwarders) still get hit on each request;
> in the example below, I have tcpdump running in the background, thus it
> spews out it's results in near-real-time:
>
> $ nslookup www.fogdog.com
> 15:20:10.857028 h84-212-210-245.notarealdomain.net.1499 > dns2.domain:
> 21474+ (27)
> Server:  localhost
> Address:  127.0.0.1
>
> Non-authoritative answer:
> Name:    www.fogdog.com
> Address:  209.1.55.139
>
> 15:20:10.947028 dns2.domain > h84-212-210-245.notarealdomain.net.1499: 21474
> NXDomain 0/1/0 (100)
>
> The whole h84-xxxxxx thing is my ISP-assigned address (munged), and dns2 is
> of course their DNS server. I get the same results every time I run a
> lookup; it always still goes to the ISP DNS.
>
> My assumption would be that if my caching nameserver were working properly,
> it would not have to query the ISP DNS on subsequent lookups of the same
> address; in other words, I would expect to see no traffic to the net with
> just a simple lookup on the second and subsequent tries. Is this a valid
> assumption?
>
> Here is my config right now, though I've tried a multitude of different
> things with the same result:
>
> /etc/resolv.conf:
>
> nameserver 127.0.0.1
>
> // Config file for caching only name server
>
> options {
>         directory "/var/named";
>
>       forward first;
>        forwarders {
>                 xxx.xxx.xxx.xxx; // **NOTE** I have the real servers in my
> actual file
>                 xxx.xxx.xxx.yyy;
>        };
>
>         // Uncommenting this might help if you have to go through a
>         // firewall and things are not working out:
>
>         // query-source port 53;
> };
>
> zone "0.0.127.in-addr.arpa" {
>         type master;
>         file "pz/127.0.0";
> };
>
> zone "." {
>         type hint;
>         file "root.hints";
>
> /var/named/root.hints:
>
> ; <<>> DiG 2.2 <<>> @h.root-servers.net
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
> ;; flags: qr aa rd; Ques: 1, Ans: 13, Auth: 0, Addit: 13
> ;; QUESTIONS:
> ;;      ., type = NS, class = IN
>
> ;; ANSWERS:
> .       518400  NS      L.ROOT-SERVERS.NET.
> .       518400  NS      M.ROOT-SERVERS.NET.
> .       518400  NS      I.ROOT-SERVERS.NET.
> .       518400  NS      E.ROOT-SERVERS.NET.
> .       518400  NS      D.ROOT-SERVERS.NET.
> .       518400  NS      A.ROOT-SERVERS.NET.
> .       518400  NS      H.ROOT-SERVERS.NET.
> .       518400  NS      C.ROOT-SERVERS.NET.
> .       518400  NS      G.ROOT-SERVERS.NET.
> .       518400  NS      F.ROOT-SERVERS.NET.
> .       518400  NS      B.ROOT-SERVERS.NET.
> .       518400  NS      J.ROOT-SERVERS.NET.
> .       518400  NS      K.ROOT-SERVERS.NET.
>
> ;; ADDITIONAL RECORDS:
> L.ROOT-SERVERS.NET.     3600000 A       198.32.64.12
> M.ROOT-SERVERS.NET.     3600000 A       202.12.27.33
> I.ROOT-SERVERS.NET.     3600000 A       192.36.148.17
> E.ROOT-SERVERS.NET.     3600000 A       192.203.230.10
> D.ROOT-SERVERS.NET.     3600000 A       128.8.10.90
> A.ROOT-SERVERS.NET.     3600000 A       198.41.0.4
> H.ROOT-SERVERS.NET.     3600000 A       128.63.2.53
> C.ROOT-SERVERS.NET.     3600000 A       192.33.4.12
> G.ROOT-SERVERS.NET.     3600000 A       192.112.36.4
> F.ROOT-SERVERS.NET.     3600000 A       192.5.5.241
> B.ROOT-SERVERS.NET.     3600000 A       128.9.0.107
> J.ROOT-SERVERS.NET.     3600000 A       198.41.0.10
> K.ROOT-SERVERS.NET.     3600000 A       193.0.14.129
>
> ;; Total query time: 533 msec
> ;; FROM: nitro to SERVER: h.root-servers.net  128.63.2.53
> ;; WHEN: Tue Apr 18 23:24:18 2000
> ;; MSG SIZE  sent: 17  rcvd: 436
>
> /var/named/pz/127.0.0:
>
> @               IN      SOA     localhost. root.localhost. (
>                                 1       ; Serial
>                                 28800   ; Refresh
>                                 7200    ; Retry
>                                 604800  ; Expire
>                                 86400)  ; Minimum TTL
>                         NS      localhost.
> 1                       PTR     localhost.
>
> I've also tried the "bone stock" 127.0.0 file from the Linux DNS HOW-TO,
> exactly as is appears there, with the "linux.bogus" etc., but same results.
>
> Any ideas? Thanks very much in advance...
>
> Brad






More information about the bind-users mailing list