Forwarders under 8.2.2-P5 slightly broken?

Bruno Hall bruno_hall at yahoo.com
Fri Jul 21 01:27:47 UTC 2000


> The output you showed from dig is inconclusive since it's not clear
> which server you were querying or whether that server did the
> forwarding or was the target of the forwarded queries. That output
> from dig doesn't support your story either. It just shows a query
> timing out and succeeding when you repeat the same query (on the same
> system? at around the same time?)

The machine on which the example was run corresponds to what I
called the "first machine", i.e. the machine with the forwarders
in named.conf.
 
> This sort of behaviour can be expected with forwarding servers. Try
> getting rid of the forwarding stuff: it's probably more of a hindrance
> than a help. What's probably happening is that you're making a request
> to server A. A forwards to B but before B returns an answer to A, the
> original query sent to A times out. Then, by the time you try again, B
> has got an answer (or partial answer) to its query which means it can
> send something back to A before the second query times out. This could
> get worse if B forwards queries to server C, etc, etc. Setups with
> forwarding name servers are usually a lot more bother than they're
> worth.

Ah ha!  That could very well be, and would also account for the 
fact that the symptom doesn't occur for all queries, all of the
time.

Still, though, when I tell the first machine to do everything 
(i.e. don't forward), the time interval between when the
request is sent and the reply is received is typically less
than 10 seconds.
 
> FWIW, the RRs for gnac.com seem to have a 30 minute TTL. Your dig
> output showed answers with TTLs of 28 minutes, 45 seconds. So it looks
> like at least 75 seconds elapsed between the first failed lookup and
> the second. Assuming they were done on the same machine of course.

Yes I agree, and yes they were both done on the same machine;
it took over a minute for the query to time out.
 
> BTW, what was the point of hiding the actual names and addresses of
> the two servers and the names you were looking up? If you go to a
> garage because your car is broken, do you expect the mechanic to tell
> you what's wrong without letting them look at the car?

Two reasons:

1. Do people really care about how I've elected to call and address
these machines?

2. The first machine has a 1918 address, and the second machine
is a firewall with a 1918 address on the internal interface; the
desire was to keep the explanation of the situation as simple and
as extraneous-detail-free as possible.
 
Bruno



More information about the bind-users mailing list