Odd resolving problem
Danny Mayer
mayer at gis.net
Sun Dec 9 03:56:11 UTC 2001
At 05:38 PM 12/8/01, Terrence Koeman wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Hello,
>
>My DNS servers suddenly stopped resolving one particular hostname,
>while others around the globe can resolve this host just fine.
>
>The hostname is irc.quakenet.org (and a CNAME of it:
>irc.quakenet.eu.org).
>
>Other hosts that are in the same domain and have the same authorative
>nameservers resolve fine, i.e. www.quakenet.org and
>irc.uk.quakenet.org.
>
>I'm running BIND 8.2.0 on Windows 2000 Advanced Server SP2.
What version is this really? Is it BIND 9.2.0 or 8.2.5? Your version of dig
is from BIND 8.2.5 but you don't seem to be running it on the same node.
>I included some dig's to show my problem at the end.
>
>The last dig is a lookup of irc.quakenet.org through some other DNS
>server, and it shows a lot of A records for this host. So I figured the
>answer might be bigger than a UDP packet and I could be accidentally
>blocking port 53 TCP. This is not the case.
Running Dig 9.2.0 shows that it's getting a UDP truncation and it retries
in TCP mode.
>And I'd like to note that until some hours ago the host resolved fine.
>
>Does someone have an idea what this could be? The logs don't give me
>any clues.
Probably the sheer number of A records for that address. What were they
thinking? Try a BIND 9.2.0 version of Dig. From the test I conducted against
my 8.2.5 version of BIND on NT, it looks like it takes too long for the
nameserver to get the answer because it has to retry in TCP mode and
dig is timing out before the server can get the answer. If you install BIND
9.2.0
it will work though dig may timeout initially.
Danny
More information about the bind-users
mailing list