Bind continues sending requests for one query

fups at gmx.net fups at gmx.net
Tue Jan 9 08:31:27 UTC 2001 

Hi,

sorry if this kind of problem has been posted before, but didn't know
right
how to find the right solution.

We are using Bind-8.2.2P5 on a RH 6.2 Linux-system as DNS for our 
internal-network. Hostname-queries not belonging to our adress-room
are forwarded to our ISPs DNS over a firewall via net.

Sometimes the DNS starts to go nuts and locks up the network with queries.
(See TCPDump-output further down). After restarting bind it is OK again.
What could be wrong with my configuration to cause this problem?

Would be great if somebody had an idea how to get rid of this!

Thanks,
Michael

Output iv /var/log/messages
===========================
Jan  6 15:42:08 hermes named[14014]: Cleaned cache of 40 RRsets
Jan  6 15:42:08 hermes named[14014]: USAGE 978792128 978108097
CPU=242210u/15082.1s CHILDCPU=0u/0s
Jan  6 15:42:08 hermes named[14014]: NSTATS 978792128 978108097 A=10912656
NS=1927 PTR=9283
Jan  6 15:42:08 hermes named[14014]: XSTATS 978792128 978108097
RR=16668590 RNXD=35531 RFwdR=954070 RDupR=6125835 RFail=
9563747 RFErr=0 RErr=0 RAXFR=0 RLame=0 ROpts=0 SSysQ=598 SAns=45985
SFwdQ=6391217 SDupQ=101444153 SErr=105162 RQ=1092386
6 RIQ=0 RFwdQ=0 RDupQ=4510706 RTCP=0 SFwdR=954070 SFail=0 SFErr=0
SNaAns=41742 SNXD=974
Jan  6 15:42:50 hermes named: named shutdown succeeded
Jan  6 15:44:02 hermes named[18898]: starting.  named 8.2.2-P5 Fri Oct  6
17:08:31 CEST 2000 ^Iphilippe at ke.mandrakesoft.
com:/home/philippe/RPM/BUILD/bind-8.2.2P5/src/bin/named

TCPDump-output from a machine outside the firewall
=================================================
(entries repeated approximately 50 times a second)
14:29:21.327082 FwInt.klumpp.de.61000 > dns1.riodata.de.domain: 41496+
(32) (ttl 63, id 58833)
14:29:21.330347 FwInt.klumpp.de.61000 > dns1.riodata.de.domain: 34389+
(32) (ttl 63, id 58835)
14:29:21.579761 dns1.riodata.de.domain > FwInt.klumpp.de.61000: 10101
ServFail q: www.change.co 0/0/0 (32) (ttl 24, id 3
0723)
14:29:21.581276 dns1.riodata.de.domain > FwInt.klumpp.de.61000: 2546
ServFail q: www.change.co 0/0/0 (32) (ttl 24, id 30
724)14:29:21.583041 dns1.riodata.de.domain > FwInt.klumpp.de.61000: 36758
ServFail q: www.change.co 0/0/0 (32) (ttl 24,
id 30725)

Our named.conf file
===================
options {
        directory "/var/named";
        query-source port 53;
        forward first;
        forwarders {
            194.175.34.11;
            62.16.139.10;
            62.16.139.13;
        };
};

zone "." {
        type hint;
        file "root.hints";
};

zone "localhost" {
        type master;
        file "pz/localhost";
};
zone "0.0.127.in-addr.arpa" {
        type master;
        file "pz/127.0.0";
};

zone "klumpp.de" {
        type master;
        file "pz/klumpp.de";
};

zone "34.175.194.in-addr.arpa" {
        type master;
        file "pz/194.175.34";
};

-- 
Sent through GMX FreeMail - http://www.gmx.net

More information about the bind-users mailing list