All nameservers unresponsive when master is down

David Hekimian davidh at aqueduct.com
Wed Apr 10 20:55:27 UTC 2002 

You may also want to upgrade to 9.2.0.

Also check your routing to NS3 - 

Here is the output from http://www.squish.net/dnscheck/dnscheck.cgi:

Results
25.0% of queries ended in failure at 195.167.246.3 (NS3.HPDSC.COM) - query
timed out

25.0% of queries returned by 212.158.99.194 (NS1.HPDSC.COM) HPDSC.COM.	0
IN	SOA	ns1.HPDSC.COM. dnsadmin.hpdsoftware.COM. (
1018449090	; Serial	7200	; Refresh	3600	; Retry
604800	; Expire	0 )	; Minimum TTL

25.0% of queries returned by 212.158.99.195 (NS2.HPDSC.COM) HPDSC.COM.	0
IN	SOA	ns1.HPDSC.COM. dnsadmin.hpdsoftware.COM. (
1018449090	; Serial	7200	; Refresh	3600	; Retry
604800	; Expire	0 )	; Minimum TTL
 
25.0% of queries returned by 195.167.246.4 (NS4.HPDSC.COM) HPDSC.COM.	0
IN	SOA	ns1.HPDSC.COM. dnsadmin.hpdsoftware.COM. (
1018449090	; Serial	7200	; Refresh	3600	; Retry
604800	; Expire	0 )	; Minimum TTL
 

- David


-----Original Message-----
From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org]
Sent: Wednesday, April 10, 2002 8:44 AM
To: Sam Pointer
Cc: 'comp-protocols-dns-bind at isc.org'
Subject: Re: All nameservers unresponsive when master is down 



> My domain `hpdsc.com` has 2 "actual" nameservers which we present to the
> world as 4 "logical" nameservers. The 2 boxes are multihomed and all 4
> addresses are given as valid namesevers for the domain (we have 2 leased
> lines and this removes a single point of failure).
> 
> My whois informations is:
> 
>  Domain servers in listed order:
> 
>    NS2.HPDSC.COM                212.158.99.195
>    NS3.HPDSC.COM                195.167.246.3
>    NS4.HPDSC.COM                195.167.246.4
>    NS1.HPDSC.COM                212.158.99.194	The like-typed
nameserv
> ers
> are actually the same nameserver on the same box (multihomed).

	Unless you are playing with /32's you are still subject to single
	points of failure.

> 
> The relevant part of the Zone data is:
> 
> hpdsc.com.      IN      SOA     ns1.hpdsc.com. dnsadmin.hpdsoftware.com. (
>                                         1018281163      ; Serial
>                                         7200            ; refresh (2 hour)
>                                         3600            ; retry (1 hours)
>                                         604800          ; expire (1 week)
>                                         1               ; neg. cache
>                                         )
> ...
> hpdsc.com.      NS      ns1.hpdsc.com.
> hpdsc.com.      NS      ns2.hpdsc.com.
> hpdsc.com.      NS      ns3.hpdsc.com.
> hpdsc.com.      NS      ns4.hpdsc.com.
> ...
> 
> ns1.hpdsc.com.          IN A            212.158.99.194
> ns2.hpdsc.com.          IN A            212.158.99.195
> ns3.hpdsc.com.          IN A            195.167.246.3
> ns4.hpdsc.com.          IN A            195.167.246.4

	Well before you do anything else supply reasonable TTL values.
	1 second (above) isn't reasonable nor is zero which the server
	currently emitting.

> However, if I stop BIND running on ns1 (which is also ns3 if referenced by
> it's alternative IP address) then the whole Zone stops resolving. And I
> can't for the life of me work out why. If you want to tell me to "FAQ off"
> then please do.

	Well the zone resolves fine except for some delays cause by the
	zero TTLs you are currently using.

> 
> Any help/pointers/soothing words of calm would be most appreciated: I'm
> terrified on ns1/ns3 falling over! I'm running BIND9.
> _________________________________________
> 
> 
> Sam Pointer - HPD Software Ltd.
> Email:   sam.pointer at hpdsoftware.com
> 
> Sites:      http://slashdot.org   http://www.perl.com  http://eff.org
>                   http://www.gnu.org/software/hurd/hurd.html 
> 
> 
> 
> This email and any attachments are strictly confidential and are intended
> solely for the addressee. If you are not the intended recipient you must
> not disclose, forward, copy or take any action in reliance on this message
> or its attachments. If you have received this email in error please notify
> the sender as soon as possible and delete it from your computer systems.
> Any views or opinions presented are solely those of the author and do not
> necessarily reflect those of HPD Software Limited or its affiliates.
> 
>  At present the integrity of email across the internet cannot be
guaranteed
> and messages sent via this medium are potentially at risk.  All liability
> is excluded to the extent permitted by law for any claims arising as a re-
> sult of the use of this medium to transmit information by or to 
> HPD Software Limited or its affiliates.
> 
> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list