All nameservers unresponsive when master is down

Sam Pointer sam.pointer at hpdsoftware.com
Thu Apr 11 09:53:17 UTC 2002


Thankyou David: excellent information and a great help.

-----Original Message-----
From: David Hekimian [mailto:davidh at aqueduct.com]
Sent: 10 April 2002 21:55
To: Sam Pointer
Cc: 'comp-protocols-dns-bind at isc.org'
Subject: RE: All nameservers unresponsive when master is down 



You may also want to upgrade to 9.2.0.

Also check your routing to NS3 - 

Here is the output from http://www.squish.net/dnscheck/dnscheck.cgi:

Results
25.0% of queries ended in failure at 195.167.246.3 (NS3.HPDSC.COM) - query
timed out

25.0% of queries returned by 212.158.99.194 (NS1.HPDSC.COM) HPDSC.COM.	0
IN	SOA	ns1.HPDSC.COM. dnsadmin.hpdsoftware.COM. (
1018449090	; Serial	7200	; Refresh	3600	; Retry
604800	; Expire	0 )	; Minimum TTL

25.0% of queries returned by 212.158.99.195 (NS2.HPDSC.COM) HPDSC.COM.	0
IN	SOA	ns1.HPDSC.COM. dnsadmin.hpdsoftware.COM. (
1018449090	; Serial	7200	; Refresh	3600	; Retry
604800	; Expire	0 )	; Minimum TTL
 
25.0% of queries returned by 195.167.246.4 (NS4.HPDSC.COM) HPDSC.COM.	0
IN	SOA	ns1.HPDSC.COM. dnsadmin.hpdsoftware.COM. (
1018449090	; Serial	7200	; Refresh	3600	; Retry
604800	; Expire	0 )	; Minimum TTL
 

- David


-----Original Message-----
From: Mark_Andrews at isc.org [mailto:Mark_Andrews at isc.org]
Sent: Wednesday, April 10, 2002 8:44 AM
To: Sam Pointer
Cc: 'comp-protocols-dns-bind at isc.org'
Subject: Re: All nameservers unresponsive when master is down 



> My domain `hpdsc.com` has 2 "actual" nameservers which we present to the
> world as 4 "logical" nameservers. The 2 boxes are multihomed and all 4
> addresses are given as valid namesevers for the domain (we have 2 leased
> lines and this removes a single point of failure).
> 
> My whois informations is:
> 
>  Domain servers in listed order:
> 
>    NS2.HPDSC.COM                212.158.99.195
>    NS3.HPDSC.COM                195.167.246.3
>    NS4.HPDSC.COM                195.167.246.4
>    NS1.HPDSC.COM                212.158.99.194	The like-typed
nameserv
> ers
> are actually the same nameserver on the same box (multihomed).

	Unless you are playing with /32's you are still subject to single
	points of failure.

> 
> The relevant part of the Zone data is:
> 
> hpdsc.com.      IN      SOA     ns1.hpdsc.com. dnsadmin.hpdsoftware.com. (
>                                         1018281163      ; Serial
>                                         7200            ; refresh (2 hour)
>                                         3600            ; retry (1 hours)
>                                         604800          ; expire (1 week)
>                                         1               ; neg. cache
>                                         )
> ...
> hpdsc.com.      NS      ns1.hpdsc.com.
> hpdsc.com.      NS      ns2.hpdsc.com.
> hpdsc.com.      NS      ns3.hpdsc.com.
> hpdsc.com.      NS      ns4.hpdsc.com.
> ...
> 
> ns1.hpdsc.com.          IN A            212.158.99.194
> ns2.hpdsc.com.          IN A            212.158.99.195
> ns3.hpdsc.com.          IN A            195.167.246.3
> ns4.hpdsc.com.          IN A            195.167.246.4

	Well before you do anything else supply reasonable TTL values.
	1 second (above) isn't reasonable nor is zero which the server
	currently emitting.

> However, if I stop BIND running on ns1 (which is also ns3 if referenced by
> it's alternative IP address) then the whole Zone stops resolving. And I
> can't for the life of me work out why. If you want to tell me to "FAQ off"
> then please do.

	Well the zone resolves fine except for some delays cause by the
	zero TTLs you are currently using.

> 
> Any help/pointers/soothing words of calm would be most appreciated: I'm
> terrified on ns1/ns3 falling over! I'm running BIND9.
> _________________________________________
> 
> 
> Sam Pointer - HPD Software Ltd.
> Email:   sam.pointer at hpdsoftware.com
> 
> Sites:      http://slashdot.org   http://www.perl.com  http://eff.org
>                   http://www.gnu.org/software/hurd/hurd.html 
> 
> 
> 
> This email and any attachments are strictly confidential and are intended
> solely for the addressee. If you are not the intended recipient you must
> not disclose, forward, copy or take any action in reliance on this message
> or its attachments. If you have received this email in error please notify
> the sender as soon as possible and delete it from your computer systems.
> Any views or opinions presented are solely those of the author and do not
> necessarily reflect those of HPD Software Limited or its affiliates.
> 
>  At present the integrity of email across the internet cannot be
guaranteed
> and messages sent via this medium are potentially at risk.  All liability
> is excluded to the extent permitted by law for any claims arising as a re-
> sult of the use of this medium to transmit information by or to 
> HPD Software Limited or its affiliates.
> 
> 
> 
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org


This email and any attachments are strictly confidential and are intended
solely for the addressee. If you are not the intended recipient you must
not disclose, forward, copy or take any action in reliance on this message
or its attachments. If you have received this email in error please notify
the sender as soon as possible and delete it from your computer systems.
Any views or opinions presented are solely those of the author and do not
necessarily reflect those of HPD Software Limited or its affiliates.

 At present the integrity of email across the internet cannot be guaranteed
and messages sent via this medium are potentially at risk.  All liability
is excluded to the extent permitted by law for any claims arising as a re-
sult of the use of this medium to transmit information by or to 
HPD Software Limited or its affiliates.




More information about the bind-users mailing list