named running wild

Bill O'Hanlon wmo-bind at rebma.pro-ns.net
Sat Feb 2 06:43:25 UTC 2002 


(Apologies if you see this twice -- I sent it from an unsubscribed address
originally.)


I've got an odd situation.

I'm running bind 8.3.0 on several FreeBSD machines.  I frequently notice
that named is running a lot more than usual -- normally, when running
"top", it's using less than 1% of available CPU, but at these odd times,
I'll see it using 5-15% instead. 

Whenever I see this happening, I've sent named a USR1 and watched the
named.run file.  I'll see the following:

sysquery: send -> [192.35.51.30].53 dfd=4 nsid=3931 id=0 retry=1012062621
datagram from [192.31.80.30].53, fd 4, len 136
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65248
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;;      ns3.yourlasthost.com.AikensLaughs.com, type = A, class = IN
AikensLaughs.com.       2D IN NS        NS2.YOURLASTHOST.com.
AikensLaughs.com.       2D IN NS        NS1.YOURLASTHOST.com.
NS2.YOURLASTHOST.com.   2D IN A         216.98.138.176
NS1.YOURLASTHOST.com.   2D IN A         209.126.152.210
update failed AikensLaughs.com 2
resp: nlookup(ns3.yourlasthost.com.AikensLaughs.com) qtype=1
resp: found 'ns3.yourlasthost.com.AikensLaughs.com' as 'AikensLaughs.com' (cname
=0)


I end up seeing dozens of these per second.  If I restart named,
the problem goes away for a couple hours.

All I need to do to start the problem running again is to do a 
"host AikensLaughs.com".

I ended up putting the following in my named.conf:


server 216.98.138.176 {
        bogus yes;
};
server 209.126.152.210 {
        bogus yes;
};


Now I can't look up that domain, (which is fine with me!), and it
appears to make the problem go away.

I don't recall having any problems like this before I upgraded to
8.3.0, but I wasn't watching things as closely then, either..

I'm assuming that there's something wrong with the config of the
servers at YOURLASTHOST.com.  Running doc against AikensLaughs.com
seems to find some problems.

My real question is, even if something is broken over there, should I
be having this problem at my end?  It looks to me as if named gets
stuck in a loop trying to resolve this domain.  Is adding broken
name servers to my config something I'll just need to get used to 
doing?

If I've not explained things well enough, let me know.

-Bill


--
Bill O'Hanlon                                                   wmo at pro-ns.net
Professional Network Services, Inc.                             612-379-3958
http://www.pro-ns.net

More information about the bind-users mailing list