Problems after 8.3.3 upgrade

Doug Barton DougB at DougBarton.net
Wed Jul 17 07:58:57 UTC 2002 

On Tue, 16 Jul 2002, Nick Hengeveld wrote:

> It looks like one can disable EDNS on a per-server basis; would it make
> sense to do this for all Akamai servers and hope they don't change often,
> or can/should it be done globally?

It definitely shouldn't be done globally. EDNS provides nice features, and
will provide even nicer ones as time goes on. I have a contact at akamai,
and I'll be poking him on this tomorrow.

> Also, would that explain why the problem goes away when I force a cname
> lookup?

Actually I can't. I have bind 8.3.3 resolvers and I don't see this
problem.

; <<>> DiG 8.3 <<>> @127.0.0.1 click.shopping.yahoo.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 10, ADDITIONAL: 10
;; QUERY SECTION:
;;      click.shopping.yahoo.com, type = A, class = IN

;; ANSWER SECTION:
click.shopping.yahoo.com.  29m59s IN CNAME
click.shopping.yahoo.akadns.net.
click.shopping.yahoo.akadns.net.  5M IN A  64.58.77.248


Could you humor me on something, and try a cycle of

1. query resolver for click.shopping.yahoo.com.
2. Stop resolver
3. repeat 1.

but do it with dig from 8.3.3? Also, you might want to replace your 9.2.0
stuff with 9.2.1... 9.2.0 had some icky bugs.

I played around with this for a while, and I noticed that when I restart
my server and do the query it takes "a while" for it to get the response
back. I think that this is because the akamai name servers are taking a
while to formulate the response, and thus something weird is happening in
your resolver which is preventing it from caching the answer
appropriately. In your first post you had this to start:

  ; <<>> DiG 9.2.0 <<>> @ops click.shopping.yahoo.com
  ;; global options:  printcmd
  ;; connection timed out; no servers could be reached

That worries me. However, when you queried your resolver for the cname,
you got a new answer in 23 msec. That tells me that the problem probably
isn't on the Yahoo! side.

HTH,

Doug

More information about the bind-users mailing list