Why does Local DNS Fail when Internet is down?

Thu May 23 19:04:21 UTC 2002

Martin McCormick <martin at dc.cis.okstate.edu> wrote:
> 	We are running Bind9 but this question covers behavior
> that goes back as far as DNS, itself.  When our connection to the
> Internet (root name servers), becomes intermittent, all our
> domain name servers start to hang when doing local lookups.  I
> have seen Suns exhibit this behavior back as far as I have been
> involved with bind which is about ten years.  I have always heard
> that it has to do with open file descriptors, but it still
> happens today with Bind9 running on a FreeBSD platform.

> 	As soon as the network comes back to life, so do the
> dns's.  In the past, I have killed and restarted them only to
> have the hanging return within seconds which tells me it is
> something else.

> 	My questions are:

> 	What causes this behavior?

you might get a query where you don't have the answer. Turning on queryloggin 
will show you what queries arrives at your server.

You could, just as an example, use rfc1918 addresses on your network,
without having correct rev-zones for them. And server process that 
get's a connection involving any of these addresses will result in
an attempts to find the answer "on Internet".

> Can I configure anything differently at our site to allow the
> local world to continue to operate?
Yes. 
Setting up zones for everything your machines might use.

Or, in the extreme case, start up your own root-servers.

> 	Every time this happens, the rumblings start as to how to
> redesign things especially now that we are starting to use Novell
> Active Directory and people suddenly can't access their network
> drives, etc.

> 	Our master and slave dns's use the conventional
> configuration format of all the local zones and then the root
> zone last.

The order of zones in the config does not matter.

> 	Obviously, we want to preserve the robustness of dns
> in normal operation and not create new single-point failure
> modes.  Our present topology works perfectly when the network is
> up which is most of the time, but a couple of days of network
> hickups and the natives start to get restless.

> Martin McCormick Stillwater, OK
> OSU Center for Computing and Information services Network Operations Group

-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.