Timeout issues - Suggestions / Solutions?

David Hekimian davidh at aqueduct.com
Fri May 24 01:54:48 UTC 2002


	I suspect that you have a firewall / nat that is not EDNS0
	aware between you and the internet and it is swallowing /
	corrupting the EDNS queries / responses.

	You can request a EDNS query by specifying +dn.

	Mark

Mark,

I ran the following:

Sample 1: 
Bind 8.3.1 dig -t mx +debug +time=20 lycos.com (Flushed Cache)
Time:  19619 msec		Rcvd: 531

Sample 2: 
Bind 8.3.1 dig -t mx +debug +time=20 lycos.com
Time:  11 msec		Rcvd: 499

Sample 3: 
Bind 8.3.1 dig -t mx +dn +debug +time=20 lycos.com (Flushed Cache)
Time:  19786 msec		Rcvd: 567

Sample 4:
Bind 8.3.1 dig -t mx +dn +debug +time=20 lycos.com
Time:  13 msec		Rcvd: 622

Sample 5:
Bind 9.2.0 dig -t mx +dn +debug +time=20 lycos.com (Flushed Cache)
Time:  6808 msec		Rcvd: 462

Both boxes sit on the same network, using the same firewall (Cisco Pix). No
static mappings or conduits.

What else can I do to troubleshoot?

- David




##########
#Sample 1#
##########

; <<>> DiG 8.3 <<>> -t +debug +time=20 lycos.com 
;; res_nmkquery(QUERY, lycos.com, IN, MX)
;; res options: init debug recurs defnam dnsrch
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54316
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; Querying server (# 1) address = 127.0.0.1
;; new DG socket
;; truncated answer
;; Querying server (# 1) address = 127.0.0.1
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54316
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 20
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; ANSWER SECTION:
lycos.com.              1H IN MX        10 mx1.mail.lycos.com.
lycos.com.              1H IN MX        10 mx2.mail.lycos.com.
lycos.com.              1H IN MX        10 mx3.mail.lycos.com.
lycos.com.              1H IN MX        10 mx4.mail.lycos.com.

;; AUTHORITY SECTION:
lycos.com.              1H IN NS        ns1.hotwired.com.
lycos.com.              1H IN NS        ns2.hotwired.com.
lycos.com.              1H IN NS        ns3.hotwired.com.
lycos.com.              1H IN NS        ns4.hotwired.com.
lycos.com.              1H IN NS        ns5.hotwired.com.

;; ADDITIONAL SECTION:
mx2.mail.lycos.com.     1H IN A         209.185.123.148
mx2.mail.lycos.com.     1H IN A         209.185.123.130
mx2.mail.lycos.com.     1H IN A         209.185.123.152
mx2.mail.lycos.com.     1H IN A         209.185.123.147
mx3.mail.lycos.com.     1H IN A         209.185.123.124
mx3.mail.lycos.com.     1H IN A         209.185.123.199
mx3.mail.lycos.com.     1H IN A         209.185.123.127
mx3.mail.lycos.com.     1H IN A         209.185.123.128
mx4.mail.lycos.com.     1H IN A         209.185.123.129
mx4.mail.lycos.com.     1H IN A         209.185.123.151
mx4.mail.lycos.com.     1H IN A         209.185.123.149
mx4.mail.lycos.com.     1H IN A         209.185.123.126
mx4.mail.lycos.com.     1H IN A         209.185.123.198
mx4.mail.lycos.com.     1H IN A         209.185.123.123
mx4.mail.lycos.com.     1H IN A         209.185.123.197
ns1.hotwired.com.       1d23h59m40s IN A  209.202.224.253
ns2.hotwired.com.       1d23h59m40s IN A  209.202.220.8
ns3.hotwired.com.       1d23h59m40s IN A  209.202.228.10
ns4.hotwired.com.       1d23h59m40s IN A  209.202.221.55
ns5.hotwired.com.       1d23h59m40s IN A  209.202.193.252

;; Total query time: 19619 msec
;; FROM: CorpDNS to SERVER: default -- 127.0.0.1
;; WHEN: Thu May 23 18:10:00 2002
;; MSG SIZE  sent: 27  rcvd: 531

##########
#Sample 2#
##########

; <<>> DiG 8.3 <<>> -t +debug +time=20 lycos.com 
;; res_nmkquery(QUERY, lycos.com, IN, MX)
;; res options: init debug recurs defnam dnsrch
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47995
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; Querying server (# 1) address = 127.0.0.1
;; new DG socket
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47995
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 18
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; ANSWER SECTION:
lycos.com.              59m10s IN MX    10 mx1.mail.lycos.com.
lycos.com.              59m10s IN MX    10 mx2.mail.lycos.com.
lycos.com.              59m10s IN MX    10 mx3.mail.lycos.com.
lycos.com.              59m10s IN MX    10 mx4.mail.lycos.com.

;; AUTHORITY SECTION:
lycos.com.              59m10s IN NS    ns1.hotwired.com.
lycos.com.              59m10s IN NS    ns2.hotwired.com.
lycos.com.              59m10s IN NS    ns3.hotwired.com.
lycos.com.              59m10s IN NS    ns4.hotwired.com.
lycos.com.              59m10s IN NS    ns5.hotwired.com.

;; ADDITIONAL SECTION:
mx1.mail.lycos.com.     59m10s IN A     209.185.123.125
mx1.mail.lycos.com.     59m10s IN A     209.185.123.132
mx1.mail.lycos.com.     59m10s IN A     209.185.123.131
mx1.mail.lycos.com.     59m10s IN A     209.185.123.196
mx1.mail.lycos.com.     59m10s IN A     209.185.123.153
mx2.mail.lycos.com.     59m10s IN A     209.185.123.148
mx2.mail.lycos.com.     59m10s IN A     209.185.123.130
mx2.mail.lycos.com.     59m10s IN A     209.185.123.152
mx2.mail.lycos.com.     59m10s IN A     209.185.123.147
mx3.mail.lycos.com.     59m10s IN A     209.185.123.124
mx3.mail.lycos.com.     59m10s IN A     209.185.123.199
mx3.mail.lycos.com.     59m10s IN A     209.185.123.127
mx3.mail.lycos.com.     59m10s IN A     209.185.123.128
ns1.hotwired.com.       1d23h58m50s IN A  209.202.224.253
ns2.hotwired.com.       1d23h58m50s IN A  209.202.220.8
ns3.hotwired.com.       1d23h58m50s IN A  209.202.228.10
ns4.hotwired.com.       1d23h58m50s IN A  209.202.221.55
ns5.hotwired.com.       1d23h58m50s IN A  209.202.193.252

;; Total query time: 11 msec
;; FROM: CorpDNS to SERVER: default -- 127.0.0.1
;; WHEN: Thu May 23 18:10:50 2002
;; MSG SIZE  sent: 27  rcvd: 499

##########
#Sample 3#
##########

; <<>> DiG 8.3 <<>> -t +dn +debug +time=20 lycos.com 
;; res_nmkquery(QUERY, lycos.com, IN, MX)
;; res_nopt()
;; res_opt()... ENDS0 DNSSEC
;; res options: init debug recurs defnam dnsrch dnssec
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11010
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; ADDITIONAL SECTION:
; EDNS: version: 0, udp=4096, flags=8000

;; Querying server (# 1) address = 127.0.0.1
;; new DG socket
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11010
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 22
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; ANSWER SECTION:
lycos.com.              1H IN MX        10 mx1.mail.lycos.com.
lycos.com.              1H IN MX        10 mx2.mail.lycos.com.
lycos.com.              1H IN MX        10 mx3.mail.lycos.com.
lycos.com.              1H IN MX        10 mx4.mail.lycos.com.

;; AUTHORITY SECTION:
lycos.com.              1H IN NS        ns1.hotwired.com.
lycos.com.              1H IN NS        ns2.hotwired.com.
lycos.com.              1H IN NS        ns3.hotwired.com.
lycos.com.              1H IN NS        ns4.hotwired.com.
lycos.com.              1H IN NS        ns5.hotwired.com.

;; ADDITIONAL SECTION:
mx1.mail.lycos.com.     1H IN A         209.185.123.196
mx1.mail.lycos.com.     1H IN A         209.185.123.153
mx1.mail.lycos.com.     1H IN A         209.185.123.125
mx1.mail.lycos.com.     1H IN A         209.185.123.132
mx1.mail.lycos.com.     1H IN A         209.185.123.131
mx2.mail.lycos.com.     1H IN A         209.185.123.148
mx2.mail.lycos.com.     1H IN A         209.185.123.130
mx2.mail.lycos.com.     1H IN A         209.185.123.152
mx2.mail.lycos.com.     1H IN A         209.185.123.147
mx4.mail.lycos.com.     1H IN A         209.185.123.129
mx4.mail.lycos.com.     1H IN A         209.185.123.151
mx4.mail.lycos.com.     1H IN A         209.185.123.149
mx4.mail.lycos.com.     1H IN A         209.185.123.126
mx4.mail.lycos.com.     1H IN A         209.185.123.198
mx4.mail.lycos.com.     1H IN A         209.185.123.123
mx4.mail.lycos.com.     1H IN A         209.185.123.197
ns1.hotwired.com.       1d23h59m40s IN A  209.202.224.253
ns2.hotwired.com.       1d23h59m40s IN A  209.202.220.8
ns3.hotwired.com.       1d23h59m40s IN A  209.202.228.10
ns4.hotwired.com.       1d23h59m40s IN A  209.202.221.55
ns5.hotwired.com.       1d23h59m40s IN A  209.202.193.252
; EDNS: version: 0, udp=4096, flags=0000

;; Total query time: 19786 msec
;; FROM: CorpDNS to SERVER: default -- 127.0.0.1
;; WHEN: Thu May 23 18:16:12 2002
;; MSG SIZE  sent: 38  rcvd: 567


##########
#Sample 4#
##########


; <<>> DiG 8.3 <<>> -t +dn +debug +time=20 lycos.com 
;; res_nmkquery(QUERY, lycos.com, IN, MX)
;; res_nopt()
;; res_opt()... ENDS0 DNSSEC
;; res options: init debug recurs defnam dnsrch dnssec
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56889
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; ADDITIONAL SECTION:
; EDNS: version: 0, udp=4096, flags=8000

;; Querying server (# 1) address = 127.0.0.1
;; new DG socket
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56889
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 26
;; QUERY SECTION:
;;      lycos.com, type = MX, class = IN

;; ANSWER SECTION:
lycos.com.              52m25s IN MX    10 mx4.mail.lycos.com.
lycos.com.              52m25s IN MX    10 mx1.mail.lycos.com.
lycos.com.              52m25s IN MX    10 mx2.mail.lycos.com.
lycos.com.              52m25s IN MX    10 mx3.mail.lycos.com.

;; AUTHORITY SECTION:
lycos.com.              52m25s IN NS    ns1.hotwired.com.
lycos.com.              52m25s IN NS    ns2.hotwired.com.
lycos.com.              52m25s IN NS    ns3.hotwired.com.
lycos.com.              52m25s IN NS    ns4.hotwired.com.
lycos.com.              52m25s IN NS    ns5.hotwired.com.

;; ADDITIONAL SECTION:
mx4.mail.lycos.com.     52m25s IN A     209.185.123.129
mx4.mail.lycos.com.     52m25s IN A     209.185.123.151
mx4.mail.lycos.com.     52m25s IN A     209.185.123.149
mx4.mail.lycos.com.     52m25s IN A     209.185.123.126
mx4.mail.lycos.com.     52m25s IN A     209.185.123.198
mx4.mail.lycos.com.     52m25s IN A     209.185.123.123
mx4.mail.lycos.com.     52m25s IN A     209.185.123.197
mx1.mail.lycos.com.     52m25s IN A     209.185.123.131
mx1.mail.lycos.com.     52m25s IN A     209.185.123.196
mx1.mail.lycos.com.     52m25s IN A     209.185.123.153
mx1.mail.lycos.com.     52m25s IN A     209.185.123.125
mx1.mail.lycos.com.     52m25s IN A     209.185.123.132
mx2.mail.lycos.com.     52m25s IN A     209.185.123.148
mx2.mail.lycos.com.     52m25s IN A     209.185.123.130
mx2.mail.lycos.com.     52m25s IN A     209.185.123.152
mx2.mail.lycos.com.     52m25s IN A     209.185.123.147
mx3.mail.lycos.com.     52m25s IN A     209.185.123.124
mx3.mail.lycos.com.     52m25s IN A     209.185.123.199
mx3.mail.lycos.com.     52m25s IN A     209.185.123.127
mx3.mail.lycos.com.     52m25s IN A     209.185.123.128
ns1.hotwired.com.       1d23h52m5s IN A  209.202.224.253
ns2.hotwired.com.       1d23h52m5s IN A  209.202.220.8
ns3.hotwired.com.       1d23h52m5s IN A  209.202.228.10
ns4.hotwired.com.       1d23h52m5s IN A  209.202.221.55
ns5.hotwired.com.       1d23h52m5s IN A  209.202.193.252
; EDNS: version: 0, udp=4096, flags=0000

;; Total query time: 13 msec
;; FROM: CorpDNS to SERVER: default -- 127.0.0.1
;; WHEN: Thu May 23 18:06:58 2002
;; MSG SIZE  sent: 38  rcvd: 622


##########
#Sample 5#
##########

; <<>> DiG 9.2.0 <<>> -t mx +dn +debug +time=20 lycos.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63614
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 16

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;lycos.com.                     IN      MX

;; ANSWER SECTION:
lycos.com.              3600    IN      MX      10 mx2.mail.lycos.com.
lycos.com.              3600    IN      MX      10 mx3.mail.lycos.com.
lycos.com.              3600    IN      MX      10 mx4.mail.lycos.com.
lycos.com.              3600    IN      MX      10 mx1.mail.lycos.com.

;; AUTHORITY SECTION:
lycos.com.              3600    IN      NS      ns5.hotwired.com.
lycos.com.              3600    IN      NS      ns1.hotwired.com.
lycos.com.              3600    IN      NS      ns2.hotwired.com.
lycos.com.              3600    IN      NS      ns3.hotwired.com.
lycos.com.              3600    IN      NS      ns4.hotwired.com.

;; ADDITIONAL SECTION:
mx2.mail.lycos.com.     3600    IN      A       209.185.123.152
mx2.mail.lycos.com.     3600    IN      A       209.185.123.130
mx2.mail.lycos.com.     3600    IN      A       209.185.123.147
mx2.mail.lycos.com.     3600    IN      A       209.185.123.148
mx3.mail.lycos.com.     3600    IN      A       209.185.123.128
mx3.mail.lycos.com.     3600    IN      A       209.185.123.199
mx3.mail.lycos.com.     3600    IN      A       209.185.123.124
mx3.mail.lycos.com.     3600    IN      A       209.185.123.127
mx4.mail.lycos.com.     3600    IN      A       209.185.123.123
mx4.mail.lycos.com.     3600    IN      A       209.185.123.126
mx4.mail.lycos.com.     3600    IN      A       209.185.123.129
mx4.mail.lycos.com.     3600    IN      A       209.185.123.149
mx4.mail.lycos.com.     3600    IN      A       209.185.123.151
mx4.mail.lycos.com.     3600    IN      A       209.185.123.197
mx4.mail.lycos.com.     3600    IN      A       209.185.123.198

;; Query time: 6808 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu May 23 19:24:24 2002
;; MSG SIZE  rcvd: 462


More information about the bind-users mailing list