Why does Local DNS Fail when Internet is down?

Mike Black mblack at csihq.com
Fri May 24 11:00:23 UTC 2002 

Why can't we add an option to rndc that can notify the servers that remote resolution is not available?
Then, one can write whatever wrapper they want to monitor their connection and notify all their servers when it goes away.
Then named can say "just time out immediately on non-local requests".

The problem I've noticed is not so much  that the users can't get to remote sites but that everything takes "forever" to time out
(and they're click-happy of course).
As long as local hosts resolve quickly and remote hosts come back quickly they'll be MUCH happier.
Matter of fact, any reason why the DNS protocol couldn't return an intelligent error message along with this so that clients could
display something more than "host not found" -- maybe "remote host resolution temporarily unavailable"?

----- Original Message -----
From: "Martin McCormick" <martin at dc.cis.okstate.edu>
To: <comp-protocols-dns-bind at isc.org>
Sent: Thursday, May 23, 2002 2:06 PM
Subject: Why does Local DNS Fail when Internet is down?


> We are running Bind9 but this question covers behavior
> that goes back as far as DNS, itself.  When our connection to the
> Internet (root name servers), becomes intermittent, all our
> domain name servers start to hang when doing local lookups.  I
> have seen Suns exhibit this behavior back as far as I have been
> involved with bind which is about ten years.  I have always heard
> that it has to do with open file descriptors, but it still
> happens today with Bind9 running on a FreeBSD platform.
>
> As soon as the network comes back to life, so do the
> dns's.  In the past, I have killed and restarted them only to
> have the hanging return within seconds which tells me it is
> something else.
>
> My questions are:
>
> What causes this behavior?
> Can I configure anything differently at our site to allow the
> local world to continue to operate?
>
> Every time this happens, the rumblings start as to how to
> redesign things especially now that we are starting to use Novell
> Active Directory and people suddenly can't access their network
> drives, etc.
>
> Our master and slave dns's use the conventional
> configuration format of all the local zones and then the root
> zone last.
>
> Obviously, we want to preserve the robustness of dns
> in normal operation and not create new single-point failure
> modes.  Our present topology works perfectly when the network is
> up which is most of the time, but a couple of days of network
> hickups and the natives start to get restless.
>
> Martin McCormick Stillwater, OK
> OSU Center for Computing and Information services Network Operations Group
>

More information about the bind-users mailing list