Queries fail first time round

Kevin Darcy kcd at daimlerchrysler.com
Fri Jul 25 23:36:32 UTC 2003


Simon Hobson wrote:

> I have a longstanding issue with our BIND setup. If a domain has not
> been queried for some time, a query for a host in it often fails the
> first time, but then repeating the request results in a successful
> lookup. The lookup failures happen with a wide range of domains, so
> I'm pretty certain it's going to be something internal.
>
> I have two internal servers :
> 1 - BIND 9.2.1 on RedHat 6.2
> 2 - BIND 8.2.2-P7 on SCO OpenServer 5.0.6a
>
> 1 is the master for all my internal zones, 2 is the secondary. Both
> are configured to go out to the root servers for everything else.
>
> Nothing is ever logged by either server when a lookup fails. I don't
> know whether to blame my DNS servers or my clients - I have a
> suspicion that it might be my clients (I've personally only noticed
> this effect with Mac clients, but then I avoid windoze as much as I
> can) being too demanding and refusing to wait for an answer. Our
> connection is with Demon Internet at 64k over ISDN (which is up
> almost all the time these days).
>
> Does anyone have any clues how to track this one down ?

Well, BIND 8 doesn't have "query restart", so in certain circumstances
it will get only part way towards an answer and then rely on the client
retrying its query in order to finish resolution of the name. BIND 9
doesn't have this problem, though, so it doesn't really explain the
symptoms you're seeing.

I haven't worked much with ISDN -- is there any possibility that
sometimes your ISDN connection goes "idle" and then needs to "wake
up" when it gets a DNS query, thus introducing an excessive amount of
latency from time to time? My experience has been that DNS tends to be
like the canary in the coal mine -- it's often the first thing to fail
whenever you have any kind of latency or packet-loss problems.

When all speculation fails, of course, it's probably time to roll up
your sleeves, fire up the old sniffer (which could be a piece of fancy
standalone hardware, or just something like "tcpdump") and look what's
happening at the packet level.


- Kevin




More information about the bind-users mailing list