change in reverse dns lookup behavior

Barry Margolin barmar at alum.mit.edu
Fri May 13 00:57:07 UTC 2005


In article <d60mib$114j$1 at sf1.isc.org>,
 Ole Michaelsen <omic+usenet4 at fys.ku.dk> wrote:

> Kevin Darcy wrote:
> >  cool burn wrote:
> >  
> > >Hello,
> > >
> > >We have an internal network of the form 10.x.x.x
> > >
> > >We have two DNS servers (bind 9.2.1) that are
> > >multi-homed, but are used by the internal network at
> > >10.0.0.10 and 10.0.0.11
> > >
> > >All of the internal servers have resolv.conf setup as:
> > >nameserver 10.0.0.10
> > >nameserver 10.0.0.11
> > >
> > >This has worked perfectly for 8 months.
> > >
> > >Today, we suddenly started getting timeouts in our
> > >application server connecting to our db server.  Then,
> > >I saw I was also getting very slow times to connect
> > >using SSH.  I knew right away this was DNS related.
> 
> We had the exact same problem. Also noticed with SSH first. With
> 10.17.34 which we dont have a zonefile for. Since 16:00 (CEST) we have
> had timeouts whenever trying to lookup stuff in that range - we never
> had this before. This also affected the ability to lookup some 192.168
> addresses - it partly worked, partly didn't work.
> 
> But now, since 00:15 CEST approx suddenly the timeouts have disappeared
> and everything seem to work again!
> 
> A global glitch in the matrix?

The servers that the public delegations for 10.in-addr.arpa point to may 
have gone down or been overloaded.  I've seen this happen a number of 
times over the years.  When I was at an ISP, I arranged for our caching 
servers to be authoritative for all the RFC 1918 reverse zones, so that 
we wouldn't be dependent on these remote servers.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***



More information about the bind-users mailing list