Bind - strange lookup failure

Christophe dumonet Christophe.Dumonet at ifma.fr
Wed Oct 18 15:29:12 UTC 2006


Hello From France,

Due to hardware issues, I had to reinstall my BIND which works fine before.
I had reinstalled in first a bind 9-2-4, and following the problem which 
I will describe, I had upgraded in bind 9.3.2P1, the problem is always 
present

Now I have got a critical issue with Bind now :

The first request is always very long or (sometimes fails), the others 
are ok. ( and lookup failure don't concern all domains, for example the 
host smtp.wanadoo.fr causes one)
The first query time for a host or a domain is never under 1200 to 1500 
ms, which causes failures clients lookup (and "hosts not found" with" 
mailer-daemon" with my mail system )


--> I have checked my Bind config with www.dnsreports.com and all seems 
to be good, idem for zonecheck.fr

In attachement, you cand find :
 - a dig.smtp.wanadoo.fr example
- my named.conf
- named.conf.options
- named.conf.local

Thanks to help me for solving this problem.

Thank for your help, From France!

Christophe Dumonet.

#######################################################################
pcdmz01:/home/dumonet# dig smtp.wanadoo.fr

; <<>> DiG 9.2.4 <<>> smtp.wanadoo.fr
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8589
;; flags: qr rd ra; QUERY: 1, ANSWER: 21, AUTHORITY: 4, ADDITIONAL: 0

;; QUESTION SECTION:
;smtp.wanadoo.fr.               IN      A

;; ANSWER SECTION:
smtp.wanadoo.fr.        243     IN      A       193.252.22.89
smtp.wanadoo.fr.        243     IN      A       193.252.22.92
smtp.wanadoo.fr.        243     IN      A       193.252.22.107
smtp.wanadoo.fr.        243     IN      A       193.252.22.116
smtp.wanadoo.fr.        243     IN      A       193.252.22.123
smtp.wanadoo.fr.        243     IN      A       193.252.23.67
smtp.wanadoo.fr.        243     IN      A       193.252.23.107
smtp.wanadoo.fr.        243     IN      A       193.252.23.110
smtp.wanadoo.fr.        243     IN      A       80.12.242.3
smtp.wanadoo.fr.        243     IN      A       80.12.242.6
smtp.wanadoo.fr.        243     IN      A       80.12.242.9
smtp.wanadoo.fr.        243     IN      A       80.12.242.12
smtp.wanadoo.fr.        243     IN      A       80.12.242.15
smtp.wanadoo.fr.        243     IN      A       193.252.22.56
smtp.wanadoo.fr.        243     IN      A       193.252.22.65
smtp.wanadoo.fr.        243     IN      A       193.252.22.78
smtp.wanadoo.fr.        243     IN      A       193.252.22.79
smtp.wanadoo.fr.        243     IN      A       193.252.22.80
smtp.wanadoo.fr.        243     IN      A       193.252.22.81
smtp.wanadoo.fr.        243     IN      A       193.252.22.82
smtp.wanadoo.fr.        243     IN      A       193.252.22.83

;; AUTHORITY SECTION:
wanadoo.fr.             243     IN      NS      ns2.wanadoo.fr.
wanadoo.fr.             243     IN      NS      ns10.wanadoo.fr.
wanadoo.fr.             243     IN      NS      ns11.wanadoo.fr.
wanadoo.fr.             243     IN      NS      ns.wanadoo.fr.

;; Query time: 1249 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Oct 16 10:12:39 2006
;; MSG SIZE  rcvd: 442
##############################################################



named.conf
################################################################
include "/etc/bind/named.conf.options";

// prime the server with knowledge of the root servers
zone "." {
        type hint;
        file "/etc/bind/named.ca";
};

zone "localhost" {
        type master;
        file "/etc/bind/db.local";
};

zone "127.in-addr.arpa" {
        type master;
        file "/etc/bind/db.127";
};

zone "0.in-addr.arpa" {
        type master;
        file "/etc/bind/db.0";
};

zone "255.in-addr.arpa" {
        type master;
        file "/etc/bind/db.255";
};

// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };

include "/etc/bind/named.conf.local";

############fin de named.conf########################################

named.conf.options
##################################################################
options {
        directory "/etc/bind";

        //recursion no;

        // If there is a firewall between you and nameservers you want
        // to talk to, you might need to uncomment the query-source
        // directive below.  Previous versions of BIND always asked
        // questions using port 53, but BIND 8.1 and later use an 
unprivileged
        // port by default.

        query-source address * port 53;

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        //      0.0.0.0;
        // };

        allow-recursion {
                my-internal-and external-network
        };

        auth-nxdomain no;    # conform to RFC1035
        //listen-on-v6 { any; };

        tcp-clients 500;
        recursive-clients 5000;

};
#####################################################################

named.conf.local
######################################################################
zone "ifma.fr" {
        type master;
        file "/etc/bind/ifma.fr";
};

zone "231.54.193.in-addr.arpa" {
        type master;
        file "/etc/bind/231.54.193";
};
######################################################################




More information about the bind-users mailing list