peculiar lookup timeouts
Adam Young
adamy at mountaincable.on.ca
Thu Sep 14 12:55:35 UTC 2006
>
> godaddy.com's delegation looks good as does secureserver.net's
> delegation. I would be looking for problem with managing the
> state tables in the firewall.
>
> You should be able to see the problem by looking at packet
> traces. You should see packets going out to the servers
> but not coming back. When you restart named you get a new
> source port and you then see the reply traffic.
>
> In my experience, it is either a problem with the delegation
> or problems with middle boxes that stop lookups working
> 99.9% of the time. You use external delegation checkers for
> the first and packet tracers for the second.
>
Hey Mark,
The systems here have nothing in front of them, as far as
firewalls/filtering is concerned.
I'm still a bit confused as to why a SERVFAIL is returned, unless as you've
mentioned, delegation is the problem. In that case, I don't know how to go
about fixing it, since our nameservers are doing recursion for these clients
and should be asking the appropriate sources anyways.
Thanks,
-
Adam Young
Systems Support Technologist
Mountain Cablevision Ltd.
(905)667-7436
More information about the bind-users
mailing list