Solaris 10 BIND 9.5.1b1-intermittent no response for root servers and nameservers

Prabhat Rana prana9533 at yahoo.com
Mon Jul 28 01:24:03 UTC 2008


Hello all,
We just upgraded our BIND from 9.4.1 to 9.5.1b1 in Solaris 10 environment. Early on we noticed the File Descriptor usage and raised that to 2048. So now the FD usage at peak time could be 900 taken mostly by the UDP sockets with about 1500 recursive clients
Everything looks good except for issue that quite frequently it is slow to get resolution from the internet. After looking further by running snoop on the interface we noticed that either the rootservers in some case and the querying nameservers don't respond to the query from our DNS so we can see that it keeps on sending retries switching the root or nameservers and eventually gets the requested IP. This results the resolution being really slow. So in the example below , running dig @localhost www.footprints.com, it took almost 3 secs to get response due to all the retries due to no response as seen in the snoop. 
ourdns.net -> 192.26.92.30 DNS C www.footprints.com. Internet Addr ?
ourdns.net -> 192.48.79.30 DNS C www.footprints.com. Internet Addr ?
ourdns.net -> 192.35.51.30 DNS C www.footprints.com. Internet Addr ?
ourdns.net -> 67.220.109.10 DNS C www.footprints.com. Internet Addr ?
ourdns.net -> 67.220.108.10 DNS C www.footprints.com. Internet Addr ?
ourdns.net -> 67.220.109.10 DNS C www.footprints.com. Internet Addr ?
ourdns.net -> 67.220.108.10 DNS C www.footprints.com. Internet Addr ?
67.220.108.10 -> ourdns.net DNS R www.footprints.com. Internet Addr 67.220.109.42


However on the same physical node we another Solaris non-global zone (not the DNS zone)
which is exactly the same BIND version and configuration. The only difference is that its idle with no recursive client requests. So when we perform the exact same queries the root and other nameservers respond to the very first query resulting in a much shorter resolutions time.

ourdns2.net -> 192.12.94.30 DNS C www.footprints.com. Internet Addr ?
ourdns2.net -> 67.220.109.10 DNS C www.footprints.com. Internet Addr ?
67.220.108.10 -> ns1.ftwotbr09.spcsdns.net DNS R www.footprints.com. Internet Addr 67.220.109.42

Any help would be greatly appreciated.

Regards
Prabhat Karki
TSE
Sprint Nextel.



      



More information about the bind-users mailing list