timeout retrying without EDNS master
Emil Natan
shlyoko at gmail.com
Tue Oct 28 19:48:58 UTC 2008
On Tue, Oct 28, 2008 at 3:50 AM, Kevin Darcy <kcd at chrysler.com> wrote:
> Emil Natan wrote:
> > Hi list,
> > Follows part of the named log that I do not fully understand so any help
> > will be well appreciated:
> >
> > Oct 21 15:52:58 nstest1 named[15684]: general: debug 1: zone_timer: zone
> > superfly.org/IN: enter
> > Oct 21 15:52:58 nstest1 named[15684]: general: debug 1: zone_maintenance:
> > zone superfly.org/IN: enter
> > Oct 21 15:52:58 nstest1 named[15684]: general: debug 1: queue_soa_query:
> > zone superfly.org/IN: enter
> > Oct 21 15:52:58 nstest1 named[15684]: general: debug 1: soa_query: zone
> > superfly.org/IN: enter
> > Oct 21 15:53:43 nstest1 named[15684]: general: debug 1: refresh_callback:
> > zone superfly.org/IN: enter
> > Oct 21 15:53:43 nstest1 named[15684]: general: debug 1: zone
> superfly.org/IN:
> > refresh: timeout retrying without EDNS master 192.168.0.53#53 (source
> > 0.0.0.0#0)
> > Oct 21 15:53:43 nstest1 named[15684]: general: debug 1: queue_soa_query:
> > zone superfly.org/IN: enter
> > Oct 21 15:53:43 nstest1 named[15684]: general: debug 1: soa_query: zone
> > superfly.org/IN: enter
> > Oct 21 15:54:28 nstest1 named[15684]: general: debug 1: refresh_callback:
> > zone superfly.org/IN: enter
> > Oct 21 15:54:28 nstest1 named[15684]: general: info: zone
> superfly.org/IN:
> > refresh: retry limit for master 192.168.0.53#53 exceeded (source
> 0.0.0.0#0)
> > Oct 21 15:54:28 nstest1 named[15684]: general: debug 1: queue_xfrin: zone
> > superfly.org/IN: enter
> > Oct 21 15:54:28 nstest1 named[15684]: general: info: zone
> superfly.org/IN:
> > Transfer started.
> > Oct 21 15:54:28 nstest1 named[15684]: general: debug 1: zone
> superfly.org/IN:
> > requesting IXFR from 192.168.0.53#53
> > Oct 21 15:54:28 nstest1 named[15684]: xfer-in: info: transfer of '
> > superfly.org/IN' from 192.168.0.53#53: connected using 192.168.0.1#32903
> > Oct 21 15:54:28 nstest1 named[15684]: general: debug 1: zone
> superfly.org/IN:
> > zone transfer finished: up to date
> > Oct 21 15:54:28 nstest1 named[15684]: xfer-in: info: transfer of '
> > superfly.org/IN' from 192.168.0.53#53: end of transfer
> >
> > The log is from slave name server and as you can see the zone transfer
> > finished successfully. What I do not understand is what "timeout retrying
> > without EDNS master" means
> There are some missing commas there, IMO. Should be "timeout, retrying
> without EDNS, master XXXX". Clearer now? Some firewalls just drop EDNS
> packets because they (the firewalls) have an ancient notion of what a
> "properly-constructed" DNS packet is. Therefore BIND will try/retry a
> certain number of times with EDNS, then give up on that and fail over to
> just plain DNS. You can deconfigure the EDNS attempts with
>
> server x.x.x.x {
> edns no;
> };
>
> > and later "retry limit for master 192.168.0.53#53exceeded".
> That means it gave up on trying to contact the master, after an
> appropriate number of retries.
>
> Check basic connectivity between the two boxes. Seems like it might be
> rather intermittent. Run a packet trace/sniffer if necessary.
>
>
> - Kevin
>
>
>
Thanks for your answer Kevin. Today I found the problem (two different
connectivity problems actually). You are right about the EDNS behaviour,
there are 3 attempts to use EDNS and 3 attempts without using EDNS. I found
it a bit strange after 6 unsuccessful queries for the zone SOA to try IXFR
or AXFR for the zone's data. It was successful in this case and that's what
confused me.
ena
More information about the bind-users
mailing list