named daemon hangs

[Barry Margolin]

In article <gthni2$26n1$1 at sf1.isc.org>,
 Nelson Vale <nelsonduvall at gmail.com> wrote:

> I've been facing a problem in my private network which I was not able to fix
> yet.
> 
> In my gateway (linux debian alike) I have bind 9.5 installed and running,
> and I have one IPSec tunnel to another gateway over the internet. It also
> has configured a forward zone with the name server being the other gateway
> internal address (accessibly through the IPSec tunnel only).
> 
> Recently the other IPSec endpoint was shutdown and, of course, my queries to
> the forward domain started failling. Nothing strange here...
> 
> The real problem is that I suddendly were not able to resolve any other DNS
> queries, like www.google.com, from inside my network:
> 
> "host www.google.com
> ;; connection timed out; no servers could be reached"
> 
> I took a look at the named daemon and I see that it does not respond to
> anything as long as the IPSec tunnel is down, but only if it's the other
> endpoint that is down. I've tried stopping my endpoint and this problem do
> not occur as long as I restart named. I think this happens because as long
> as my endpoint is up the routes to the other endpoint are set, and named
> trys to querie the forward domain name server. The problem is that the
> queries do not timeout and named hangs there:

I recall a thread about a similar problem a year or two ago, I suggest 
you search the comp.protocols.dns.bind archives in Google Groups.

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***