No such Name, and 5second dns delay.
Tory M Blue
tmblue at gmail.com
Sun Feb 28 21:57:02 UTC 2010
On Sun, Feb 28, 2010 at 8:36 AM, Barry Margolin <barmar at alum.mit.edu> wrote:
> In article <mailman.666.1267335206.21153.bind-users at lists.isc.org>,
> Tory M Blue <tmblue at gmail.com> wrote:
>
>> I've running into some issues and trying to diagnose, so maybe folks
>> on here can help me with steps to troubleshoot.
>>
>> Bind 9.6.1-P1
>> Fedora Core
>>
>> What I am experiencing and led to my investigation is a random 5
>> second delay in name resolution. Now I know that nslookup/dig resolver
>> has a default 5 second retry, if it doesn't get an answer it will try
>> the second server listed in the resolv.conf.. So I sort of could
>> explain the 5 second delay, didn't understand why it was happening,
>> but felt I was getting closer.
>>
>> So then I started running some network traces (which takes some time,
>> as the 5 second delay is very random}, however being patient and
>> running enough "time dig host +trace" revealed a few 5 second delays,
>> for the most part they are all low ms (as I expect), but a couple were
>> 5 second.
>>
>> The delay occurs in the upper part of dig. (although interesting
>> enough not one section shows more than say 175ms, ever).
>>
>> [tblue at w05 ~]$ time dig apps.domain.com +trace +stats
>>
>> ; <<>> DiG 9.3.2 <<>> apps.domain.com +trace +stats
>> ;; global options: printcmd
>> . 317993 IN NS C.ROOT-SERVERS.NET.
>> . 317993 IN NS J.ROOT-SERVERS.NET.
>> . 317993 IN NS B.ROOT-SERVERS.NET.
>> . 317993 IN NS L.ROOT-SERVERS.NET.
>> . 317993 IN NS D.ROOT-SERVERS.NET.
>> . 317993 IN NS I.ROOT-SERVERS.NET.
>> . 317993 IN NS F.ROOT-SERVERS.NET.
>> . 317993 IN NS G.ROOT-SERVERS.NET.
>> . 317993 IN NS M.ROOT-SERVERS.NET.
>> . 317993 IN NS K.ROOT-SERVERS.NET.
>> . 317993 IN NS A.ROOT-SERVERS.NET.
>> . 317993 IN NS H.ROOT-SERVERS.NET.
>> . 317993 IN NS E.ROOT-SERVERS.NET.
>>
>> <<<<PAUSES HERE>>>>>
>
> I think it's trying to do a reverse lookup of 216.249.24.15 to display
> the server name in the message below. This isn't part of the actual
> resolution of apps.domain.com, just part of +stats. So it may not be
> related to your original problem.
>
>> ;; Query time: 1 msec
>> ;; SERVER: 0.0.0.15#53(216.249.24.15)
>> ;; WHEN: Sat Feb 27 21:25:21 2010
>> ;; MSG SIZE rcvd: 500
>>
>> net. 172800 IN NS H.GTLD-SERVERS.net.
>> net. 172800 IN NS M.GTLD-SERVERS.net.
>> net. 172800 IN NS I.GTLD-SERVERS.net.
>> net. 172800 IN NS F.GTLD-SERVERS.net.
>> net. 172800 IN NS K.GTLD-SERVERS.net.
>> net. 172800 IN NS L.GTLD-SERVERS.net.
>> net. 172800 IN NS E.GTLD-SERVERS.net.
>> net. 172800 IN NS J.GTLD-SERVERS.net.
>> net. 172800 IN NS D.GTLD-SERVERS.net.
>> net. 172800 IN NS G.GTLD-SERVERS.net.
>> net. 172800 IN NS B.GTLD-SERVERS.net.
>> net. 172800 IN NS A.GTLD-SERVERS.net.
>> net. 172800 IN NS C.GTLD-SERVERS.net.
>> ;; Query time: 14 msec
>> ;; SERVER: 192.33.4.12#53(C.ROOT-SERVERS.NET)
>> ;; WHEN: Sat Feb 27 21:25:21 2010
>> ;; MSG SIZE rcvd: 505
>>
>> domain.com. 172800 IN NS ns1.domain.com.
>> domain.com. 172800 IN NS ns2.domain.com.
>> ;; Query time: 54 msec
>> ;; SERVER: 192.55.83.30#53(M.GTLD-SERVERS.net)
>> ;; WHEN: Sat Feb 27 21:25:26 2010
>> ;; MSG SIZE rcvd: 104
>>
>> apps.domain.com. 300 IN A 216.249.24.50
>> domain.com. 86400 IN NS ns2.domain.com.
>> domain.com. 86400 IN NS ns1.domain.com.
>> ;; Query time: 0 msec
>> ;; SERVER: 0.0.0.15#53(ns1.domain.com)
>> ;; WHEN: Sat Feb 27 21:25:26 2010
>> ;; MSG SIZE rcvd: 120
>>
>>
>> real 0m5.090s
>> user 0m0.004s
>> sys 0m0.004s
>>
>> So since I finally caught one of these in the wild, I could look at
>> the network trace. I was caught off guard when I saw "No such Name"
>> "Flags: 0x8483 (Standard query response, No such name)"
>
> It would help if you told us WHICH query elicited this response.
Thanks for the info.
the query was a standard A record, it came with the same command ;
time dig apps.domain.com +trace.
the 5 second delay is just really odd and trying to run it down. Is
there more debug type logs I could turn on that would yield more
information?
Thanks
Tory
More information about the bind-users
mailing list