BIND 9.7 behavior - lack of response causes
Mark Andrews
marka at isc.org
Tue Apr 5 01:02:35 UTC 2011
What do you have lame-ttl set to?
In message <361220.19486.qm at web121407.mail.ne1.yahoo.com>, Fr34k writes:
> Hello,
>
> Given: BIND 9.7.2-P2 on Solaris 10.
>
> For about an hour, I had a network event where a caching DNS server could not
>
> get recursive queries back from authoritative DNS servers on the Internet.
>
> Obviously, this is a problem.
>
> Moreover, the authority for our most popular hostnames have set very low TTLs
>
> (less than a minute), so nothing in cache for the server to call upon during
> this hour long event.
>
> Yuck.
>
> A snoop of port 53 traffic at the time shows client PCs requested hostname
> resolution -- as they would normally do.
>
> Now, for the interesting part.
>
> >From the same snoop of traffic, the caching DNS server did not send ANY resp
> onse
> back to these PC clients for these low TTL popular hostnames.
>
> Keep in mind that I did snoop until *after* the event started.
>
> So, it may be the case that some BIND mechanism was behaving appropriate for
> queries which it could not act upon. I can appreciate that BIND makes decisi
> ons
> with network performance in mind.
>
> In my attempts to understand negative caching, Sections 7.1 and 7.2 of RFC 23
> 08
> list Server Failure and Dead / Unreachable Server as "(OPTIONAL)" utilities.
>
> Bind 9.7 ARM says that "the server stores negative answers" for (default) 3
> hours; however, I'm not sure what the expected BIND behavior is.
>
> Would some mechanism, such has max-ncache-ttl or clients-per-query, be
> responsible for this lack of return traffic?
>
> Anyone have ideas to share?
>
> Thank you.
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list