Bind9 Random Whois and Dig Fails

Sri Harsha Yalamanchili harsha at
Fri Jun 3 22:09:13 UTC 2011

Hey Everyone,

We've setup and internal DNS on a Debian 6.0 Squeeze server with Bind 9 
running on it.

A few things specific to our configuration are:

    * This is not a caching only server. We've have our own internal
      domain. We also have a dns slave running on another server. The
      internal domain looks something like this:
      - The subdomain xxx does not actually exist, we've just made it up
      for our bind config.
    * We made sure Bind listens on a specific address and port by using
      the following:
          o query-source address X.X.X.X port 53;
          o listen-on { X.X.X.X; };
          o listen-on-v6 { none; };
    * This is what our Forwarders Section in named.conf.options looks like:

                 forwarders {
           ; //Telepacific's DNS server

The problem we're running into is:

    * Whenever we do something like dig @X.X.X.X the
      request times out for a while before working. Once we get an
      answers, we're thinking that the answer gets cached, the same
      lookup if performed again comes back with an instant answer. We've
      recreated this multiple times using different domain names.
    * The whois lookup works as long as we're telepacific's dns server.
    * To troubleshoot we added the google dns server,, as one of
      the forwarders and voila! all the answers to dig lookups were
      instantaneous. But now the whois lookups would not work at all.

We've rules out the firewall by dropping all the rules and still 
receiving the same behavior. We can clearly see that the queries are 
going out from the query log. Any other logging options that can be 
enabled to troubleshoot this issue?

Any help is much appreciated. We've been spending hours trying to solve 
the mystery.

Thank you,
*Harsha* | harsha at
Systems Administrator | ThoughtMatrix, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the bind-users mailing list