BIND and UDP tuning

Alex mysqlstudent at
Sun Sep 30 15:59:27 UTC 2018


> > Sep 29 14:33:54 mail03 postfix/dnsblog[3290]: warning:
> > dnsblog_query: lookup error for DNS query
> > Host or domain name not found. Name
> > service error for type=A: Host
> > not found, try again
> >
> > I'd really be interested in people's input here.
> Are your requests being dropped by the service(s)?
> (Or: are you inadvertently abusing the said service(s)?)

I don't believe so - often times a follow-up host query succeeds
without issue. It's also failing for invaluement and spamhaus, both of
which we subscribe.

30-Sep-2018 11:42:04.345 query-errors: info: client @0x7f7910197080 ( query failed (SERVFAIL)
for at ../../../bin/named/query.c:8580
30-Sep-2018 11:32:31.245 query-errors: info: client @0x7f7920170d30 ( query failed
(SERVFAIL) for at

# host
Host not found: 3(NXDOMAIN)
# host has address

It also tends to happen in bulk - there may be 25 SERVFAILs within the
same second, then nothing for another few minutes.

I believe an early tcpdump trace showed that we were just not
receiving the responses, although I don't know if it was due to the
service itself (doubtful, particularly for the reasons mentioned
above), or something along the way was dropping the packets.

This appears to indicate the response was never received:
27-Sep-2018 16:57:06.509 query-errors: info: client @0x7fc7a42f6900 ( query failed (SERVFAIL)
for at ../../../bin/named/query.c:8580
27-Sep-2018 16:57:06.510 query-errors: debug 2: fetch completed at
../../../lib/dns/resolver.c:3927 for in
30.000130: timed out/success

I attempted to search github for query.c line 8580, but there weren't
even that many lines in file.

Is there any further bind debugging that can be done to determine
this? I've tried increasing the tracing level to 99, but it doesn't
appear to show any more than trace level 4.

More information about the bind-users mailing list