BIND and UDP tuning
mysqlstudent at gmail.com
Sun Sep 30 15:59:27 UTC 2018
> > Sep 29 14:33:54 mail03 postfix/dnsblog: warning:
> > dnsblog_query: lookup error for DNS query
> > 126.96.36.199.dnsbl.sorbs.net: Host or domain name not found. Name
> > service error for name=188.8.131.52.dnsbl.sorbs.net type=A: Host
> > not found, try again
> > I'd really be interested in people's input here.
> Are your requests being dropped by the service(s)?
> (Or: are you inadvertently abusing the said service(s)?)
I don't believe so - often times a follow-up host query succeeds
without issue. It's also failing for invaluement and spamhaus, both of
which we subscribe.
30-Sep-2018 11:42:04.345 query-errors: info: client @0x7f7910197080
127.0.0.1#46806 (184.108.40.206.bad.psky.me): query failed (SERVFAIL)
for 220.127.116.11.bad.psky.me/IN/A at ../../../bin/named/query.c:8580
30-Sep-2018 11:32:31.245 query-errors: info: client @0x7f7920170d30
127.0.0.1#30816 (18.104.22.168.zz.countries.nerd.dk): query failed
(SERVFAIL) for 22.214.171.124.zz.countries.nerd.dk/IN/A at
# host 126.96.36.199.bad.psky.me
Host 188.8.131.52.bad.psky.me not found: 3(NXDOMAIN)
# host 184.108.40.206.zz.countries.nerd.dk
220.127.116.11.zz.countries.nerd.dk has address 127.0.3.72
It also tends to happen in bulk - there may be 25 SERVFAILs within the
same second, then nothing for another few minutes.
I believe an early tcpdump trace showed that we were just not
receiving the responses, although I don't know if it was due to the
service itself (doubtful, particularly for the reasons mentioned
above), or something along the way was dropping the packets.
This appears to indicate the response was never received:
27-Sep-2018 16:57:06.509 query-errors: info: client @0x7fc7a42f6900
127.0.0.1#46680 (fidelity.com.wild.pccc.com): query failed (SERVFAIL)
for fidelity.com.wild.pccc.com/IN/A at ../../../bin/named/query.c:8580
27-Sep-2018 16:57:06.510 query-errors: debug 2: fetch completed at
../../../lib/dns/resolver.c:3927 for fidelity.com.wild.pccc.com/A in
30.000130: timed out/success
I attempted to search github for query.c line 8580, but there weren't
even that many lines in file.
Is there any further bind debugging that can be done to determine
this? I've tried increasing the tracing level to 99, but it doesn't
appear to show any more than trace level 4.
More information about the bind-users