bind918 malfunction?
Ondřej Surý
ondrej at isc.org
Thu Sep 5 18:04:37 UTC 2024
I’m on my phone, so this is a long shot, but you can try disabling the qname minimization.
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> On 5. 9. 2024, at 19:45, Peter <pmc at citylink.dinoex.sub.org> wrote:
>
> On Thu, Sep 05, 2024 at 07:05:29PM +0200, Ondřej Surý wrote:
> ! It’s impossible to answer your question as you haven’t provided
> ! absolutely no information about your problem. Perhaps if you provide
> ! detailed information about nature of the problem, your DNS
> ! configuration, and your network configuration, we might be able to
> ! help you.
>
> Alright, I can give you the logs.
> This is the device with 9.16, taking 40 seconds to regain
> network access:
>
> Apr 15 01:44:39 <user.debug> alcatel syslog: Register account 1: Failed.
> Apr 15 01:45:20 <user.debug> alcatel syslog: Register account 1: successful.
>
> And this is the device now:
>
> Aug 31 06:12:43 <user.debug> alcatel syslog: Register account 1: Failed.
> Aug 31 08:10:19 <user.debug> alcatel syslog: Register account 1: successful.
>
>
> Now don't tell me that the device is crap, because I know that
> already. For now we have to live with it - and it did work before.
>
> Here is the traffic for the first case (only the answers):
>
> q_timestmp | a_timestmp | typ | seq | rrtext
> ---------------------------------+---------------------------------+-----------+-----+--------------------------------------------------------------------------------------------------------
> 15.04.2024 01:44:38.729122 CEST | 15.04.2024 01:44:38.785851 CEST | QUESTION | 1 | tel.t-online.de. IN NAPTR
> 15.04.2024 01:44:38.729122 CEST | 15.04.2024 01:44:38.785851 CEST | ANSWER | 1 | tel.t-online.de. 7200 IN NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.tel.t-online.de.
> 15.04.2024 01:44:38.729122 CEST | 15.04.2024 01:44:38.785851 CEST | ANSWER | 2 | tel.t-online.de. 7200 IN NAPTR 30 0 "s" "SIP+D2T" "" _sip._tcp.tel.t-online.de.
> 15.04.2024 01:44:38.729122 CEST | 15.04.2024 01:44:38.785851 CEST | ANSWER | 3 | tel.t-online.de. 7200 IN NAPTR 20 0 "s" "SIP+D2U" "" _sip._udp.tel.t-online.de.
> 15.04.2024 01:44:39.266325 CEST | 15.04.2024 01:44:39.307556 CEST | QUESTION | 1 | _sip._udp.tel.t-online.de. IN SRV
> 15.04.2024 01:44:39.266325 CEST | 15.04.2024 01:44:39.307556 CEST | ANSWER | 1 | _sip._udp.tel.t-online.de. 3600 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.266325 CEST | 15.04.2024 01:44:39.307556 CEST | ANSWER | 2 | _sip._udp.tel.t-online.de. 3600 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.266325 CEST | 15.04.2024 01:44:39.307556 CEST | ANSWER | 3 | _sip._udp.tel.t-online.de. 3600 IN SRV 10 0 5060 lei001-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.304721 CEST | 15.04.2024 01:44:39.497833 CEST | QUESTION | 1 | _sip._tcp.tel.t-online.de. IN SRV
> 15.04.2024 01:44:39.304721 CEST | 15.04.2024 01:44:39.497833 CEST | ANSWER | 1 | _sip._tcp.tel.t-online.de. 3600 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.304721 CEST | 15.04.2024 01:44:39.497833 CEST | ANSWER | 2 | _sip._tcp.tel.t-online.de. 3600 IN SRV 10 0 5060 lei001-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.304721 CEST | 15.04.2024 01:44:39.497833 CEST | ANSWER | 3 | _sip._tcp.tel.t-online.de. 3600 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.475107 CEST | 15.04.2024 01:44:39.499073 CEST | QUESTION | 1 | tel.t-online.de. IN A
> 15.04.2024 01:44:39.475107 CEST | 15.04.2024 01:44:39.499073 CEST | AUTHORITY | 1 | tel.t-online.de. 10800 IN SOA ns1.edns.t-ipnet.de. dns.telekom.de. 2018022700 43200 1800 1209600 21600
> 15.04.2024 01:44:39.502283 CEST | 15.04.2024 01:44:39.502592 CEST | QUESTION | 1 | tel.t-online.de. IN A
> 15.04.2024 01:44:39.502283 CEST | 15.04.2024 01:44:39.502592 CEST | AUTHORITY | 1 | tel.t-online.de. 10800 IN SOA ns1.edns.t-ipnet.de. dns.telekom.de. 2018022700 43200 1800 1209600 21600
> 15.04.2024 01:44:39.474596 CEST | 15.04.2024 01:44:39.52327 CEST | QUESTION | 1 | _sips._tcp.tel.t-online.de. IN SRV
> 15.04.2024 01:44:39.474596 CEST | 15.04.2024 01:44:39.52327 CEST | ANSWER | 1 | _sips._tcp.tel.t-online.de. 3600 IN SRV 20 0 5061 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.474596 CEST | 15.04.2024 01:44:39.52327 CEST | ANSWER | 2 | _sips._tcp.tel.t-online.de. 3600 IN SRV 10 0 5061 lei001-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:44:39.474596 CEST | 15.04.2024 01:44:39.52327 CEST | ANSWER | 3 | _sips._tcp.tel.t-online.de. 3600 IN SRV 30 0 5061 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:18.755781 CEST | 15.04.2024 01:45:18.756249 CEST | QUESTION | 1 | tel.t-online.de. IN NAPTR
> 15.04.2024 01:45:18.755781 CEST | 15.04.2024 01:45:18.756249 CEST | ANSWER | 1 | tel.t-online.de. 7160 IN NAPTR 20 0 "s" "SIP+D2U" "" _sip._udp.tel.t-online.de.
> 15.04.2024 01:45:18.755781 CEST | 15.04.2024 01:45:18.756249 CEST | ANSWER | 2 | tel.t-online.de. 7160 IN NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.tel.t-online.de.
> 15.04.2024 01:45:18.755781 CEST | 15.04.2024 01:45:18.756249 CEST | ANSWER | 3 | tel.t-online.de. 7160 IN NAPTR 30 0 "s" "SIP+D2T" "" _sip._tcp.tel.t-online.de.
> 15.04.2024 01:45:19.316733 CEST | 15.04.2024 01:45:19.317088 CEST | QUESTION | 1 | _sip._udp.tel.t-online.de. IN SRV
> 15.04.2024 01:45:19.316733 CEST | 15.04.2024 01:45:19.317088 CEST | ANSWER | 1 | _sip._udp.tel.t-online.de. 3560 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.316733 CEST | 15.04.2024 01:45:19.317088 CEST | ANSWER | 2 | _sip._udp.tel.t-online.de. 3560 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.316733 CEST | 15.04.2024 01:45:19.317088 CEST | ANSWER | 3 | _sip._udp.tel.t-online.de. 3560 IN SRV 10 0 5060 lei001-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.355071 CEST | 15.04.2024 01:45:19.355412 CEST | QUESTION | 1 | _sip._tcp.tel.t-online.de. IN SRV
> 15.04.2024 01:45:19.355071 CEST | 15.04.2024 01:45:19.355412 CEST | ANSWER | 1 | _sip._tcp.tel.t-online.de. 3560 IN SRV 10 0 5060 lei001-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.355071 CEST | 15.04.2024 01:45:19.355412 CEST | ANSWER | 2 | _sip._tcp.tel.t-online.de. 3560 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.355071 CEST | 15.04.2024 01:45:19.355412 CEST | ANSWER | 3 | _sip._tcp.tel.t-online.de. 3560 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.394936 CEST | 15.04.2024 01:45:19.395277 CEST | QUESTION | 1 | _sips._tcp.tel.t-online.de. IN SRV
> 15.04.2024 01:45:19.394936 CEST | 15.04.2024 01:45:19.395277 CEST | ANSWER | 1 | _sips._tcp.tel.t-online.de. 3560 IN SRV 20 0 5061 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.394936 CEST | 15.04.2024 01:45:19.395277 CEST | ANSWER | 2 | _sips._tcp.tel.t-online.de. 3560 IN SRV 10 0 5061 lei001-l01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.394936 CEST | 15.04.2024 01:45:19.395277 CEST | ANSWER | 3 | _sips._tcp.tel.t-online.de. 3560 IN SRV 30 0 5061 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.
> 15.04.2024 01:45:19.489441 CEST | 15.04.2024 01:45:19.541024 CEST | QUESTION | 1 | lei001-l01-mav-pc-rt-001.edns.t-ipnet.de. IN A
> 15.04.2024 01:45:19.489441 CEST | 15.04.2024 01:45:19.541024 CEST | ANSWER | 1 | lei001-l01-mav-pc-rt-001.edns.t-ipnet.de. 3600 IN A 217.0.147.69
>
> And this is the second case:
>
> id | q_timestmp | a_timestmp | typ | seq | rrtext
> -----------+---------------------------------+---------------------------------+----------+-----+-----------------------------------------------------------------------------------------------
> 295572064 | 31.08.2024 06:12:10.513476 CEST | 31.08.2024 06:12:10.513853 CEST | QUESTION | 1 | 'tel.t-online.de. IN NAPTR'
> 295572064 | 31.08.2024 06:12:10.513476 CEST | 31.08.2024 06:12:10.513853 CEST | ANSWER | 1 | 'tel.t-online.de. 3566 IN NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.tel.t-online.de.'
> 295572064 | 31.08.2024 06:12:10.513476 CEST | 31.08.2024 06:12:10.513853 CEST | ANSWER | 2 | 'tel.t-online.de. 3566 IN NAPTR 20 0 "s" "SIP+D2U" "" _sip._udp.tel.t-online.de.'
> 295572064 | 31.08.2024 06:12:10.513476 CEST | 31.08.2024 06:12:10.513853 CEST | ANSWER | 3 | 'tel.t-online.de. 3566 IN NAPTR 30 0 "s" "SIP+D2T" "" _sip._tcp.tel.t-online.de.'
> 295572089 | 31.08.2024 06:12:10.52171 CEST | 31.08.2024 06:12:10.681361 CEST | QUESTION | 1 | '_sip._udp.tel.t-online.de. IN SRV'
> 295572098 | 31.08.2024 06:12:10.522456 CEST | 31.08.2024 06:12:10.734403 CEST | QUESTION | 1 | '_sip._tcp.tel.t-online.de. IN SRV'
> 295572098 | 31.08.2024 06:12:10.522456 CEST | 31.08.2024 06:12:10.734403 CEST | ANSWER | 1 | '_sip._tcp.tel.t-online.de. 3600 IN SRV 10 0 5060 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295572098 | 31.08.2024 06:12:10.522456 CEST | 31.08.2024 06:12:10.734403 CEST | ANSWER | 2 | '_sip._tcp.tel.t-online.de. 3600 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295572098 | 31.08.2024 06:12:10.522456 CEST | 31.08.2024 06:12:10.734403 CEST | ANSWER | 3 | '_sip._tcp.tel.t-online.de. 3600 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295572100 | 31.08.2024 06:12:10.522952 CEST | 31.08.2024 06:12:10.735084 CEST | QUESTION | 1 | '_sips._tcp.tel.t-online.de. IN SRV'
> 295572100 | 31.08.2024 06:12:10.522952 CEST | 31.08.2024 06:12:10.735084 CEST | ANSWER | 1 | '_sips._tcp.tel.t-online.de. 3600 IN SRV 30 0 5061 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295572100 | 31.08.2024 06:12:10.522952 CEST | 31.08.2024 06:12:10.735084 CEST | ANSWER | 2 | '_sips._tcp.tel.t-online.de. 3600 IN SRV 20 0 5061 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295572100 | 31.08.2024 06:12:10.522952 CEST | 31.08.2024 06:12:10.735084 CEST | ANSWER | 3 | '_sips._tcp.tel.t-online.de. 3600 IN SRV 10 0 5061 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581176 | 31.08.2024 07:10:12.885095 CEST | 31.08.2024 07:10:12.885536 CEST | QUESTION | 1 | 'tel.t-online.de. IN NAPTR'
> 295581176 | 31.08.2024 07:10:12.885095 CEST | 31.08.2024 07:10:12.885536 CEST | ANSWER | 1 | 'tel.t-online.de. 84 IN NAPTR 20 0 "s" "SIP+D2U" "" _sip._udp.tel.t-online.de.'
> 295581176 | 31.08.2024 07:10:12.885095 CEST | 31.08.2024 07:10:12.885536 CEST | ANSWER | 2 | 'tel.t-online.de. 84 IN NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.tel.t-online.de.'
> 295581176 | 31.08.2024 07:10:12.885095 CEST | 31.08.2024 07:10:12.885536 CEST | ANSWER | 3 | 'tel.t-online.de. 84 IN NAPTR 30 0 "s" "SIP+D2T" "" _sip._tcp.tel.t-online.de.'
> 295581179 | 31.08.2024 07:10:13.405952 CEST | 31.08.2024 07:10:13.406332 CEST | QUESTION | 1 | '_sip._tcp.tel.t-online.de. IN SRV'
> 295581179 | 31.08.2024 07:10:13.405952 CEST | 31.08.2024 07:10:13.406332 CEST | ANSWER | 1 | '_sip._tcp.tel.t-online.de. 117 IN SRV 10 0 5060 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581179 | 31.08.2024 07:10:13.405952 CEST | 31.08.2024 07:10:13.406332 CEST | ANSWER | 2 | '_sip._tcp.tel.t-online.de. 117 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581179 | 31.08.2024 07:10:13.405952 CEST | 31.08.2024 07:10:13.406332 CEST | ANSWER | 3 | '_sip._tcp.tel.t-online.de. 117 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581180 | 31.08.2024 07:10:13.406464 CEST | 31.08.2024 07:10:13.40678 CEST | QUESTION | 1 | '_sips._tcp.tel.t-online.de. IN SRV'
> 295581180 | 31.08.2024 07:10:13.406464 CEST | 31.08.2024 07:10:13.40678 CEST | ANSWER | 1 | '_sips._tcp.tel.t-online.de. 117 IN SRV 10 0 5061 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581180 | 31.08.2024 07:10:13.406464 CEST | 31.08.2024 07:10:13.40678 CEST | ANSWER | 2 | '_sips._tcp.tel.t-online.de. 117 IN SRV 30 0 5061 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581180 | 31.08.2024 07:10:13.406464 CEST | 31.08.2024 07:10:13.40678 CEST | ANSWER | 3 | '_sips._tcp.tel.t-online.de. 117 IN SRV 20 0 5061 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295581205 | 31.08.2024 07:10:13.405269 CEST | 31.08.2024 07:10:13.569876 CEST | QUESTION | 1 | '_sip._udp.tel.t-online.de. IN SRV'
> 295591659 | 31.08.2024 08:10:15.291898 CEST | 31.08.2024 08:10:15.325567 CEST | QUESTION | 1 | 'tel.t-online.de. IN NAPTR'
> 295591659 | 31.08.2024 08:10:15.291898 CEST | 31.08.2024 08:10:15.325567 CEST | ANSWER | 1 | 'tel.t-online.de. 7200 IN NAPTR 30 0 "s" "SIP+D2T" "" _sip._tcp.tel.t-online.de.'
> 295591659 | 31.08.2024 08:10:15.291898 CEST | 31.08.2024 08:10:15.325567 CEST | ANSWER | 2 | 'tel.t-online.de. 7200 IN NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.tel.t-online.de.'
> 295591659 | 31.08.2024 08:10:15.291898 CEST | 31.08.2024 08:10:15.325567 CEST | ANSWER | 3 | 'tel.t-online.de. 7200 IN NAPTR 20 0 "s" "SIP+D2U" "" _sip._udp.tel.t-online.de.'
> 295591662 | 31.08.2024 08:10:15.881696 CEST | 31.08.2024 08:10:15.907946 CEST | QUESTION | 1 | '_sip._udp.tel.t-online.de. IN SRV'
> 295591662 | 31.08.2024 08:10:15.881696 CEST | 31.08.2024 08:10:15.907946 CEST | ANSWER | 1 | '_sip._udp.tel.t-online.de. 3600 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591662 | 31.08.2024 08:10:15.881696 CEST | 31.08.2024 08:10:15.907946 CEST | ANSWER | 2 | '_sip._udp.tel.t-online.de. 3600 IN SRV 10 0 5060 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591662 | 31.08.2024 08:10:15.881696 CEST | 31.08.2024 08:10:15.907946 CEST | ANSWER | 3 | '_sip._udp.tel.t-online.de. 3600 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591663 | 31.08.2024 08:10:15.882998 CEST | 31.08.2024 08:10:15.912328 CEST | QUESTION | 1 | '_sips._tcp.tel.t-online.de. IN SRV'
> 295591663 | 31.08.2024 08:10:15.882998 CEST | 31.08.2024 08:10:15.912328 CEST | ANSWER | 1 | '_sips._tcp.tel.t-online.de. 3600 IN SRV 10 0 5061 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591663 | 31.08.2024 08:10:15.882998 CEST | 31.08.2024 08:10:15.912328 CEST | ANSWER | 2 | '_sips._tcp.tel.t-online.de. 3600 IN SRV 20 0 5061 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591663 | 31.08.2024 08:10:15.882998 CEST | 31.08.2024 08:10:15.912328 CEST | ANSWER | 3 | '_sips._tcp.tel.t-online.de. 3600 IN SRV 30 0 5061 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591665 | 31.08.2024 08:10:15.882416 CEST | 31.08.2024 08:10:15.91249 CEST | QUESTION | 1 | '_sip._tcp.tel.t-online.de. IN SRV'
> 295591665 | 31.08.2024 08:10:15.882416 CEST | 31.08.2024 08:10:15.91249 CEST | ANSWER | 1 | '_sip._tcp.tel.t-online.de. 3600 IN SRV 30 0 5060 nes008-f01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591665 | 31.08.2024 08:10:15.882416 CEST | 31.08.2024 08:10:15.91249 CEST | ANSWER | 2 | '_sip._tcp.tel.t-online.de. 3600 IN SRV 20 0 5060 hno002-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591665 | 31.08.2024 08:10:15.882416 CEST | 31.08.2024 08:10:15.91249 CEST | ANSWER | 3 | '_sip._tcp.tel.t-online.de. 3600 IN SRV 10 0 5060 mue000-l01-mav-pc-rt-001.edns.t-ipnet.de.'
> 295591670 | 31.08.2024 08:10:16.976788 CEST | 31.08.2024 08:10:17.018826 CEST | QUESTION | 1 | 'mue000-l01-mav-pc-rt-001.edns.t-ipnet.de. IN A'
> 295591670 | 31.08.2024 08:10:16.976788 CEST | 31.08.2024 08:10:17.018826 CEST | ANSWER | 1 | 'mue000-l01-mav-pc-rt-001.edns.t-ipnet.de. 3600 IN A 217.0.148.69'
>
> We can see that the required queries 295572089 and 295581205 are not
> answered at all!
> Let's see what was sent instead:
>
> id | mess
> -----------+-----------------------------------------------------------------------------
> 117965258 | ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: ** +
> | ;; flags: qr rd ra ; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0+
> | ;; QUESTION SECTION: +
> | ;_sip._udp.tel.t-online.de. IN SRV +
>
>
> Now what do we have in the logs ---
>
> Aug 31 06:12:10 <local0.info> conr named[4456]: lame-servers: info: success resolving '_sip._tcp.tel.t-online.de/SRV' after disabling qname minimization due to 'failure'
> Aug 31 06:12:10 <local0.info> conr named[4456]: lame-servers: info: success resolving '_sips._tcp.tel.t-online.de/SRV' after disabling qname minimization due to 'failure'
>
> That's all, and that doesn't look very helpful. It doesn't mention the
> relevant query at all, and no other problems either.
>
>
> So, the nature of the problem might be explained with this.
>
> The configuration is a LAN-providing caching Nameserver, fully DNSSEC
> enabled, IPv4+v6, with rootslave, and authoritative for the LAN zones.
> The LAN zones are DNSSEC-wise chained to my public ones, trust-anchors
> are only used for reverse-DNS.
>
> I'm currently working on retrieving the relevant dialogue with the
> rootslave, but it doesn't seem very much helpful info in there either.
>
> cheerio,
> PMc
More information about the bind-users
mailing list