<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>On 8/31/22 11:56, Drew Weaver wrote:<br>
</p>
<blockquote type="cite"
cite="mid:fe0d5f3986a0469cb3539edbef44ada3@thenap.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Hello,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We have a cluster of Bind9 resolvers behind
load balancers (for historical reasons, mainly that we can’t
force people to use multiple resolver IP addresses in their
configurations(static) and everything still has to work).<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The load balancers do health checks to
determine whether or not the hosts are responding to queries
and then based the result of those checks the individual hosts
are rotated in and out of operation.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We noticed that some of these health checks
are failing (seemingly at random) and hosts are flapping in
and out of the SLB pool, but we cannot actually figure out why
those queries are failing.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">43/1656 queries resulted in DNS mesg recv:
no answ section <o:p>
</o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Our environment is EL7 running BIND
9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Checking standard logging channels the only
real error we see from named is this:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">“named[5821]: dispatch 0x7f70e400fad0:
shutting down due to TCP receive error: (seemingly random IP
address) connection reset” but the source IP that the health
checks come from don’t appear anywhere in the logs.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We read through this document <a
href="https://kb.isc.org/docs/monitoring-recommendations-for-bind-9"
moz-do-not-send="true" class="moz-txt-link-freetext">
https://kb.isc.org/docs/monitoring-recommendations-for-bind-9</a> which
gave us some good ideas on things to look at but sadly there
doesn’t appear to be anything sticking out at us as a real
cause.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">If anyone has any thoughts on this I would
be really grateful.</p>
</div>
</blockquote>
<br>
Interesting that it fails on TCP, not UDP. "netstat -s" might<br>
show something useful?<br>
<br>
It might help to describe your load balancer setup: make/model,<br>
software revision level, how you set up the health checks, how<br>
the load balancers failover is configured. Has this behavior <br>
started recently? Have there been any load balancer configuration<br>
changes? <br>
<br>
Best regards,<br>
-- <br>
Charles Polisher<br>
</body>
</html>