bind takes a long time to resolve requests

Pablo Maurelli pmaurelli at gruposkymax.com.ar
Tue Oct 4 16:40:40 UTC 2011


>
> hello, pick up a dns server with bind9, is resolving claims, but it takes
> time to resolve a lot, sometimes throw timeout error and the second time
> resolved, any ideas?
> I pass below my named.conf, host.conf and nsswitch.conf



*DIG:*

; <<>> DiG 9.7.3 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 90
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       517816  IN      NS      g.root-servers.net.
.                       517816  IN      NS      a.root-servers.net.
.                       517816  IN      NS      m.root-servers.net.
.                       517816  IN      NS      f.root-servers.net.
.                       517816  IN      NS      b.root-servers.net.
.                       517816  IN      NS      e.root-servers.net.
.                       517816  IN      NS      j.root-servers.net.
.                       517816  IN      NS      k.root-servers.net.
.                       517816  IN      NS      i.root-servers.net.
.                       517816  IN      NS      h.root-servers.net.
.                       517816  IN      NS      d.root-servers.net.
.                       517816  IN      NS      c.root-servers.net.
.                       517816  IN      NS      l.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net.     604216  IN      A       198.41.0.4
a.root-servers.net.     604216  IN      AAAA    2001:503:ba3e::2:30
b.root-servers.net.     604216  IN      A       192.228.79.201
c.root-servers.net.     604216  IN      A       192.33.4.12
d.root-servers.net.     604216  IN      A       128.8.10.90
d.root-servers.net.     604216  IN      AAAA    2001:500:2d::d
e.root-servers.net.     604216  IN      A       192.203.230.10
f.root-servers.net.     604216  IN      A       192.5.5.241
f.root-servers.net.     604216  IN      AAAA    2001:500:2f::f
g.root-servers.net.     604216  IN      A       192.112.36.4
h.root-servers.net.     604216  IN      A       128.63.2.53
i.root-servers.net.     604216  IN      A       192.36.148.17
j.root-servers.net.     604216  IN      A       192.58.128.30
j.root-servers.net.     604217  IN      AAAA    2001:503:c27::2:30

;; Query time: 0 msec
;; SERVER: 172.31.26.85#53(172.31.26.85)
;; WHEN: Tue Oct  4 13:34:03 2011
;; MSG SIZE  rcvd: 500


*DIG ns1.resolver01.net*

root at resolver01:/var/named# dig ns1.resolver01.net

; <<>> DiG 9.7.3 <<>> ns1.resolver01.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61061
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.resolver01.net.            IN      A

;; ANSWER SECTION:
ns1.resolver01.net.     43200   IN      A       172.31.26.85

;; AUTHORITY SECTION:
resolver01.net.         43200   IN      NS      ns1.resolver01.net.

;; Query time: 0 msec
;; SERVER: 172.31.26.85#53(172.31.26.85)
;; WHEN: Tue Oct  4 13:34:42 2011
;; MSG SIZE  rcvd: 66


*NAMED.CONF*

// Mis redes permitidas

acl "redes_sky" {
                172.31.26.0/24;
                172.31.25.0/24;
                172.31.24.0/24;
};

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        version "TXT, ";
        listen-on { 127.0.0.1; 172.31.26.85;};
        query-source port *;
      //recursive-clients       2500;
        allow-transfer{ /* !192.168.100.0/24; */
                redes_sky;
        };
        allow-recursion{ /* !192.168.100.0/24; */
                redes_sky;
        };
        allow-query { redes_sky; localhost;
        };

      //recursion no;
};

include "/etc/bind/rndc.key";

logging {
        channel default_log {
                        file "/var/log/named.log" versions 3 size 25m;
                        severity info;
                        print-time yes;
                        print-severity yes;
                        print-category yes;};
        category default {default_log; };
        category lame-servers {null; };

};

zone  "." {
        type hint;
        file "root.hints";
};
zone "0.0.127.in-addr.arpa" in{
        type master;
        file "named.local";
};
zone "26.31.172.in-addr.arpa" in{
        type master;
        file "zones/26.31.172.in-addr.arpa";
};
zone "resolver01.net" in{
        type master;
        file "zones/resolver01.net";
};


*Zones:*

*NAMED.LOCAL*

$TTL 43200      ; 12 hours
@               IN      SOA     localhost.      root.localhost. (
                        2008122911 ; serial
                        3600       ; refresh (1 hour)
                        900        ; retry (15 minutes)
                        1209600    ; expire (2 weeks)
                        43200      ; minimum (12 hours)
                        )
                IN      NS      localhost.
1               IN      PTR     localhost.


*26.31.172.in-addr.arpa*
*
*
$ORIGIN .
$TTL 43200  ; 12 horas
26.31.172.in-addr.arpa  IN  SOA ns1.resolver01.net.26.31.172.IN-ADDR.ARPA.
hostmaster.resolver01.net.26.31.172.IN
-ADDR.ARPA. (
                                                2011093021      ; serial
                                                3600    ; refresh
                                                900     ; retry
                                                1209600 ; expire
                                                43200   ; minimum
                                                )

                                NS              ns1.resolver01.net.
$ORIGIN 26.31.172.in-addr.arpa.
85                              PTR             ns1.resolver01.net.


*26.31.172.in-addr.arpa*
*
*
$ORIGIN .
$TTL 43200  ; 12 horas
26.31.172.in-addr.arpa  IN  SOA ns1.resolver01.net.26.31.172.IN-ADDR.ARPA.
hostmaster.resolver01.net.26.31.172.IN
-ADDR.ARPA. (
                                                2011093021      ; serial
                                                3600    ; refresh
                                                900     ; retry
                                                1209600 ; expire
                                                43200   ; minimum
                                                )

                                NS              ns1.resolver01.net.
$ORIGIN 26.31.172.in-addr.arpa.
85                              PTR             ns1.resolver01.net.


*resolver01.net*

$ORIGIN .
$TTL 43200
resolver01.net          SOA ns1.resolver01.net. hostmaster.resolver01.net. (
                                        2011093072      ; serial
                                        3600    ; refresh
                                        900     ; retry
                                        86400   ; expire
                                        43200   ; minimum
                                        )

                        NS              ns1.resolver01.net.

                        TXT             "v=spf1 ptr ip4:172.31.26.0/24
172.31.24.0/24 172.31.25.0/24 ~all"
$ORIGIN resolver01.net.

ns1                     A               172.31.26.85


But in the zone 0.0.127.in-addr.arpa is empty???

Ideas???


Thanks/Regards!

2011/10/4 Pablo Maurelli <pmaurelli at gruposkymax.com.ar>

> hello, pick up a dns server with bind9, is resolving claims, but it takes
> time to resolve a lot, sometimes throw timeout error and the second time
> resolved, any ideas?
> I pass below my named.conf, host.conf and nsswitch.conf
>
> from already thank you very much.
>
> Regards!
>
>
>
>
>


--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-workers/attachments/20111004/b21eaef4/attachment.html>


More information about the bind-workers mailing list