-----Original Message----- From: Matus UHLAR - fantomas <uh...@fantomas.sk> Date: Sunday, July 13, 2014 at 6:24 AM To: "bind-users@lists.isc.org" <bind-users@lists.isc.org> Subject: Re: initial lookup fails every time
>On 12.07.14 01:19, Tony Publiski wrote: >> I'm hoping someone has seen this before. I'm running a couple of BIND >> 9.8.2 DNS servers and having an issue with them for some reason. The >> servers end up failing to lookup on the initial lookup of a domain that >> hasn't been previously cached every time. If you immediately retry, the >> lookup succeeds without issue. I've looked all over but not been able >>to >> find any answers, and it's driving me crazy. Anyone seen this before or >> have an idea? >> >>[root@ns ~]# nslookup www.chase.com >>;; connection timed out; trying next origin >>Server: 127.0.0.1 >>Address: 127.0.0.1#53 >> >>** server can't find www.chase.com: NXDOMAIN >> >>[root@ns ~]# nslookup www.chase.com >>Server: 127.0.0.1 >>Address: 127.0.0.1#53 >> >>Non-authoritative answer: >>www.chase.com canonical name = wwwbcchase.gslb.bankone.com. >>Name: wwwbcchase.gslb.bankone.com >>Address: 159.53.84.126 > >there's too much places where the issue can be. >First, use "dig" or at least "host" to track DNS problems. +1 only idea from info given, is upstream firewall or other network device doing inspection or filtering and causing timeouts due to edns fall-back...a race condition where the answer ultimately gets cached but not before the client times out, so it works next time. that's just one idea thought, as said above many things could cause the behavior. to rule out my idea, you can test yourself: https://www.dns-oarc.net/oarc/services/replysizetest/ _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users