On Thu, 2018-01-18 at 17:46 +0000, Tony Finch wrote:
> Brian J. Murrell <br...@interlinx.bc.ca> wrote:
> > On Thu, 2018-01-18 at 15:41 +0000, Tony Finch wrote:
> > >
> > > The default is 10 minutes - try reducing it and see if the outage
> > > becomes shorter.
> >
> > If it does, what is that telling me?
> 
> My hypothesis here is that `named` has marked all the nameservers for
> the
> domain that is failing as lame, so it no longer has anywhere to send
> queries for the domain, so it returns a SERVFAIL.

Seems this might be the case.  Using a trace level of 11, when a
failure starts this seems to be the trail...

19-Jan-2018 09:06:18.893 resquery 0x7f1010f3bd90 (fctx 
0x7f1010f23d90(www.google.com/A)): response
19-Jan-2018 09:06:18.893 received packet:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  25156
;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 15, ADDITIONAL: 27
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1472
;; QUESTION SECTION:
;www.google.com.                        IN      A

;; AUTHORITY SECTION:
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    86400   IN      DS      30909 8 2 
E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20180201050000 
20180119040000 41824 . IwT0e9jOKKgASgCQXGsryxFFeN5R0e/HPGCzQuD7rhtCYg4UywLcJ9A1 
Ftn0drh2mggBE5wWX90dc5u26P8Gt1jkJ8XbxyjNHA5uTmakjVnGGOZ+ 
9N/6JMtDApT4F6q/3EN8dkctxWvEe9uph8dFR1Uj0aqCNS3aQ0ge4LkS 
JPfRQ2FIQCQxsh+Ts2hdiC6mThpWoFmwmfBxGPu/NsS92/iA5EaP4ZOK 
oIRqrvgyV4PrTDJM8StJJk9qw7z78RC+3/RfEsnwICXKptIGE4AekqIa 
RiVhkTrXhCZAibab5gtqkCkWZ6kF1/6Xbcjexj4VHL+FxqlQCec6CUcz Wpt/DA==

;; ADDITIONAL SECTION:
a.gtld-servers.net.     172800  IN      A       192.5.6.30
a.gtld-servers.net.     172800  IN      AAAA    2001:503:a83e::2:30
b.gtld-servers.net.     172800  IN      A       192.33.14.30
b.gtld-servers.net.     172800  IN      AAAA    2001:503:231d::2:30
c.gtld-servers.net.     172800  IN      A       192.26.92.30
c.gtld-servers.net.     172800  IN      AAAA    2001:503:83eb::30
d.gtld-servers.net.     172800  IN      A       192.31.80.30
d.gtld-servers.net.     172800  IN      AAAA    2001:500:856e::30
e.gtld-servers.net.     172800  IN      A       192.12.94.30
e.gtld-servers.net.     172800  IN      AAAA    2001:502:1ca1::30
f.gtld-servers.net.     172800  IN      A       192.35.51.30
f.gtld-servers.net.     172800  IN      AAAA    2001:503:d414::30
g.gtld-servers.net.     172800  IN      A       192.42.93.30
g.gtld-servers.net.     172800  IN      AAAA    2001:503:eea3::30
h.gtld-servers.net.     172800  IN      A       192.54.112.30
h.gtld-servers.net.     172800  IN      AAAA    2001:502:8cc::30
i.gtld-servers.net.     172800  IN      A       192.43.172.30
i.gtld-servers.net.     172800  IN      AAAA    2001:503:39c1::30
j.gtld-servers.net.     172800  IN      A       192.48.79.30
j.gtld-servers.net.     172800  IN      AAAA    2001:502:7094::30
k.gtld-servers.net.     172800  IN      A       192.52.178.30
k.gtld-servers.net.     172800  IN      AAAA    2001:503:d2d::30
l.gtld-servers.net.     172800  IN      A       192.41.162.30
l.gtld-servers.net.     172800  IN      AAAA    2001:500:d937::30
m.gtld-servers.net.     172800  IN      A       192.55.83.30
m.gtld-servers.net.     172800  IN      AAAA    2001:501:b1f9::30


19-Jan-2018 09:06:18.894 fctx 0x7f1010f23d90(www.google.com/A): 
noanswer_response
19-Jan-2018 09:06:18.894 log_ns_ttl: fctx 0x7f1010f23d90: noanswer_response: 
www.google.com (in '.'?): 1 518400
19-Jan-2018 09:06:18.894 log_ns_ttl: fctx 0x7f1010f23d90: DELEGATION: 
www.google.com (in 'com'?): 0 518400
19-Jan-2018 09:06:18.895 fctx 0x7f1010f23d90(www.google.com/A): cache_message
19-Jan-2018 09:06:18.895 fctx 0x7f1010f23d90(www.google.com/A): cancelquery
19-Jan-2018 09:06:18.895 fctx 0x7f1010f23d90(www.google.com/A): nameservers now 
above QDOMAIN
19-Jan-2018 09:06:18.895 fctx 0x7f1010f23d90(www.google.com/A): done
19-Jan-2018 09:06:18.896 fctx 0x7f1010f23d90(www.google.com/A): stopeverything
19-Jan-2018 09:06:18.896 fctx 0x7f1010f23d90(www.google.com/A): cancelqueries

Is that reporting that an attempt to resolve www.google.com/A by my
server yielded no answers?

Subsequently the log reports:

19-Jan-2018 09:06:18.896 fctx 0x7f1010f23d90(www.google.com/A): sendevents
19-Jan-2018 09:06:18.896 resquery 0x7f1010d8aa08 (fctx 
0x7f1010d86e80(ns1.google.com/A)): response
19-Jan-2018 09:06:18.897 received packet:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  29220
;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 15, ADDITIONAL: 27
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1472
;; QUESTION SECTION:
;ns1.google.com.                        IN      A

;; AUTHORITY SECTION:
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.

com.                    86400   IN      DS      30909 8 2 
E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20180201050000 
20180119040000 41824 . IwT0e9jOKKgASgCQXGsryxFFeN5R0e/HPGCzQuD7rhtCYg4UywLcJ9A1 
Ftn0drh2mggBE5wWX90dc5u26P8Gt1jkJ8XbxyjNHA5uTmakjVnGGOZ+ 
9N/6JMtDApT4F6q/3EN8dkctxWvEe9uph8dFR1Uj0aqCNS3aQ0ge4LkS 
JPfRQ2FIQCQxsh+Ts2hdiC6mThpWoFmwmfBxGPu/NsS92/iA5EaP4ZOK 
oIRqrvgyV4PrTDJM8StJJk9qw7z78RC+3/RfEsnwICXKptIGE4AekqIa 
RiVhkTrXhCZAibab5gtqkCkWZ6kF1/6Xbcjexj4VHL+FxqlQCec6CUcz Wpt/DA==

;; ADDITIONAL SECTION:
a.gtld-servers.net.     172800  IN      A       192.5.6.30
a.gtld-servers.net.     172800  IN      AAAA    2001:503:a83e::2:30
b.gtld-servers.net.     172800  IN      A       192.33.14.30
b.gtld-servers.net.     172800  IN      AAAA    2001:503:231d::2:30
c.gtld-servers.net.     172800  IN      A       192.26.92.30
c.gtld-servers.net.     172800  IN      AAAA    2001:503:83eb::30
d.gtld-servers.net.     172800  IN      A       192.31.80.30
d.gtld-servers.net.     172800  IN      AAAA    2001:500:856e::30
e.gtld-servers.net.     172800  IN      A       192.12.94.30
e.gtld-servers.net.     172800  IN      AAAA    2001:502:1ca1::30
f.gtld-servers.net.     172800  IN      A       192.35.51.30
f.gtld-servers.net.     172800  IN      AAAA    2001:503:d414::30
g.gtld-servers.net.     172800  IN      A       192.42.93.30
g.gtld-servers.net.     172800  IN      AAAA    2001:503:eea3::30
h.gtld-servers.net.     172800  IN      A       192.54.112.30
h.gtld-servers.net.     172800  IN      AAAA    2001:502:8cc::30
i.gtld-servers.net.     172800  IN      A       192.43.172.30
i.gtld-servers.net.     172800  IN      AAAA    2001:503:39c1::30

j.gtld-servers.net.     172800  IN      A       192.48.79.30
j.gtld-servers.net.     172800  IN      AAAA    2001:502:7094::30
k.gtld-servers.net.     172800  IN      A       192.52.178.30
k.gtld-servers.net.     172800  IN      AAAA    2001:503:d2d::30
l.gtld-servers.net.     172800  IN      A       192.41.162.30
l.gtld-servers.net.     172800  IN      AAAA    2001:500:d937::30
m.gtld-servers.net.     172800  IN      A       192.55.83.30
m.gtld-servers.net.     172800  IN      AAAA    2001:501:b1f9::30


19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): 
noanswer_response
19-Jan-2018 09:06:18.900 log_ns_ttl: fctx 0x7f1010d86e80: noanswer_response: 
ns1.google.com (in '.'?): 1 518400
19-Jan-2018 09:06:18.900 log_ns_ttl: fctx 0x7f1010d86e80: DELEGATION: 
ns1.google.com (in 'com'?): 0 518400
19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): cache_message
19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): cancelquery
19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): nameservers now 
above QDOMAIN
19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): done
19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): stopeverything
19-Jan-2018 09:06:18.900 fctx 0x7f1010d86e80(ns1.google.com/A): cancelqueries

And the same for an AAAA query:

19-Jan-2018 09:06:18.901 fctx 0x7f1010d86e80(ns1.google.com/A): sendevents
19-Jan-2018 09:06:18.901 resquery 0x7f1010d7ea08 (fctx 
0x7f1010d88a40(ns1.google.com/AAAA)): response
19-Jan-2018 09:06:18.901 received packet:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:  40106
;; flags: qr; QUESTION: 1, ANSWER: 0, AUTHORITY: 15, ADDITIONAL: 27
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1472
;; QUESTION SECTION:
;ns1.google.com.                        IN      AAAA

;; AUTHORITY SECTION:
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
...

That then repeats for ns[2-4].google.com.

Am I interpreting this correctly?  If so, why would these queries come
back with responses with no answers?

Cheers,
b.

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to