Re: Intermittent NXDOMAIN for a name we are forwarding
On 19.02.16 17:08, blrmaani wrote: We have a DNS setup where we forward a name in one domain to 5 external nameservers. We see NXDOMAIN error intermittently (once in couple of weeks). How do I debug this issue? tcpdump? I took a cache dump on our DNS and 2 out of 5 nameserver IPs appear in "Unassociated entries" when the problem happens. anything more isble in the cache? last time I have encountered this error, it was problematic Cisco DNS load balancer, responding NXDOMAIN to a PTR (and possibly other) type queries, while standard types returned proper answer. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The only substitute for good manners is fast reflexes. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Tuning for lots of SERVFAIL responses
On 02/18/2016 07:05 PM, Tony Finch wrote: Yep, mostly waiting for replies that will never come, which doesn't require much CPU. Is there anything that the networking team can do to help alleviate some of the pain? I.e. make sure that equipment returns no route to host error messages? Will this make named abort queries before they would otherwise timeout? -- Grant. . . . unix || die ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A Zone Transfer Question
On 02/19/2016 08:04 PM, John Miller wrote: In the case of dynamic updates, one NS record might actually be better: there's no worrying about update forwarding between slave and master. It's been my painful experience that (particularly Windows) clients send dynamic DNS updates to the MNAME listed in the SOA, /NOT/ necessarily any of the listed NS. (Unless the MNAME happens to be listed as an NS.) As such, I don't see any confusion over which of multiple NS dynamic updates are sent to. Further, I'd argue that slave NS should be configured to forward updates to the master (ultimately MNAME). -- Grant. . . . unix || die ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: Intermittent NXDOMAIN for a name we are forwarding
In message <20160220172148.ga26...@fantomas.sk>, Matus UHLAR - fantomas writes: > On 19.02.16 17:08, blrmaani wrote: > >We have a DNS setup where we forward a name in one domain to 5 external > > nameservers. We see NXDOMAIN error intermittently (once in couple of > > weeks). How do I debug this issue? > > tcpdump? > > >I took a cache dump on our DNS and 2 out of 5 nameserver IPs appear in "Unas > sociated entries" when the problem happens. > > anything more isble in the cache? > > last time I have encountered this error, it was problematic Cisco DNS load > balancer, responding NXDOMAIN to a PTR (and possibly other) type queries, > while standard types returned proper answer. Or using "forward first;" rather that "forward only;" and falling back to the Internet and getting NXDOMAIN there. > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > The only substitute for good manners is fast reflexes. > ___ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
