puzzling dnscache behavior

Corey Edwards tensai at zmonkey.org
Wed Jun 18 16:58:04 MDT 2008


On Wed, 2008-06-18 at 16:13 -0600, Nicholas Leippe wrote:
> I use dnscache on my workstation.
> 
> Everything worked fine until recently. I don't know exactly when the behavior 
> changed.
> 
> The behavior is thus:
> 
> If I query for rss.slashdot.org:
> 
> # dnsqr a rss.slashdot.org
> 
> It times out, and the dnscache log shows the typical "servfail 
> rss.slashdot.org. input/output error" which isn't very meaningful.
> 
> However, if I first do:
> 
> # dnsqr cname rss.slashdot.org
> 5 rss.slashdot.org:
> 68 bytes, 1+1+0+0 records, response, noerror
> query: 5 rss.slashdot.org
> answer: rss.slashdot.org 3453 CNAME feeds.feedburner.com
> 
> then it works:
> 
> # dnsqr a rss.slashdot.org
> 1 rss.slashdot.org:
> 84 bytes, 1+2+0+0 records, response, noerror
> query: 1 rss.slashdot.org
> answer: rss.slashdot.org 3450 CNAME feeds.feedburner.com
> answer: feeds.feedburner.com 153 A 66.150.96.119
> 
> It continues to work for a while, before it reverts. (Most likely a 
> timeout/ttl is occurring.)
> 
> I have env/FORWARDONLY set to 0 (to make it recur) and root/servers/@ is 
> simply the list of root servers.
> 
> Any ideas?

First off, stop reading Slashdot. :)

I would wrab a tcpdump of the DNS traffic while you're doing your tests.
I would be very interested to know if any requests are going from the
cache to Slashdot's DNS servers.

What happens if you query for ANY rather than A or CNAME?

Corey

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20080618/07dc7dc7/attachment.bin 


More information about the PLUG mailing list