[dns-operations] Can a 1s TTL cause weird failures?
Mark Andrews
Mark_Andrews at isc.org
Tue Jun 5 03:28:12 UTC 2007
> I'm having a problem with some of my servers in the SF Bay Area not
> being able to look up the MX record for the zone "weckerphoto.co.uk.".
> Below is a complete tcpdump record of the packets that go back and forth
> during the attempt.
>
> I'm logged into my recursive DNS server.
>
> [r0-66:~]$ dig @127.0.0.1 weckerphoto.co.uk. mx
>
> ; <<>> DiG 8.3 <<>> @127.0.0.1 weckerphoto.co.uk. mx
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> 19:48:48.402533 66.218.66.112.33701 > 212.121.40.130.53: 55962 [1au] A?
> dns03.1stdomains.co.uk. (51)
> 19:48:48.402585 66.218.66.112.33701 > 212.121.40.130.53: 42665 [1au] A?
> ns03.1stdomains.co.uk. (50)
> 19:48:48.402627 66.218.66.112.33701 > 212.121.40.130.53: 24761 [1au]
> MX? weckerphoto.co.uk. (46)
> 19:48:48.568601 212.121.40.130.53 > 66.218.66.112.33701: 55962- 0/2/3
> (131) (DF)
> 19:48:48.568761 212.121.40.130.53 > 66.218.66.112.33701: 42665- 0/2/3
> (130) (DF)
> 19:48:48.568771 212.121.40.130.53 > 66.218.66.112.33701: 24761- 0/2/1
> (96) (DF)
> 19:48:48.568799 66.218.66.112.33701 > 81.19.63.101.53: 6345 [1au] A?
> dns03.1stdomains.co.uk. (51)
> 19:48:48.568849 66.218.66.112.33701 > 81.19.63.101.53: 6356 [1au] A?
> ns03.1stdomains.co.uk. (50)
> 19:48:48.716361 81.19.63.101.53 > 66.218.66.112.33701: 6345*- 1/2/3 A
> 81.19.63.150 (147) (DF)
> 19:48:48.716508 81.19.63.101.53 > 66.218.66.112.33701: 6356*- 1/2/3 A
> 81.19.63.151 (146) (DF)
> 19:48:53.406873 66.218.66.112.33701 > 204.74.113.44.53: 39173 [1au] A?
> dns03.1stdomains.co.uk. (51)
> 19:48:53.406919 66.218.66.112.33701 > 204.74.113.44.53: 48393 [1au] A?
> ns03.1stdomains.co.uk. (50)
> 19:48:53.406961 66.218.66.112.33701 > 204.74.113.44.53: 20944 [1au] MX?
> weckerphoto.co.uk. (46)
> 19:48:53.411291 204.74.113.44.53 > 66.218.66.112.33701: 20944- 0/2/1
> (96) (DF)
> 19:48:53.412023 204.74.113.44.53 > 66.218.66.112.33701: 39173- 0/2/3
> (131) (DF)
> 19:48:53.412029 204.74.113.44.53 > 66.218.66.112.33701: 48393- 0/2/3
> (130) (DF)
> 19:48:53.412122 66.218.66.112.33701 > 88.208.202.90.53: 58020 [1au] A?
> dns03.1stdomains.co.uk. (51)
> 19:48:53.412173 66.218.66.112.33701 > 88.208.202.90.53: 26171 [1au] A?
> ns03.1stdomains.co.uk. (50)
> 19:48:53.573975 88.208.202.90.53 > 66.218.66.112.33701: 58020*- 1/2/3 A
> 81.19.63.150 (147) (DF)
> 19:48:53.573982 88.208.202.90.53 > 66.218.66.112.33701: 26171*- 1/2/3 A
> 81.19.63.151 (146) (DF)
> ;; res_nsend: Operation timed out
> [r0-66:~]$
>
> You might notice that it immediately issues three queries. Two are for
> the A records of weckerphoto's authoritative servers. In addition, it
> asks one of the co.uk. auth servers for the MX record. It gets
> referrals back from all three queries.
>
> Then it asks 1stdomains.co.uk.'s auth servers for the A records for
> "{d,}ns03.1stdomains.co.uk.". It gets a response back, and then just
> hangs; no further action occurs.
>
> Note particularly that even though it finds out what the A record for
> {d,}ns03.1stdomains.co.uk are, it never queries them about
> weckerphoto.co.uk.
>
> My suspicion is that this is happening because the TTL on the A records
> for {d,}ns03.1stdomains.co.uk is extremely low:
>
> ;; ANSWER SECTION:
> dns03.1stdomains.co.uk. 1S IN A 81.19.63.150
>
> ;; ANSWER SECTION:
> ns03.1stdomains.co.uk. 1S IN A 81.19.63.151
>
> My nameserver is BIND 8.4.6.
BIND 8 doesn't have query restart. Upgrade.
> Does anyone have any ideas on what might be going on here?
>
> Mark K. Pettit
> pettit at yahoo-inc.com
> DNS Administrator
> Yahoo!, Inc.
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the dns-operations
mailing list