LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 11-15-2010, 05:06 AM   #1
annaabhi
LQ Newbie
 
Registered: Jun 2009
Location: Nepal
Posts: 19

Rep: Reputation: 0
my dns server is unable to resolve the domain


Hello,
There seems to be some problem in my dns server.
The configuration is perfectly ok.But what happens sometimes is,
it couldnt resolve some domains sometimes.After restarting the
named,it again resolves the domain.Can anyone suggest me
whats happening on my dns server
 
Old 11-15-2010, 05:55 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,971

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Hi,

What's in /etc/resolv.conf?
Are those domains local (i.e. you dns is authoritative for them), or external?
Also could you post the output of
Code:
dig failed.domain.com
dig +trace failed.domain.com
when your dns fails to resolve the domain in question?

Last edited by bathory; 11-15-2010 at 05:58 AM.
 
Old 11-16-2010, 05:08 AM   #3
annaabhi
LQ Newbie
 
Registered: Jun 2009
Location: Nepal
Posts: 19

Original Poster
Rep: Reputation: 0
Hi,
The domains are external.

dig failed.domain.com

; <<>> DiG 9.6.1-P1 <<>> failed.domain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;failed.domain.com. IN A

;; AUTHORITY SECTION:
domain.com. 10790 IN SOA domain.com.
domain.com. 2010120002 10800 900 604800 604800

;; Query time: 0 msec
;; SERVER: #53()
;; WHEN: Tue Nov 16 15:33:48 2010
;; MSG SIZE rcvd: 74



dig +trace failed.domain.com

; <<>> DiG 9.6.1-P1 <<>> +trace failed.domain.com
;; global options: +cmd
. 517651 IN NS f.root-servers.net.
. 517651 IN NS b.root-servers.net.
. 517651 IN NS l.root-servers.net.
. 517651 IN NS a.root-servers.net.
. 517651 IN NS g.root-servers.net.
. 517651 IN NS c.root-servers.net.
. 517651 IN NS e.root-servers.net.
. 517651 IN NS j.root-servers.net.
. 517651 IN NS d.root-servers.net.
. 517651 IN NS k.root-servers.net.
. 517651 IN NS i.root-servers.net.
. 517651 IN NS h.root-servers.net.
. 517651 IN NS m.root-servers.net.
;; Received 480 bytes from in 0 ms

np. 172800 IN NS sec3.apnic.net.
np. 172800 IN NS np-ns.npix.net.np.
np. 172800 IN NS np-ns.anycast.pch.net.
np. 172800 IN NS ns-np.ripe.net.
np. 172800 IN NS ns-ext.isc.org.
np. 172800 IN NS shikhar.mos.com.np.
np. 172800 IN NS yarrina.connect.com.au.
;; Received 444 bytes from 192.203.230.10#53(e.root-servers.net) in 6 ms

domain.com. 86400 IN NS NS2.domain.com.
domain.com. 86400 IN NS NS1.domain.com.
;; Received 106 bytes from 192.189.54.17#53(yarrina.connect.com.au) in 204 ms

dig: isc_socket_create: address family not supported

I haven't mentioned my servers name and domain name.I hope thats ok.

It works after i start the named.

Waiting for the reply.

Thank you
 
Old 11-16-2010, 05:43 AM   #4
annaabhi
LQ Newbie
 
Registered: Jun 2009
Location: Nepal
Posts: 19

Original Poster
Rep: Reputation: 0
one more thing is there with that domain, my server is unable to resolve the domain sometimes though can show the name servers.

Again the problem was solved after restarting the named.
 
Old 11-16-2010, 05:45 AM   #5
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
try this

Code:
chkconfig named on
and restart your server and see if the problem persists.
 
Old 11-16-2010, 05:52 AM   #6
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,971

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Quote:
dig: isc_socket_create: address family not supported
Looks like a tcp protocol error. Can you try:
Code:
dig +trace -4 failed.domain.com
Searching for the error above, came across this post and similar others. Looks like bind-9.6.1-P1/2 has this problem on Centos and Debian/Ubuntu.
Could you upgrade it and see if it works.
 
Old 11-16-2010, 09:36 PM   #7
annaabhi
LQ Newbie
 
Registered: Jun 2009
Location: Nepal
Posts: 19

Original Poster
Rep: Reputation: 0
dig +trace -4 failed.domain.com

; <<>> DiG 9.6.1-P1 <<>> +trace -4 failed.domain.com
;; global options: +cmd
. 487422 IN NS m.root-servers.net.
. 487422 IN NS i.root-servers.net.
. 487422 IN NS g.root-servers.net.
. 487422 IN NS j.root-servers.net.
. 487422 IN NS k.root-servers.net.
. 487422 IN NS b.root-servers.net.
. 487422 IN NS a.root-servers.net.
. 487422 IN NS l.root-servers.net.
. 487422 IN NS h.root-servers.net.
. 487422 IN NS e.root-servers.net.
. 487422 IN NS f.root-servers.net.
. 487422 IN NS d.root-servers.net.
. 487422 IN NS c.root-servers.net.
;; Received 276 bytes from #53() in 0 ms

np. 172800 IN NS sec3.apnic.net.
np. 172800 IN NS np-ns.npix.net.np.
np. 172800 IN NS np-ns.anycast.pch.net.
np. 172800 IN NS ns-np.ripe.net.
np. 172800 IN NS ns-ext.isc.org.
np. 172800 IN NS shikhar.mos.com.np.
np. 172800 IN NS yarrina.connect.com.au.
;; Received 444 bytes from 193.0.14.129#53(k.root-servers.net) in 283 ms

domain.com. 86400 IN NS NS2.domain.com.
domain.com. 86400 IN NS NS1.domain.com.
;; Received 106 bytes from 198.32.126.50#53(np-ns.npix.net.np) in 3 ms

;; connection timed out; no servers could be reached
 
Old 11-17-2010, 01:23 AM   #8
annaabhi
LQ Newbie
 
Registered: Jun 2009
Location: Nepal
Posts: 19

Original Poster
Rep: Reputation: 0
this is the log message of my dns server.

kernel: Limiting icmp unreach response from 223 to 200 packets/sec

Last edited by annaabhi; 11-17-2010 at 01:39 AM.
 
Old 11-17-2010, 05:02 AM   #9
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,971

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Quote:
Originally Posted by annaabhi View Post
this is the log message of my dns server.
kernel: Limiting icmp unreach response from 223 to 200 packets/sec
So you're running FreeBSD? Take a look here to see how to increase that value
I don't know if this has something to do with the dns problem, but I don't think so. Most likely the problem could be related to "dig: isc_socket_create: address family not supported".

You didn't say what's in /etc/resolv.conf. If you can resolve the domain after restarting named, I guess your cache gets corrupted somehow. It could be related to the nameserver(s) in /etc/resolv.conf, or maybe any forwarders you use (didn't post named.conf also, since you said it's configured perfectly).

Can you resolve using external dns servers:
Code:
dig failed.domain.com @8.8.8.8
 
Old 11-17-2010, 10:22 PM   #10
annaabhi
LQ Newbie
 
Registered: Jun 2009
Location: Nepal
Posts: 19

Original Poster
Rep: Reputation: 0
vi /etc/resolve.conf

domain xxx.com.np
nameserver xxx.xxx.xxx.xxx


dig domain.com @8.8.8.8 ns

; <<>> DiG 9.6.1-P1 <<>> domain.com @8.8.8.8 ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26396
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;domain.com. IN NS

;; ANSWER SECTION:
domain.com. 86400 IN NS ns2.domain.com.
domain.com. 86400 IN NS ns1.domain.com.

;; Query time: 236 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Nov 18 09:05:02 2010
;; MSG SIZE rcvd: 67




dig failed.domain.com @8.8.8.8

; <<>> DiG 9.6.1-P1 <<>> failed.domain.com @8.8.8.8 ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33388
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;failed.domain.com IN A

;; AUTHORITY SECTION:
domain.com. 1215 IN SOA domain.com.
domain.com. 2010120002 10800 900 604800 604800

;; Query time: 97 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Nov 18 09:12:13 2010
;; MSG SIZE rcvd: 74
 
Old 11-18-2010, 01:34 AM   #11
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,971

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Quote:
; <<>> DiG 9.6.1-P1 <<>> failed.domain.com @8.8.8.8 ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33388
...
Are you sure that the host you're trying to resolve exists? Because you get NXDOMAIN either using your dns or the one of google.
If it exists and not even google dns can resolve it, then there is a configuration problem from their side.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to resolve very important domain->ip DNS issue? effekt01 Linux - Networking 7 11-13-2010 09:20 AM
dns server not able to resolve local domain names mystika08 Linux - Networking 62 07-01-2009 06:23 AM
Bind server is unable to resolve specific domain bizzaro Linux - Server 4 05-04-2009 09:47 AM
DNS server unable to resolve uk.ibm.com avijitp Linux - Server 4 05-01-2009 10:35 PM
dns server not able to resolve local domain names mystika08 Linux - Newbie 3 03-19-2009 08:57 AM


All times are GMT -5. The time now is 05:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration