LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-11-2007, 05:21 AM   #1
lordbressers
LQ Newbie
 
Registered: May 2007
Posts: 6

Rep: Reputation: 0
BIND9 not forwarding DNS requests


Hi,

I have an intermittent problem with 2 BIND9 servers I have running on my network. The problem I have is at random times of the day, when I try to lookup domains such as yahoo.com, hotmail.com, etc, I am unable to resolve the domains with the error message "DNS request timed out" appearing. This happens for a few minutes and then BIND starts resolving the yahoo.com and hotmail.com domains as normal.

When this issue occurs, I am still able to lookup internal host names of my servers. Skype does not disconnect and I have checked the gateway status to ensure that our Internet connection hasn't dropped. I also ping the network card of the BIND server, and I do get some packet loss (I am on a wireless network and I am swapping out the switches on the network over the weekend to rule out a faulty switch).

Does anyone have any suggestions as to what could be going wrong? I can post my named.conf settings if needs be.

Any help would be greatly appreciated.
 
Old 05-11-2007, 05:29 AM   #2
born4linux
Senior Member
 
Registered: Sep 2002
Location: Philippines
Distribution: Slackware, RHEL&variants, AIX, SuSE
Posts: 1,127

Rep: Reputation: 49
do a sniff with your external DNS lookups. might be your outside connection causing the lag.
 
Old 05-11-2007, 07:25 AM   #3
lordbressers
LQ Newbie
 
Registered: May 2007
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks for the advice, sorry for being a n00b but I am not too clued up on linux commands at present.

Could you please advise how I could go about performing the sniff command, and what parameters I would need to use?
 
Old 05-11-2007, 11:27 PM   #4
fur
Member
 
Registered: Dec 2003
Distribution: Debian, FreeBSD
Posts: 310

Rep: Reputation: 35
If Bind still resolves internal hosts I'm guessing its a connectivity issue from you DNS server to the internet.

First make sure your root name servers are valid.

ftp://ftp.rs.internic.net/domain/named.root

Compare those server to what you have configured in Bind.


If that checks out, then start looking for network related problems. I would start by running traceroutes from your DNS server to the IPs of a few outside DNS servers when you see this problem.


Here are a few you can try

Code:
ns1.yahoo.com.          172800  IN      A       66.218.71.63
ns1.msft.net.           172800  IN      A       207.68.160.190
H.GTLD-SERVERS.net.     172785  IN      A       192.54.112.30
 
Old 05-14-2007, 02:04 AM   #5
lordbressers
LQ Newbie
 
Registered: May 2007
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks for the suggestions Fur, I'll be giving them a try today as no doubt I'll be experiencing some BIND problems throughout the course of the day.

Just to keep you updated, I replaced our old switch which networked the whole office, as it was only a little 16 port switch and all ports were maxed out, so I've replaced it with a newer, 24 port model, and a newer model 16 port switch. Also, have replaced the network cable to the BIND servers, so today will be a good chance to see if it is a connection issue or a BIND configuration issue...
 
Old 05-17-2007, 05:29 AM   #6
lordbressers
LQ Newbie
 
Registered: May 2007
Posts: 6

Original Poster
Rep: Reputation: 0
Ok, This is REALLY strange. I have changed all switches over the weekend and this problem still occurs.

I have performed the following diagnostics, which is really confusing me as to where the problem is. My BIND server / client configuration is as follows:-

BIND Server ===> Software
========
Running BIND v9.3.4-4.fc6
Running DHCP v3.0.5-4.fc6

Network config - Static
=======================
Default Gateway = 192.168.0.1
Default DNS = 192.168.0.1


Client ===> Software
========
Running Windows Vista Ultimate

Network config - DHCP
=====================
Network connection set to DHCP for IP and DNS, therefore Default Gateway gets set to 192.168.0.1
and DNS gets set to 192.168.0.115


Diagnostics
===========
The problem has changed slightly, in that my Skype now logs itself out. When the problem occurs, I am no longer able to 'nslookup' any external domain names, for example 'yahoo.com', and I am also unable to ping any external IP addresses, for example '66.218.71.63' as provided above by Fur.

Oddly, when I connect via SSH to the BIND server and perform the same diagnostics as above, I am able to ping '66.218.71.63' without any problems and am able to 'nslookup' domains such as 'yahoo.com'. The way the BIND server is configured (as mentioned above), when pinging or performing 'nslookup', the requests are routed straight to the gateway (modem), i.e. does not go through the DNS server.

What this proves is that my Internet connection seems to be ok, as the DNS server is able to ping and nslookup directly through the gateway, but for some reason my machine is not able to do this via the DNS server.

Any ideas what I could be missing?
Could there be an issue with the DHCP?
If my PC is configured via DHCP, and the DHCP and BIND service runs on the same server, could there be an issue with the way DHCP/BIND is configured?

Any help would be greatly appreciated...
 
Old 05-17-2007, 11:48 AM   #7
fur
Member
 
Registered: Dec 2003
Distribution: Debian, FreeBSD
Posts: 310

Rep: Reputation: 35
Quote:
I am also unable to ping any external IP addresses, for example '66.218.71.63'
OK, if thats the case don't even worry about DNS/Bind, as it has no impact over this.

So now you need to start troubleshooting a pure connectivity issue.

Quote:
when I connect via SSH to the BIND server and perform the same diagnostics as above, I am able to ping '66.218.71.63' without any problems
Seeing how your DNS server is able to ping to external addresses you can also rule out any problems with your ISP.



I just noticed this from your first post..

Quote:
I also ping the network card of the BIND server, and I do get some packet loss (I am on a wireless network
You need to find the reason you are getting packet loss. If you are getting packet loss on your network that is a fairly serious issue that can, and will cause connectivity issues.

First I would connect via ethernet and see if you see the packet loss.

Do something like this to test

Code:
# ping -c 10000 -f 192.168.0.50
PING 192.168.0.50 (192.168.0.50): 56 data bytes
.                                                                              .
--- 192.168.0.50 ping statistics ---
10000 packets transmitted, 10000 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.120/0.138/1.897/0.031 ms
If there is no packet loss while being physically connected then look into problems with your wireless network.

First make sure you have a good connection. Rule out poor signal.

Other APs in the area transmitting on the same channel can also cause issues. If you have multiple APs its best to put them on different channels to avoid overlapping channels.

Also make sure they are not being over used. As in too many clients

Get a sniffer running on the wireless network and look for anything strange.
 
Old 05-18-2007, 02:22 AM   #8
lordbressers
LQ Newbie
 
Registered: May 2007
Posts: 6

Original Poster
Rep: Reputation: 0
Hi Fur,

Thanks for the reply. I am currently on a wired connection now, as following my switch upgrades last weekend I now have a network cable at my desk to use instead of wireless. With the new switches in place I now get no packet loss when pinging the BIND server's netword card.

Do you have any other diagnostic suggestions?
 
Old 05-19-2007, 12:06 AM   #9
fur
Member
 
Registered: Dec 2003
Distribution: Debian, FreeBSD
Posts: 310

Rep: Reputation: 35
Perhaps you could open several terminals and run constant pings on a number of hosts, and see what ones go down when you have the problem.

Ping your routers internal, and external interfaces, your switches IPs, etc..

Do you have other computers on the network that have the same problem, or is it isolated to one computer?

I would start a packet sniffer (wireshark), and look for abnormal traffic when the connection drops.


Also make sure that there is not a duplicate IP address on the network as that can cause intermittent connectivity problems.


Other than that I don't know what to tell you.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS Server for 2 domains - Bind9 bence8810 Linux - Server 17 12-19-2006 01:58 AM
Bind9 DNS Issue b00gz Linux - Networking 10 07-15-2006 11:32 AM
Help properly configuring DNS (Bind9) williamp0044 Linux - Networking 1 06-11-2006 12:10 AM
Forwarding dhcp requests through a Linux router fr_laz Linux - Networking 1 05-19-2005 08:14 AM
Port Forwarding not working for Internal requests angelgw Linux - Networking 2 06-29-2003 12:42 AM


All times are GMT -5. The time now is 09:09 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration