Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am going crazy with this. Out of nowhere, I started getting the error "timed out resolving". Nothing has changed and this configuration has been rock solid for many years. That said, it is Ubuntu 20 LTS and up-to-date.
I have a fairly vanilla configuration of Bind with root hints disabled and forwarding to Google DNS. The purpose of this server is to handle all DNS queries on my network and forward anything that isn't local.
Oddly, tcpdump shows a successful query to the upstream nameserver but bind will randomly say it timed out resolving. I have tried a handful of upstream servers and this makes no difference. If I run dig or nslookup directed at the server and domain that has allegedly failed, I get a speedy response.
I enabled query error logging and that is blank. I have checked my firewall and routing machine. I have power-cycled all of the core equipment to no avail. As I mentioned, nothing has changed recently and this configuration has worked for years.
And if anyone was wondering, it is not an internet issue or physical network issue. Pings, iperf and all that are performing as expected with zero loss.
Make sure you are only serving local queries and not for the general internet. Also check you aren't being attacked. Typically, UDP packets are not lost in transit, but when buffers are full at the client. Do you have a lot of other network traffic?
Let me clarify, I have a zonefile of blocked hosts and known locahosts. These are checked first and if there is no match it is forwarded to known DNS servers. I do have a lot of requests but not a lot of continuous traffic. I have about 120 devices that need DNS. I did check and I can't find any kernel value that is coming close to maxing out. If I watch tcpdump I can see the query is made and succeeds, but bind says it time out. There is nothing getting dropped on any firewalls.
I'm ready to ditch named since it has already been replaced by Kea and it doesn't look like a good alternative as it is not a drop-in. I had to fire up unbound for the moment but I can already tell it is not a great fit either. Unbound has not failed to resolve anything valid (except LAN member lookups) as far as I can tell.
I need something that can resolve local hosts, block from my list, and reach out to external DNS if the request isn't satisfied.
I used dnsmasq briefly long ago. I don't know if it was the build/version or the hardware, that too gave me trouble. It looks like Pi-Hole has matured and has everything I've been doing manually for years. I have installed it on an S922x board and appears to be keeping up. I may have a solution, but not an answer to my original inquiry.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.