[TriLUG] What could be going on with my nameserver?

Tue Nov 1 11:31:36 EST 2005

I'm plagued by what looks like an intermittent problem with my nameserver setup.

I'm running bind9 as a cacheing name server, and to resolve local
addresses on my LAN.

>From time to time, resolution of internet names seems to stop for a
while.  Sometimes it's all external names, and sometimes it's only
some.  For example, right now I can resolve www.google.com, but not
en.wikipedia.org.

The bind configuration has a forward first directive, and a forwarders
directive to forward to my netgear router which in turn forwards to
the name servers it gets from my isp via dhcp. The router's local ip
address is 192.168.0.11

Here's some recent attempts to figure out what's going on using dig.
rick at frodo:~$ dig www.google.com

; <<>> DiG 9.2.4 <<>> www.google.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49965
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;www.google.com.                        IN      A

;; ANSWER SECTION:
www.google.com.         310     IN      CNAME   www.l.google.com.
www.l.google.com.       270     IN      A       64.233.161.99
www.l.google.com.       270     IN      A       64.233.161.104
www.l.google.com.       270     IN      A       64.233.161.147

;; AUTHORITY SECTION:
l.google.com.           19999   IN      NS      e.l.google.com.
l.google.com.           19999   IN      NS      a.l.google.com.
l.google.com.           19999   IN      NS      b.l.google.com.
l.google.com.           19999   IN      NS      c.l.google.com.
l.google.com.           19999   IN      NS      d.l.google.com.

;; ADDITIONAL SECTION:
a.l.google.com.         158     IN      A       216.239.53.9
b.l.google.com.         154     IN      A       64.233.179.9
c.l.google.com.         159     IN      A       64.233.161.9
d.l.google.com.         24178   IN      A       64.233.183.9
e.l.google.com.         160     IN      A       66.102.11.9

;; Query time: 72 msec
;; SERVER: 192.168.0.40#53(192.168.0.40)
;; WHEN: Tue Nov  1 11:14:38 2005
;; MSG SIZE  rcvd: 260

rick at frodo:~$ dig en.wikipedia.org

; <<>> DiG 9.2.4 <<>> en.wikipedia.org
;; global options:  printcmd
;; connection timed out; no servers could be reached
rick at frodo:~$ dig @192.168.0.11 en.wikipedia.org

; <<>> DiG 9.2.4 <<>> @192.168.0.11 en.wikipedia.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2577
;; flags: qr rd ra; QUERY: 1, ANSWER: 16, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;en.wikipedia.org.              IN      A

;; ANSWER SECTION:
en.wikipedia.org.       1288    IN      CNAME   rr.wikimedia.org.
rr.wikimedia.org.       175     IN      CNAME   rr.pmtpa.wikimedia.org.
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.246
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.247
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.248
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.202
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.203
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.204
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.205
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.206
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.210
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.213
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.214
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.235
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.236
rr.pmtpa.wikimedia.org. 1222    IN      A       207.142.131.245

;; AUTHORITY SECTION:
wikimedia.org.          72805   IN      NS      ns1.wikimedia.org.
wikimedia.org.          72805   IN      NS      ns2.wikimedia.org.
wikimedia.org.          72805   IN      NS      ns0.wikimedia.org.

;; ADDITIONAL SECTION:
ns0.wikimedia.org.      19250   IN      A       207.142.131.207
ns1.wikimedia.org.      45396   IN      A       207.142.131.208
ns2.wikimedia.org.      45396   IN      A       145.97.39.158

;; Query time: 109 msec
;; SERVER: 192.168.0.11#53(192.168.0.11)
;; WHEN: Tue Nov  1 11:20:12 2005
;; MSG SIZE  rcvd: 410

rick at frodo:~$ dig www.google.com

; <<>> DiG 9.2.4 <<>> www.google.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6779
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;www.google.com.                        IN      A

;; ANSWER SECTION:
www.google.com.         822     IN      CNAME   www.l.google.com.
www.l.google.com.       231     IN      A       64.233.161.99
www.l.google.com.       231     IN      A       64.233.161.104
www.l.google.com.       231     IN      A       64.233.161.147

;; AUTHORITY SECTION:
l.google.com.           19659   IN      NS      e.l.google.com.
l.google.com.           19659   IN      NS      a.l.google.com.
l.google.com.           19659   IN      NS      b.l.google.com.
l.google.com.           19659   IN      NS      c.l.google.com.
l.google.com.           19659   IN      NS      d.l.google.com.

;; ADDITIONAL SECTION:
a.l.google.com.         86247   IN      A       216.239.53.9
b.l.google.com.         86248   IN      A       64.233.179.9
c.l.google.com.         86248   IN      A       64.233.161.9
d.l.google.com.         23838   IN      A       64.233.183.9
e.l.google.com.         86248   IN      A       66.102.11.9

;; Query time: 140 msec
;; SERVER: 192.168.0.40#53(192.168.0.40)
;; WHEN: Tue Nov  1 11:20:18 2005
;; MSG SIZE  rcvd: 260

So I can get google resolved via my local nameserver, but I can only
resolve en.wikipedia.org if I bypass the local nameserver and go
directly to the netgear router.

As I said these problems seem to come and go.  Resolution of local
names seems solid (they're all in a local subdomain
local.denhaven2.com). Restarting bind doesn't seem to make a
difference.

Any ideas?
--
Rick DeNatale

Visit the Project Mercury Wiki Site
http://www.mercuryspacecraft.com/