TTL in DNS caches MSR

Jonas_C · ‎06-28-2017

We have the following DNS Server configuration with the MSR3012 with IP and DNS given by DHCP. The HPE_1 and HPE_2 devices are linked to level 3 on a point-to-point ip interface:

CONFIG HPE_1

interface g0/0

ip address 192.168.134.1 255.255.255.0

no proxy-arp enable

no ip irdp

exit

interface g0/1

ip address 1.1.1.1 255.255.255.252

no proxy-arp enable

no ip irdp

exit

dns domain Prueba

dns server 1.1.1.2

ip host server_1 2.2.2.2

ip host server_2 3.3.3.3

ip host dns1 1.1.1.1

dhcp server ip-pool 1

network 192.168.134.0 mask 255.255.255.0

expired day 10 hour 12

domain-name Prueba

dns-list 192.168.134.1 1.1.1.2

gateway-list 192.168.134.1

quit

ip route-static 2.2.2.2 255.255.255.255 1.1.1.2

ip route-static 3.3.3.3 255.255.255.255 1.1.1.2

CONFIG HPE_2

interface g0/0

ip address 1.1.1.2 255.255.255.252

no proxy-arp enable

no ip irdp

exit

dns domain Prueba

ip host dns2 1.1.1.2

interface LoopBack 1

description server_1

ip address 2.2.2.2 32

undo shutdown

exit

interface LoopBack 2

description server_2

ip address 3.3.3.3 32

undo shutdown

exit

ip route-static 192.168.134.0 255.255.255.0 1.1.1.1

HPE 1

[HPE_1]display dns host

Type:

D: Dynamic S: Static

Total number: 3

No. Host name Type TTL Query type IP addresses

1 dns1 D 3412 A 1.1.1.1

2 dns2 D 2582 A 1.1.1.2

3 server_1 D 3521 A 2.2.2.2

[HPE_1]ping server_2

Ping server_2 (3.3.3.3): 56 data bytes, press CTRL_C to break

56 bytes from 3.3.3.3: icmp_seq=0 ttl=255 time=0.320 ms

*Jun 15 23:35:16:864 2017 HPE_1 DNS/7/EVENT: Starting A resolving for server_2

*Jun 15 23:35:16:864 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2 in local database

*Jun 15 23:35:16:864 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2.Prueba in dynamic cache

*Jun 15 23:35:16:864 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2 in dynamic cache

*Jun 15 23:35:16:864 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2.Prueba by contacting DNS server 1.1.1.2 through UDP

*Jun 15 23:35:16:865 2017 HPE_1 DNS/7/PACKET: Sent:

Header:

ID = 26934

QR = 0, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 0

QDCount = 1

ANCount = 0

NSCount = 0

ARCount = 0

*Jun 15 23:35:16:865 2017 HPE_1 DNS/7/PACKET: Sent:

Question:

QName = server_2.Prueba

QType = A (1)

QClass = IN (1)

*Jun 15 23:35:16:865 2017 HPE_1 DNS/7/EVENT: Waiting 2 seconds for server response

*Jun 15 23:35:16:866 2017 HPE_1 DNS/7/PACKET: Received:

Header:

ID = 26934

QR = 1, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 2

QDCount = 1

ANCount = 0

NSCount = 0

ARCount = 0

*Jun 15 23:35:16:866 2017 HPE_1 DNS/7/PACKET: Received:

Question:

QName = server_2.Prueba

QType = A (1)

QClass = IN (1)

*Jun 15 23:35:16:866 2017 HPE_1 DNS/7/EVENT: Received an answer: QName = server_2.Prueba, ID = 26934

*Jun 15 23:35:16:866 2017 HPE_1 DNS/7/EVENT: The answer is invalid.

*Jun 15 23:35:16:866 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2 by contacting DNS server 1.1.1.2 through UDP

*Jun 15 23:35:16:867 2017 HPE_1 DNS/7/PACKET: Sent:

Header:

ID = 32495

QR = 0, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 0

QDCount = 1

ANCount = 0

NSCount = 0

ARCount = 0

*Jun 15 23:35:16:867 2017 HPE_1 DNS/7/PACKET: Sent:

Question:

QName = server_2

QType = A (1)

QClass = IN (1)

*Jun 15 23:35:16:867 2017 HPE_1 DNS/7/EVENT: Waiting 2 seconds for server response

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/PACKET: Received:

Header:

ID = 32495

QR = 1, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 0

QDCount = 1

ANCount = 1

NSCount = 0

ARCount = 0

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/PACKET: Received:

Question:

QName = server_2

QType = A (1)

QClass = IN (1)

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/PACKET: Received:

Answer:

Name = server_2

Type = A (1)

Class = IN (1)

TTL = 3600

RDLength = 4

RData = 3.3.3.3

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/EVENT: Received an answer: QName = server_2, ID = 32495

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2 in dynamic cache

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/EVENT: Added a dynamic DNS entry server_2

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/EVENT: Successfully resolved server_2: host name is server_2, address is 3.3.3.3

*Jun 15 23:35:16:868 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2.Prueba in dynamic cache

*Jun 15 23:35:16:869 2017 HPE_1 DNS/7/EVENT: Trying to resolve server_2 in dynamic cache

56 bytes from 3.3.3.3: icmp_seq=1 ttl=255 time=0.286 ms

56 bytes from 3.3.3.3: icmp_seq=2 ttl=255 time=0.235 ms

56 bytes from 3.3.3.3: icmp_seq=3 ttl=255 time=0.262 ms

56 bytes from 3.3.3.3: icmp_seq=4 ttl=255 time=0.239 ms

--- Ping statistics for server_2 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 0.235/0.268/0.320/0.032 ms

[HPE_1]%Jun 15 23:35:17:673 2017 HPE_1 PING/6/PING_STATISTICS: Ping statistics for server_2: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 0.235/0.268/0.320/0.032 ms.

------------------------------------------------------------------------------------------------------------------

HPE 2

[HPE_2]

*Jun 15 23:33:20:659 2017 HPE_2 DNS/7/PACKET: Received:

Header:

ID = 26934

QR = 0, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 0

QDCount = 1

ANCount = 0

NSCount = 0

ARCount = 0

*Jun 15 23:33:20:659 2017 HPE_2 DNS/7/PACKET: Received:

Question:

QName = server_2.Prueba

QType = A (1)

QClass = IN (1)

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: DNS proxy received a request for resolving server_2.Prueba

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: Trying to resolve server_2.Prueba in local database

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: Trying to resolve server_2.Prueba in dynamic cache

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: No DNS server is found.

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: Failed to resolve server_2.Prueba

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: DNS proxy sent a reply for resolving server_2.Prueba

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/PACKET: Sent:

Header:

ID = 26934

QR = 1, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 2

QDCount = 1

ANCount = 0

NSCount = 0

ARCount = 0

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/PACKET: Sent:

Question:

QName = server_2.Prueba

QType = A (1)

QClass = IN (1)

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: Trying to resolve server_2.Prueba in dynamic cache

*Jun 15 23:33:20:660 2017 HPE_2 DNS/7/EVENT: Trying to resolve server_2.Prueba.Prueba in dynamic cache

*Jun 15 23:33:20:661 2017 HPE_2 DNS/7/PACKET: Received:

Header:

ID = 32495

QR = 0, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 0

QDCount = 1

ANCount = 0

NSCount = 0

ARCount = 0

*Jun 15 23:33:20:661 2017 HPE_2 DNS/7/PACKET: Received:

Question:

QName = server_2

QType = A (1)

QClass = IN (1)

*Jun 15 23:33:20:661 2017 HPE_2 DNS/7/EVENT: DNS proxy received a request for resolving server_2

*Jun 15 23:33:20:661 2017 HPE_2 DNS/7/EVENT: Trying to resolve server_2 in local database

*Jun 15 23:33:20:661 2017 HPE_2 DNS/7/EVENT: DNS proxy sent a reply for resolving server_2

*Jun 15 23:33:20:662 2017 HPE_2 DNS/7/PACKET: Sent:

Header:

ID = 32495

QR = 1, OpCode = 0, AA = 0, TC = 0, RD = 1

RA = 0, Z = 0, AD = 0, CD = 0, RCode = 0

QDCount = 1

ANCount = 1

NSCount = 0

ARCount = 0

*Jun 15 23:33:20:662 2017 HPE_2 DNS/7/PACKET: Sent:

Question:

QName = server_2

QType = A (1)

QClass = IN (1)

*Jun 15 23:33:20:662 2017 HPE_2 DNS/7/PACKET: Sent:

Answer:

Name = server_2

Type = A (1)

Class = IN (1)

TTL = 3600

RDLength = 4

RData = 3.3.3.3

What maximum lifetime are these DNS entries saved in HPE1, I see that there is a TTL in the display. What ttl have dns resolutions that caches the proxy-dns? Is there a maximum size?

In Debug does not appear the source of the DNS request, how could it be visualized?

Regards.