HPE Community
Operating System - HP-UX
1757087 Members
1748 Online
108858 Solutions
New Discussion юеВ

DNS problem with delay in answering to a missing reverse zone nslookup ip address

 
Fabio_60
Occasional Advisor

тАО01-26-2005 09:38 PM

тАО01-26-2005 09:38 PM

DNS problem with delay in answering to a missing reverse zone nslookup ip address

We are facing a new issue...
It seems that DNS has changed its behavior after installing BIND 9 version.
If you tried to nslookup an address which has not a reverse zone x.y.z.t in previous BIND 8, you receive a fast answer:
Trying DNS
Trying NIS
Looking up FILES
*** No hostname information is available for "x.y.z.t"

Now in BIND 9, for the same address, you receive the same messages but the system is hanged a lot of time in:
Trying DNS
.....
then it goes on quickly.
This is impacting to some security scripts that our customer is launching and they are failing for this behavior.
Maybe these scripts try to contact these ip-addresses and these time-out make them fail the scripts.
Thank you for your support
Fabio
0 Kudos
Reply
11 REPLIES 11
Keith Bryson
Honored Contributor

тАО01-26-2005 09:47 PM

тАО01-26-2005 09:47 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

Hi Fabio

Try changing your /etc/resolv.conf file to something like this:

domain mydomain.com
retrans 2000
retry 1
nameserver a.b.c.d # Your 1st nameserver
nameserver e.f.g.h # Your 2nd nameserver
#etc

The retrans and retry option should be used together to improve timeout response.

Keith
Arse-cover at all costs
0 Kudos
Reply
Fabio_60
Occasional Advisor

тАО01-26-2005 10:19 PM

тАО01-26-2005 10:19 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

Hi and thank you Keith.
We already have the retry and retrans parameters set to:
retry 2
retrans 300
Anyway, I changed them to your values and It did't help..:-(
Fabio
0 Kudos
Reply
Keith Bryson
Honored Contributor

тАО01-26-2005 10:25 PM

тАО01-26-2005 10:25 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

Fabio

What have you got for /etc/resolv.conf and /etc/nsswitch.conf? You may want to post them on this thread.

Keith
Arse-cover at all costs
0 Kudos
Reply
Fabio_60
Occasional Advisor

тАО01-26-2005 10:45 PM

тАО01-26-2005 10:45 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

Hi these are the files:
I inserted named.conf, too.
Fabio
0 Kudos
Reply
Fabio_60
Occasional Advisor

тАО01-26-2005 10:50 PM

тАО01-26-2005 10:50 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

These are the other:
named.conf

And resolv.conf:
search r13.netact.vodafoneomnitel.it r11.netact.vodafoneomnitel.it netact.vodafoneomnitel.it w2k.r13.netact.vodafoneomnitel.it g99.netact.vodafoneomnitel.it omnitel.it
nameserver 10.192.34.203
nameserver 10.192.34.204
nameserver 10.192.34.205
retry 2
retrans 300


Fabio
Thank you again
0 Kudos
Reply
Fabio_60
Occasional Advisor

тАО01-26-2005 11:01 PM

тАО01-26-2005 11:01 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

hi...
nsswhitch.conf...
FAbio
0 Kudos
Reply
Keith Bryson
Honored Contributor

тАО01-26-2005 11:58 PM

тАО01-26-2005 11:58 PM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

Fabio

Try entering this:

nslookup
server 10.192.34.204
set type=a
x.y.z.t # (ENTER your reverse IP to lookup)

Does this differ in resolution response?

Keith
Arse-cover at all costs
0 Kudos
Reply
Fabio_60
Occasional Advisor

тАО01-27-2005 12:08 AM

тАО01-27-2005 12:08 AM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

hi Keith.
Unluckely, the resolution is exactly the same...:-(: we have to wait almost 1 minute to have the command finished...

Fabio
0 Kudos
Reply
Keith Bryson
Honored Contributor

тАО01-27-2005 12:15 AM

тАО01-27-2005 12:15 AM

Re: DNS problem with delay in answering to a missing reverse zone nslookup ip address

Fabio - 2 questions

Are the 3 nameservers up and can you ping them?

The server you are running the nslookup on, is this one of the nameservers itself?

Keith
Arse-cover at all costs
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.