Search Again: Re: Quick Dns crashing From: Men & Mice Support Date: Friday, August 15, 2003 Time: 10:00:29 am I would start by looking through the log for a line starting with "Query" instead of "Querying" - in other words, try to find what query came in that triggered all of this. My guess is that this has something to do with the following facts: - mydnsserver.com is delegated to a couple of servers in the halfpricehosting.com domain. - halfpricehosting.com is delegated to four servers in the mydnsserver.com domain, two of which have the same IP address (which is also the same address as one of the halfpricehosting.com servers). - The other halfpricehosting.com server is given a different IP address by the authoritative servers than by the com servers. - Of the five IP addresses given for these various server names, only the one that is assigned three names (199.231.136.99, which is ns7.halfpricehosting.com, ns1.mydnsserver.com, and ns3.mydnsserver.com) actually responds to DNS queries. - The halfpricehosting.com zone contains authority records pointing to the halfpricehosting.com server names, not the mydnsserver.com server names. In theory, it should all work despite these problems. But the anti-spoofing algorithm in QuickDNS Server may be having trouble with this. ____________________________________________________________________ Chris Buxton Men & Mice Customer Support Specialist Making DNS Easy At 12:29 PM -0400 8/15/03, Ryan Clevenger wrote: > Hey guys I have been having a strange problem recently. I >upgraded my QuickDns from 3.0 to 3.5.3 running on Mac Os 9.1 on a >350mhz imac. Everything has been running great until the other day. >I keep the debug log running so that I can see what is going on and >such and I noticed that the log was filling up to like 300meg in a >matter of a day. For about 3 days in a row the server would crash by >the end of the day. So I checked the log and here is what was >showing. > >540,000 lines (270,000 queries) in 2 hours 20 minutes > >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns1.mydnsserver.com." >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns2.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns1.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns1.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns2.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns2.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns1.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns1.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns2.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns2.mydnsserver.com." >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns3.mydnsserver.com." >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns4.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns1.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.31.80.30:53" about "ns1.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns2.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.42.93.30:53" about "ns2.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns3.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.42.93.30:53" about "ns3.mydnsserver.com." >Aug 12 14:45:20 Reply: "ns4.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:20 Querying "192.42.93.30:53" about "ns4.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns1.mydnsserver.com." - from "192.31.80.30:53" >Aug 12 14:45:21 Querying "192.42.93.30:53" about "ns1.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns1.mydnsserver.com." - from "192.42.93.30:53" >Aug 12 14:45:21 Querying "192.42.93.30:53" about "ns1.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns2.mydnsserver.com." - from "192.42.93.30:53" >Aug 12 14:45:21 Querying "192.42.93.30:53" about "ns2.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns2.mydnsserver.com." - from "192.42.93.30:53" >Aug 12 14:45:21 Querying "192.42.93.30:53" about "ns2.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns3.mydnsserver.com." - from "192.42.93.30:53" >Aug 12 14:45:21 Querying "192.42.93.30:53" about "ns3.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns4.mydnsserver.com." - from "192.42.93.30:53" >Aug 12 14:45:21 Querying "192.42.93.30:53" about "ns4.mydnsserver.com." >Aug 12 14:45:21 Reply: "ns1.mydnsserver.com." - from "192.42.93.30:53" > >Etc... >If you noticed it did this for 540,000 lines in 2 hours and 20 minutes. > >This is not the only domain that I am getting it from there are >about 4 or five domains that this happened to. Eventually the server >gets tired of all these queries and just shuts down. Does anyone >have any idea why this is happening? I have no idea why the server >would be querying over and over like this. Any help would be much >appreciated. > > > >Ryan Clevenger >Computer Support Specialist >North Point Community Church >Work - 770.290.5770 >Cell - 770.634.9816 >ryan.clevenger@northpoint.org

Messages In This Thread: Quick Dns crashing by Ryan Clevenger on Aug 15, 2003 at 9:30:45 am Re: Quick Dns crashing by Men & Mice Support on Aug 15, 2003 at 10:00:29 am Re: Quick Dns crashing by Ryan Clevenger on Aug 15, 2003 at 10:27:21 am Re: Quick Dns crashing by Men & Mice Support on Aug 15, 2003 at 2:10:22 pm