 |  |
If the problem were in the router/firewall settings, you likely
Re: Some slow recursive queries issues
From: Men & Mice Support
Date: Friday, January 21, 2005
Time: 6:42:57 pm
wouldn't get any response at all, or certainly not one containing
records.
Have you disabled IPv6 support in named on this machine? Are you
using the "-4" flag with named version 9.3?
Chris Buxton
Men & Mice - Making DNS Easy
At 4:43 PM -0800 1/21/05, Scott Haneda wrote:
>on 1/21/05 4:34 PM, Men & Mice Support at cbuxton@menandmice.com wrote:
>
>> The response is different depending on the source of the query. If
>> you query from a machine local to the server, the response is fast,
>> but if you query from your Comcast address, the response is slow.
>> This suggests the problem isn't in your server, but in Comcast. On
>> the other hand, queries sent to other servers from your Comcast
>> address are answered quickly. This suggests the problem is in your
>> server. Perhaps there's something peculiar going on between Comcast
>> and your server. For example, perhaps there's a problematic
>> interaction between some DNS proxy at Comcast and your BIND 9.3.0
>> server, a problem that doesn't exist with other DNS servers.
>
>I don't think it is the case with the problem being comcast related, I just
>ssh'd to a machine elsewhere, using a DS1 as the connection. I added in
>that machines ip to my allow list, ran a dig, here is what I got:
>
>dig halflife.com @ns1.hostwizard.com
>
>; <<>> DiG 9.2.2 <<>> halflife.com @ns1.hostwizard.com
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9592
>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 2
>
>;; QUESTION SECTION:
>;halflife.com. IN A
>
>;; ANSWER SECTION:
>halflife.com. 1800 IN A 216.201.96.65
>
>;; AUTHORITY SECTION:
>halflife.com. 1800 IN NS auth01.ns.korax.net.
>halflife.com. 1800 IN NS auth02.ns.korax.net.
>halflife.com. 1800 IN NS auth03.ns.korax.net.
>
>;; ADDITIONAL SECTION:
>auth01.ns.korax.net. 172799 IN A 216.201.96.33
>auth02.ns.korax.net. 172799 IN A 216.201.96.34
>
>;; Query time: 3584 msec
>;; SERVER: 64.84.37.14#53(ns1.hostwizard.com)
>;; WHEN: Fri Jan 21 18:39:29 2005
>;; MSG SIZE rcvd: 153
>
>As you can see, really really slow. Just for fun, I will ssh to one more
>machine, this one in Texas, so I add in the IP to allow the recursion, here
>is what I get:
>
>dig alpha.com @ns1.hostwizard.com
>
>; <<>> DiG 9.2.2 <<>> alpha.com @ns1.hostwizard.com
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49578
>;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;alpha.com. IN A
>
>;; ANSWER SECTION:
>alpha.com. 86400 IN A 216.57.198.23
>
>;; AUTHORITY SECTION:
>alpha.com. 86400 IN NS ns1.fibercloud.com.
>alpha.com. 86400 IN NS ns2.fibercloud.com.
>
>;; Query time: 4272 msec
>;; SERVER: 64.84.37.14#53(ns1.hostwizard.com)
>;; WHEN: Fri Jan 21 16:42:16 2005
>;; MSG SIZE rcvd: 90
>
>Equally slow, so something is wrong with my DNS install, in some way or
>another. I thought it may be router related, in that perhaps a port was not
>open, I checked, and I have:
>> permit tcp any any eq domain
>> permit udp any any eq domain
>
>Are there any other ports I am not aware of that this communicates over that
>I should have open?
>--
>-------------------------------------------------------------
>Scott Haneda Tel: 415.898.2602
><http://www.newgeo.com> Fax: 313.557.5052
><scott@newgeo.com> Novato, CA U.S.A.
Messages In This Thread:
Return to Digital Point Solutions' Home Page
| home | |
| products | |
| services | |
| support | |
| email lists |
| optigold isp | |
| optigold isp news | |
| home inspection | |
| inspectrix | |
| java companion | |
| oracle | |
| quickdns pro | |
| search engine | |
| veterinary |
| tips | |
| employees | |
| free tools | |
| portfolio | |
| jobs | |
| contact |
888/4-DPOINTSupport:
858/452-3696