From owner-freebsd-questions Fri Nov 10 9:41:28 2000 Delivered-To: freebsd-questions@freebsd.org Received: from malkav.snowmoon.com (ip-208-20-126-237.cdcsd.k12.ny.us [208.20.126.237]) by hub.freebsd.org (Postfix) with SMTP id 81EFA37B479 for ; Fri, 10 Nov 2000 09:41:24 -0800 (PST) Received: (qmail 5271 invoked by uid 1003); 10 Nov 2000 17:41:14 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 10 Nov 2000 17:41:14 -0000 Date: Fri, 10 Nov 2000 12:41:14 -0500 (EST) From: "Marius M. Rex" To: questions@freeBSD.org Subject: Cacheing only DNS going wild Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I happen to be running 4.1.1-STABLE, but I am not sure this is really a stable issue. I am running an cacheing only DNS. It works fine until I make a bogus DNS query. If I try to look up a site that doesn't exist, the thing just gets locked in a loop of asking other name servers the same unanswerable question over and over again. It generates a lot of useless traffic, and eats up about half my CPU. But otherwise the system is functional. I stop this cycle by killing named, and restarting it. 'ndc stop' and friends make no differnce. Tcpdump shows queries going mad: *snip* 12:36:45.614088 ns2.blackplanet.com.domain > utterlux.communityconnect.com.domain: 43979 ServFail 0/0/0 (45) 12:36:45.616352 utterlux.communityconnect.com.domain > ns2.blackplanet.com.domain: 63092+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:45.627234 ns2.blackplanet.com.domain > utterlux.communityconnect.com.domain: 63092 ServFail 0/0/0 (45) 12:36:45.978833 utterlux.communityconnect.com.domain > ns2.blackplanet.com.domain: 53876+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:45.989846 ns2.blackplanet.com.domain > utterlux.communityconnect.com.domain: 53876 ServFail 0/0/0 (45) 12:36:46.076858 utterlux.communityconnect.com.domain > ns1.blackplanet.com.domain: 29972+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:46.078218 utterlux.communityconnect.com.domain > ns1.blackplanet.com.domain: 4733+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:46.079567 utterlux.communityconnect.com.domain > ns1.blackplanet.com.domain: 14719+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:46.080914 utterlux.communityconnect.com.domain > ns1.blackplanet.com.domain: 39550+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:46.082262 utterlux.communityconnect.com.domain > ns1.blackplanet.com.domain: 29273+ PTR? 229.118.58.161.in-addr.arpa. (45) 12:36:46.083609 utterlux.communityconnect.com.domain *snip* Is there any more civilized way of dealing with this? It is a pain to have to restart every time a bad query is made. ------------------------------------------------------------------------- Marius M. Rex "Well," Brahma said, "even after ten thousand explanations, a fool is no wiser, but an intelligent man requires only two thousand five hundred." -- The Mahabharata To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message