Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 28 Mar 2004 22:31:17 -0800
From:      "Crist J. Clark" <cristjc@comcast.net>
To:        Lutz Petersen <akio@despammed.com>
Cc:        freebsd-net@freebsd.org
Subject:   Re: BIND: Lookup of CNAME records
Message-ID:  <20040329063117.GC73269@blossom.cjclark.org>
In-Reply-To: <406204AF.5050600@despammed.com>
References:  <6686.1079661277@www27.gmx.net> <20040319193514.GB54073@blossom.cjclark.org> <406204AF.5050600@despammed.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 24, 2004 at 10:59:11PM +0100, Lutz Petersen wrote:
> Crist J. Clark wrote:
> >How long does it take to do a reverse-lookup on the result of the
> >previous lookups? The applications may be trying to resolve a PTR
> >record for the final IP address they end up with.
> 
> Reverse lookups work fine. But I do not think PTR lookups are an issue
> in this case (see below).
> 
> >You can try the following two tests and compare the difference,
> >
> >  1) Put the two external servers in resolv.conf, and run,
> >
> >	# tcpdump -s512 port 53
> >
> >     And try your ftp or telnet.
> >
> >  2) Put 127.0.0.1 back into resolv.conf, clear the cache of the local
> >     BIND (not sure of a way to do that other than killing and
> >     restarting in 8.x.x), and run the same thing,
> >
> >	# tcpdump -s512 port 53
> >
> >     And again try the ftp or telnet.
> 
> I am enclosing the results of these two tests. For better readability I
> have removed the time offset and replaced my IP number with "me", the
> forwarder's IP with "fw".

It looks like "fw" is messed up. Those responses don't carry any
authority records. The queries for the root servers are returning "no
error" with completely blank responses.

> (1)
> 00:00.000000 me.49235 > fw.domain:  1081+ AAAA? ftp.de.freebsd.org. (36)
> 00:00.235195 fw.domain > me.49235:  1081 2/0/0 CNAME ftp4.de.freebsd.org., 
> CNAME ftp.leo.org. (77) (DF)
> 00:00.235648 me.49236 > fw.domain:  1082+ A? ftp.de.freebsd.org. (36)
> 00:00.850987 fw.domain > me.49236:  1082 3/0/0 CNAME ftp4.de.freebsd.org., 
> CNAME ftp.leo.org., A 131.159.72.23 (93) (DF)
> 
> (2)
> 00:00.000000 me.domain > fw.domain:  8207+ [1au] AAAA? ftp.de.freebsd.org. 
> (47)
> 00:00.093818 fw.domain > me.domain:  8207 2/0/0 CNAME ftp4.de.freebsd.org., 
> CNAME ftp.leo.org. (77) (DF)
> 00:00.094539 me.domain > fw.domain:  30226+ [1au] AAAA? ftp.leo.org. (40)
> 00:00.183988 fw.domain > me.domain:  30226 0/0/0 (29) (DF)
> 00:05.184504 me.domain > fw.domain:  52418+ [1au] AAAA? ftp.leo.org. (40)
> 00:05.278765 fw.domain > me.domain:  52418 0/0/0 (29) (DF)
> 00:15.278043 me.domain > fw.domain:  24089+ [1au] AAAA? ftp.leo.org. (40)
> 00:15.377019 fw.domain > me.domain:  24089 0/0/0 (29) (DF)
> 00:35.374320 me.domain > fw.domain:  31178+ [1au] AAAA? ftp.leo.org. (40)
> 00:35.978176 fw.domain > me.domain:  31178 0/0/0 (29) (DF)
> 01:15.970823 me.domain > fw.domain:  53751+ [1au] A? ftp.leo.org. (40)
> 01:16.064579 fw.domain > me.domain:  53751 1/0/0 A 131.159.72.23 (45) (DF)
> 01:16.065468 me.domain > fw.domain:  56474+ [1au] AAAA? J.ROOT-SERVERS.NET. 
> (47)
> 01:16.065915 me.domain > fw.domain:  36905+ [1au] AAAA? K.ROOT-SERVERS.NET. 
> (47)
> 01:16.066172 me.domain > fw.domain:  38356+ [1au] AAAA? L.ROOT-SERVERS.NET. 
> (47)
> 01:16.066372 me.domain > fw.domain:  395+ [1au] AAAA? M.ROOT-SERVERS.NET. 
> (47)
> 01:16.066572 me.domain > fw.domain:  54526+ [1au] AAAA? I.ROOT-SERVERS.NET. 
> (47)
> 01:16.066771 me.domain > fw.domain:  61085+ [1au] AAAA? E.ROOT-SERVERS.NET. 
> (47)
> 01:16.066986 me.domain > fw.domain:  38040+ [1au] AAAA? D.ROOT-SERVERS.NET. 
> (47)
> 01:16.068062 me.domain > fw.domain:  35807+ [1au] AAAA? A.ROOT-SERVERS.NET. 
> (47)
> 01:16.068664 me.domain > fw.domain:  27426+ [1au] AAAA? H.ROOT-SERVERS.NET. 
> (47)
> 01:16.069117 me.domain > fw.domain:  39377+ [1au] AAAA? C.ROOT-SERVERS.NET. 
> (47)
> 01:16.069552 me.domain > fw.domain:  11036+ [1au] AAAA? G.ROOT-SERVERS.NET. 
> (47)
> 01:16.070036 me.domain > fw.domain:  34035+ [1au] AAAA? F.ROOT-SERVERS.NET. 
> (47)
> 01:16.070476 me.domain > fw.domain:  33542+ [1au] AAAA? B.ROOT-SERVERS.NET. 
> (47)
> 01:16.157385 fw.domain > me.domain:  56474 0/0/0 (36) (DF)
> 01:16.160564 fw.domain > me.domain:  36905 0/0/0 (36) (DF)
> 01:16.172424 fw.domain > me.domain:  38356 0/0/0 (36) (DF)
> 01:16.176809 fw.domain > me.domain:  395 0/0/0 (36) (DF)
> 01:16.188828 fw.domain > me.domain:  54526 0/0/0 (36) (DF)
> 01:16.193810 fw.domain > me.domain:  61085 0/0/0 (36) (DF)
> 01:16.202584 fw.domain > me.domain:  38040 0/0/0 (36) (DF)
> 01:16.209829 fw.domain > me.domain:  35807 0/0/0 (36) (DF)
> 01:16.217073 fw.domain > me.domain:  27426 0/0/0 (36) (DF)
> 01:16.238637 fw.domain > me.domain:  39377 0/0/0 (36) (DF)
> 01:16.240081 fw.domain > me.domain:  11036 0/0/0 (36) (DF)
> 01:16.241823 fw.domain > me.domain:  34035 0/0/0 (36) (DF)
> 01:16.246842 fw.domain > me.domain:  33542 0/0/0 (36) (DF)
> 
> As I thought of an IPv6 problem, I compiled a new kernel with IPNET6.
> That did not help at all, unfortunately.
> 
> Any ideas?
> _______________________________________________
> freebsd-net@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040329063117.GC73269>