Guido,
Does your server have IPv6 connectivity? If not try to edit resolver.xml
and comment out the line saying "<ipv6/>". I do not know for sure if
it's your problem but it has given me similar connectivity issues in the
past.
Also from your log I see that not an answer but an error is returned:
NXDomain means the nameserver reported that the requested domain does
not exist. I have no idea why it would report that but maybe it's
something like the Google DNS has some throttling, not allowing more
than a certain amount of requests per second or something similar.
Another possibility is a firewall issue. DNS uses UDP port 53 normally
but it switches to TCP port 53 when the amount of information to
transfer becomes larger. It might be possible that TCP port 53 is
blocked while UDP port 53 is still open. It's a long shot but worth
looking into.
I think you should install a nameserver like bind. All Linux distros I
know (assuming you're running a Linux variant) offer bind and in almost
all of them the caching nameserver is the default setting (so you won't
need to configure anything to make it work). All you need to do is add
"nameserver 127.0.0.1" before all other nameserver lines in your
/etc/resolv.conf and my guess is that you will not be troubled by
timeouts any more.
Regards,
Eric.
Also what I see is that
On 28-Dec-13 14:23, Guido Winkelmann wrote:
Am Samstag, 28. Dezember 2013, 11:05:33 schrieb Tomasz Sterna:
Dnia 2013-12-28, sob o godzinie 09:10 +0100, Eric Koldeweij pisze:
My suspicion is that there is a problem with a name server you are
using. if you look at the file /etc/resolv.conf you will see one or
more lines saying "nameserver <ip_addr>". The resolver will ask each
name server in turn to resolve the host name for it,
I second that. This is what immediately came to my mind as a probable
answer to your issue.
No, this is not it. My /etc/resolv.conf contains only one line, and it is
nameserver 8.8.8.8
Both dig and host can use this nameserver to resolve the names in question
with very little delay:
$ time host -t SRV _xmpp-server._tcp.jabber.org. 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
_xmpp-server._tcp.jabber.org has SRV record 30 30 5269 hermes2.jabber.org.
_xmpp-server._tcp.jabber.org has SRV record 31 30 5269 hermes2v6.jabber.org.
real 0m0.034s
user 0m0.000s
sys 0m0.020s
$ time host -t SRV _xmpp-server._tcp.jabber.ccc.de. 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
_xmpp-server._tcp.jabber.ccc.de has SRV record 5 0 5269 jabberd.jabber.ccc.de.
real 0m0.034s
user 0m0.000s
sys 0m0.020s
$ time dig -t srv _xmpp-server._tcp.jabber.org.
; <<>> DiG 9.9.3-P2 <<>> -t srv _xmpp-server._tcp.jabber.org.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28840
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;_xmpp-server._tcp.jabber.org. IN SRV
;; ANSWER SECTION:
_xmpp-server._tcp.jabber.org. 247 IN SRV 30 30 5269 hermes2.jabber.org.
_xmpp-server._tcp.jabber.org. 247 IN SRV 31 30 5269
hermes2v6.jabber.org.
;; Query time: 10 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Dec 28 14:07:01 CET 2013
;; MSG SIZE rcvd: 135
real 0m0.035s
user 0m0.020s
sys 0m0.000s
"dig" command works independently of stub resolver in your system and is
more of a DNS servers test tool, not your system setup test tool.
Take a look at each of your 'nameserver' line in /etc/resolv.conf and
check each server first pinging it, then asking directly:
host -t SRV _xmpp-server._tcp.jabber.org. dns.server.ip.123
See above, resolving these names with either dig or host works fine, using the
nameserver from /etc/resolv.conf
I just ran tcpdump while restarting jabberd, this is what I saw (excerpt):
14:19:06.638847 IP 62.48.88.30.47380 > 8.8.8.8.domain: 35840+ [1au] SRV?
_xmpp-server._tcp.jabber.org. (57)
14:19:06.644226 IP 62.48.88.30.47380 > 8.8.8.8.domain: 32182+ [1au] SRV?
_xmpp-server._tcp.jabber.eof.name. (62)
14:19:06.646615 IP 62.48.88.30.47380 > 8.8.8.8.domain: 34426+ [1au] SRV?
_xmpp-server._tcp.freistaat-linden.de. (66)
14:19:06.648101 IP 8.8.8.8.domain > 62.48.88.30.47380: 35840 2/0/1 SRV
hermes2v6.jabber.org.:5269 31 30, SRV hermes2.jabber.org.:5269 30 30 (135)
14:19:06.654613 IP 8.8.8.8.domain > 62.48.88.30.47380: 32182 NXDomain 0/1/1
(119)
So there is an answer at least for one of the requests (jabber.org), but
jabberd2 still says
Dec 28 14:21:02 blish jabberd/s2s[14802]: dns lookup for jabber.org timed out
in its logs.
Guido
Guido
