**another** connection timed out; no servers could be reached
I have 2 dns servers running the same zones,hints and named.conf each of them acts as a master (I do most of the updates of the zones i have through a script) I'm running a simple query from both of the box and it seems that I can't query the 2nd box. #1 box $ dig @1.1.1.10 www.yahoo.com ; DiG 9.3.4 @1.1.1.10 www.yahoo.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 31303 ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.yahoo.com. IN A ;; ANSWER SECTION: www.yahoo.com. 300 IN CNAME www.wa1.b.yahoo.com. www.wa1.b.yahoo.com.60 IN CNAME www-real.wa1.b.yahoo.com. www-real.wa1.b.yahoo.com. 60IN A 69.147.76.15 www-real.wa1.b.yahoo.com. 60IN A 209.191.93.52 ;; AUTHORITY SECTION: wa1.b.yahoo.com.299 IN NS yf1.yahoo.com. wa1.b.yahoo.com.299 IN NS yf2.yahoo.com. ;; Query time: 219 msec ;; SERVER: 10.0.100.10#53(1.1.1.10) ;; WHEN: Tue May 26 17:52:42 2009 ;; MSG SIZE rcvd: 146 #2 box $ dig @1.1.1.11 www.yahoo.com ; DiG 9.3.4 @1.1.1.11 www.yahoo.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached both boxes sit on the same subnet, and they both have the same hints file. no fw(pf) installed on any of the boxes. if it's a straight forward query for box#2 it calls out the connection timed out; no servers could be reached but when i add the +trace on the query it can actually resolve the site. I'd did a bit of googling, and most of the posts i see regarding this is a firewall issue. any help would be awesomely appreciated. -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
AW: file descriptors and max-clients-per-query
Thanks for the feedback How many sockets are open when you see this message? Normally the socket() call shouldn't fail even if named uses many sockets (it will fail anyway, but the failure mode is normally different), so it's very odd to see the above message. As Jeremy suggested we updatet our 9.4.2 Server this week to 9.4.3-P2 Luckily we hadn't a DNS outage so the message didn't reappear. So I can't say how many sockets where open when we had the message last time Are you perhaps limiting the system resource for the number of allowable open sockets? Do you set the 'files' option in your named.conf? Not that I'm aware of :) $ sysctl -a | grep socket kern.ipc.numopensockets: 38 kern.ipc.maxsockets: 25600 socket: 356,25608, 37, 4099, 25140481 security.jail.socket_unixiproute_only: 1 security.jail.allow_raw_sockets: 0 The only limits I set in named.conf is ttl-stuff (lame-ttl, max-ncache-ttl, ...), clients-per-query and recursive-clients If I see the message again I'll let you know. Philippe ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RFC2317-style inverse resolution (Was: request for advice
On Wed, May 27, 2009 at 11:15:37AM +0800, Myo Than mt...@iaspire.net wrote a message of 59 lines which said: Sirs, There are probably women on this list, also. 129 CNAME 129.128-159.137.166.203.in-addr.arpa. It seems OK. set type=ns 128-159.137.166.203.in-addr.arpa. nslookup has always been a lousy tool and is now deprecated. Use dig. 2. But, I got error on NS query for individual IP set type=ns 129.137.166.203.in-addr.arpa. Server: localhost Address: 127.0.0.1 *** localhost can't find 129.137.166.203.in-addr.arpa.: Server failed This may be a problem with your resolver (localhost). Because it works for me: % dig ANY 129.137.166.203.in-addr.arpa. ... ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 31030 ... Please advise me on how to fix the problem ? Test with dig and, first, test by querying directly the authoritative name servers (with the @ syntax), to avoid dependency on your resolver. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Fwd: **another** connection timed out; no servers could be reached
found what the problem is, i stop bind completely and re-run it again and the hintlist worked again. bug? maybe I'm running OpenBSD 4.2 and it's built-in bind server. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
