subject:"\[Bug 1020067\] Re\: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND \(Ubuntu 10.04\) DNS servers"

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

2012-07-10 Thread ICT

Hi,

** What is the exact tcpdump line you used? **

I run the following tcpdump client on the client:

**

I run nslookup gedaspw02 (gedaspw02 is a host on our local network) on
the client and I do get a response:

root@ubuntu12043:/lhome/ict# nslookup gedaspw02
Server: 172.28.16.11
Address:172.28.16.11#53

Non-authoritative answer:
Name:   gedaspw02.a.space.corp
Address: 172.28.4.12

The corresponding tcpdump snippet:

root@ubuntu12043:/lhome/ict# tcpdump -i eth0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:14:21.949355 IP 172.28.19.52.33205  gedapvl01.a.space.corp.domain: 58103+ 
A? gedaspw02.a.space.corp. (40)
08:14:21.949683 IP 172.28.19.52.34745  gedapvl01.a.space.corp.domain: 64598+ 
PTR? 11.16.28.172.in-addr.arpa. (43)
08:14:21.951179 IP gedapvl01.a.space.corp.domain  172.28.19.52.33205: 58103 
1/0/0 A 172.28.4.12 (56)
08:14:21.951191 IP gedapvl01.a.space.corp.domain  172.28.19.52.34745: 64598 
1/0/0 PTR gedapvl01.a.space.corp. (79)
08:14:21.951289 IP 172.28.19.52.53705  gedapvl01.a.space.corp.domain: 10253+ 
PTR? 52.19.28.172.in-addr.arpa. (43)
08:14:21.952504 IP gedapvl01.a.space.corp.domain  172.28.19.52.53705: 10253 
NXDomain 0/1/0 (112)

When I start puppet, the startup is extremely slow, which lead me to the
assumption that something with DNS is not working correctly. Here is the
tcpdump snippet when running puppet:

08:17:08.497093 IP gedapvl01.a.space.corp.domain  172.28.19.52.36834: 6015 
2/0/0 A 91.189.95.55, A 91.189.95.54 (66)
08:17:09.775535 IP 172.28.19.52.56145  gedapvl01.a.space.corp.domain: 44576+ 
? puppet.a.space.corp. (37)
08:17:09.776626 IP gedapvl01.a.space.corp.domain  172.28.19.52.56145: 44576 
0/1/0 (94)
08:17:09.776719 IP 172.28.19.52.43018  gedapvl01.a.space.corp.domain: 28254+ 
? puppet. (24)
08:17:14.782915 IP 172.28.19.52.52767  gedappl01.a.space.corp.domain: 28254+ 
? puppet. (24)
08:17:14.783060 IP 172.28.19.52.60943  gedapvl01.a.space.corp.domain: 35223+ 
PTR? 13.16.28.172.in-addr.arpa. (43)
08:17:14.784074 IP gedapvl01.a.space.corp.domain  172.28.19.52.60943: 35223 
1/0/0 PTR gedappl01.a.space.corp. (79)
08:17:16.402411 IP 172.28.19.52.54017  gedapvl01.a.space.corp.domain: 24380+ 
A? daisy.ubuntu.com. (34)
08:17:16.426397 IP gedapvl01.a.space.corp.domain  172.28.19.52.54017: 24380 
2/0/0 A 91.189.95.55, A 91.189.95.54 (66)
08:17:19.786837 IP 172.28.19.52.43018  gedapvl01.a.space.corp.domain: 28254+ 
? puppet. (24)

It gets stuck when trying to resolve  puppet.

** Could you please attach /etc/resolv.conf from the machine running
puppet? **

root@ubuntu12043:/lhome/ict# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.28.16.11
nameserver 172.28.16.13
search a.space.corp

The client is setup using DHCP.

** You say that the problem goes away when querying your Windows DNS
servers directly. Could you please post an equivalent tcpdump for
comparison? **

The same client using a windows DNS Server:

08:22:01.358496 IP gedaspw02.a.space.corp.domain  172.28.19.52.42037: 34015* 
0/1/0 (94)
08:22:01.358589 IP 172.28.19.52.49655  gedaspw02.a.space.corp.domain: 14368+ 
? puppet. (24)
08:22:01.359085 IP gedaspw02.a.space.corp.domain  172.28.19.52.49655: 14368 
ServFail 0/0/0 (24)
08:22:01.359167 IP 172.28.19.52.38121  gedaspw02.a.space.corp.domain: 14368+ 
? puppet. (24)
08:22:01.359589 IP gedaspw02.a.space.corp.domain  172.28.19.52.38121: 14368 
ServFail 0/0/0 (24)
08:22:01.359658 IP 172.28.19.52.39728  gedaspw02.a.space.corp.domain: 13331+ 
A? puppet.a.space.corp. (37)
08:22:01.360077 IP gedaspw02.a.space.corp.domain  172.28.19.52.39728: 13331* 
1/0/0 A 172.28.16.12 (53)
08:22:01.381766 IP 172.28.19.52.40781  gedaspw02.a.space.corp.domain: 10292+ 
? puppet.a.space.corp. (37)
08:22:01.382229 IP gedaspw02.a.space.corp.domain  172.28.19.52.40781: 10292* 
0/1/0 (94)
08:22:01.382324 IP 172.28.19.52.57552  gedaspw02.a.space.corp.domain: 63628+ 
? puppet. (24)
08:22:01.382705 IP gedaspw02.a.space.corp.domain  172.28.19.52.57552: 63628 
ServFail 0/0/0 (24)
08:22:01.382778 IP 172.28.19.52.53545  gedaspw02.a.space.corp.domain: 63628+ 
? puppet. (24)
08:22:01.383204 IP gedaspw02.a.space.corp.domain  172.28.19.52.53545: 63628 
ServFail 0/0/0 (24)
08:22:01.383311 IP 172.28.19.52.44176  gedaspw02.a.space.corp.domain: 14360+ 
A? puppet.a.space.corp. (37)
08:22:01.383702 IP gedaspw02.a.space.corp.domain  172.28.19.52.44176: 14360* 
1/0/0 A 172.28.16.12 (53)
08:22:01.910869 IP 172.28.19.52.42662  gedaspw02.a.space.corp.domain: 29987+ 
A? gedainst.a.space.corp. (39)
08:22:01.911367 IP gedaspw02.a.space.corp.domain  172.28.19.52.42662: 29987* 
2/0/0 CNAME qnap-01.a.space.corp., A 172.28.4.104 (77)
08:22:01.911511 IP 172.28.19.52.45116  gedaspw02.a.space.corp.domain: 14736+ 
A?

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

2012-07-10 Thread Robie Basak

Oliver,

Thanks for the additional details.

Based on this I think it is clear that this is not a bug in puppet. Your
Windows servers should not be responding SERVFAIL to  queries. They
should be responding with NOERROR and no answers. I think that bind is
probably doing the right thing according to the specification here,
although I'm not completely sure.

It seems to me that the behaviour that you're seeing is an unfortunate
consequence of your Windows DNS servers not supporting IPv6 properly, by
failing when they are queried for IPv6 addresses. Perhaps there is an
option somewhere to turn it on, or an option in bind to work around
broken upstream DNS servers?

Since my conclusion is that this is not a bug (neither in puppet nor
bind) in Ubuntu, I'm marking this bug as invalid. However, I may be
wrong. If you can point to an authoritative source that states that bind
is supposed to respond differently when getting a SERVFAIL upstream,
then please point to that and change the bug status back to New, and
we'll retarget the bug at bind.

** Changed in: puppet (Ubuntu)
   Status: New = Invalid

** Summary changed:

- Ubuntu 12.04 resolving hangs when querying  records against BIND (Ubuntu 
10.04) DNS servers
+ BIND (Ubuntu 10.04) DNS servers do not respond when forwarding for upstreams 
which return SERVFAIL

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1020067

Title:
  BIND (Ubuntu 10.04) DNS servers do not respond when forwarding for
  upstreams which return SERVFAIL

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1020067/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

2012-07-09 Thread ICT

** Package changed: ubuntu = puppet (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1020067

Title:
  Ubuntu 12.04 resolving hangs when querying  records against BIND
  (Ubuntu 10.04) DNS servers

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1020067/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

2012-07-09 Thread Robie Basak

Thank you for taking the time to report this bug and helping to make
Ubuntu better.

I have a bunch of questions come to mind when thinking about what could
be causing this problem.

What is the exact tcpdump line you used? Is the BIND server really not
sending any replies at all? If it is, please can you do another tcpdump
and include them? If you're really not getting any responses, please
could you use dig or host to generate a DNS query that does work so that
we can see it in the tcpdump output to verify that it is working as
expected?

Could you please attach /etc/resolv.conf from the machine running
puppet?

You say that the problem goes away when querying your Windows DNS
servers directly. Could you please post an equivalent tcpdump for
comparison?

Marking as Incomplete pending answers to these questions. Please change
the bug status back to New after you have responded. Thanks!

** Changed in: puppet (Ubuntu)
   Status: New = Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1020067

Title:
  Ubuntu 12.04 resolving hangs when querying  records against BIND
  (Ubuntu 10.04) DNS servers

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1020067/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

4 matches

Site Navigation

Mail list logo

Footer information