Am Samstag, 28. Dezember 2013, 15:59:40 schrieb Eric Koldeweij: > Guido, > > Does your server have IPv6 connectivity? If not try to edit resolver.xml > and comment out the line saying "<ipv6/>". I do not know for sure if > it's your problem but it has given me similar connectivity issues in the > past.
I do not have a resolver.xml anywhere. <resolve-ipv6/> in s2s.xml was already commented out. > Also from your log I see that not an answer but an error is returned: > NXDomain means the nameserver reported that the requested domain does > not exist. I have no idea why it would report that but maybe it's > something like the Google DNS has some throttling, not allowing more > than a certain amount of requests per second or something similar. > Another possibility is a firewall issue. DNS uses UDP port 53 normally > but it switches to TCP port 53 when the amount of information to > transfer becomes larger. It might be possible that TCP port 53 is > blocked while UDP port 53 is still open. It's a long shot but worth > looking into. I think you interpreted the dump wrong. What happened there was simply that the local host sent three dns queries, one for jabber.org, one for jabber.eof.name and one for freistaat-linden.de. It got two responses back, one with correct SRV records for jabber.org, one with NXDomain for jabber.eof.name, because jabber.eof.name does not have an SRV record configured, and think I cut off the response for freistaat-linden.de. > I think you should install a nameserver like bind. All Linux distros I > know (assuming you're running a Linux variant) offer bind and in almost > all of them the caching nameserver is the default setting (so you won't > need to configure anything to make it work). All you need to do is add > "nameserver 127.0.0.1" before all other nameserver lines in your > /etc/resolv.conf and my guess is that you will not be troubled by > timeouts any more. I can try that next, but I really really doubt the dns recursor is the problem here. Guido