How FreeBSD Handles a DNS that is Down
This is an extremely novice question on my part, but after what I recently witnessed, I am not so sure I understand all I know. The normal procedure on internet-connected systems is to set the resolv.conf file to include at least 2 domain name servers. Example: nameserver 139.78.100.1 nameserver 139.78.200.1 Last night, I had to take down our primary DNS for maintenance and lots of systems began having trouble of various kinds. While I expected the FreeBSD system I was on to hang for a couple of seconds and then start using the second DNS, it basically froze while some Linux boxes also began exhibiting similar behavior. I finally manually changed the resolv.conf on the system I was using to force the slave DNS to be first in the list and that helped, but loosing the primary DNS was not the slight slowdown one might expect. It was a full-blown outage. Are we missing some other configuration directive for Unix systems that would make the systems use the redundancy a little more gracefully than what happened? Otherwise, why have it if somebody has to manually intervene? The only thing we should have lost was dynamic updates. The systems that I know that were basically hosed were FreeBSD and Linux. As soon as the mother ship came back on line, everything was sweetness and light. Thanks for any thoughts on this issue. I have only been running DNS for around 18 years and we fortunately do not get to see this condition often and when we do, it's hopefully for very short periods, but the disruption is total. Martin McCormick WB5AGZ Stillwater, OK Systems Engineer OSU Information Technology Department Telecommunications Services Group ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How FreeBSD Handles a DNS that is Down
El día Thursday, October 21, 2010 a las 06:22:15AM -0500, Martin McCormick escribió: This is an extremely novice question on my part, but after what I recently witnessed, I am not so sure I understand all I know. The normal procedure on internet-connected systems is to set the resolv.conf file to include at least 2 domain name servers. Example: nameserver139.78.100.1 nameserver139.78.200.1 Last night, I had to take down our primary DNS for maintenance and lots of systems began having trouble of various kinds. ... The man page of resolv.conf states that the DNS are queried in that order and if one timed out the next is queried; and this is that way for any new resolver request; I've put one which does not exist as first entry (10.0.1.99) and the existing in 2nd place (10.0.1.201) and checked with tcpdump what happened when I do 'ping www.muc.de' three times: # tcpdump -n host 10.0.1.99 or host 10.0.1.201 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes 13:37:43.401553 IP 10.49.96.52.44280 10.0.1.99.53: 13264+ A? www.muc.de. (28) 13:37:48.403868 IP 10.49.96.52.15468 10.0.1.201.53: 13264+ A? www.muc.de. (28) 13:37:48.430125 IP 10.0.1.201.53 10.49.96.52.15468: 13264 1/0/0 A 193.149.48.8 (44) 13:37:59.240499 IP 10.49.96.52.42369 10.0.1.99.53: 36140+ A? www.muc.de. (28) 13:38:04.242653 IP 10.49.96.52.28001 10.0.1.201.53: 36140+ A? www.muc.de. (28) 13:38:04.244321 IP 10.0.1.201.53 10.49.96.52.28001: 36140 1/0/0 A 193.149.48.8 (44) 13:38:14.964752 IP 10.49.96.52.24065 10.0.1.99.53: 39922+ A? www.muc.de. (28) 13:38:19.967153 IP 10.49.96.52.19756 10.0.1.201.53: 39922+ A? www.muc.de. (28) 13:38:19.968822 IP 10.0.1.201.53 10.49.96.52.19756: 39922 1/0/0 A 193.149.48.8 (44) This mean that it will at least slow down any new network connection HIH matthias -- Matthias Apitz t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e g...@unixarea.de - w http://www.unixarea.de/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How FreeBSD Handles a DNS that is Down
On Thu, 21 Oct 2010 06:22:15 -0500 Martin McCormick mar...@dc.cis.okstate.edu wrote: Last night, I had to take down our primary DNS for maintenance and lots of systems began having trouble of various kinds. While I expected the FreeBSD system I was on to hang for a couple of seconds and then start using the second DNS, it basically froze while some Linux boxes also began exhibiting similar behavior. I finally manually changed the resolv.conf on the system I was using to force the slave DNS to be first in the list and that helped, but loosing the primary DNS was not the slight slowdown one might expect. It was a full-blown outage. It works for me. The rules aren't 100% consistent, because some software parses resolv.conf, or uses configured servers, and then goes direct to the nameserver. Have you checked your firewall? Or maybe there is some difference between the two server. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
