[Bug 1020067] Re: Ubuntu 12.04 resolving hangs when querying AAAA records against BIND (Ubuntu 10.04) DNS servers

[ICT]

Hi,

** What is the exact tcpdump line you used? **

I run the following tcpdump client on the client:

**

I run nslookup gedaspw02 (gedaspw02 is a host on our local network) on
the client and I do get a response:

root@ubuntu12043:/lhome/ict# nslookup gedaspw02
Server:         172.28.16.11
Address:        172.28.16.11#53

Non-authoritative answer:
Name:   gedaspw02.a.space.corp
Address: 172.28.4.12

The corresponding tcpdump snippet:

root@ubuntu12043:/lhome/ict# tcpdump -i eth0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:14:21.949355 IP 172.28.19.52.33205 > gedapvl01.a.space.corp.domain: 58103+ 
A? gedaspw02.a.space.corp. (40)
08:14:21.949683 IP 172.28.19.52.34745 > gedapvl01.a.space.corp.domain: 64598+ 
PTR? 11.16.28.172.in-addr.arpa. (43)
08:14:21.951179 IP gedapvl01.a.space.corp.domain > 172.28.19.52.33205: 58103 
1/0/0 A 172.28.4.12 (56)
08:14:21.951191 IP gedapvl01.a.space.corp.domain > 172.28.19.52.34745: 64598 
1/0/0 PTR gedapvl01.a.space.corp. (79)
08:14:21.951289 IP 172.28.19.52.53705 > gedapvl01.a.space.corp.domain: 10253+ 
PTR? 52.19.28.172.in-addr.arpa. (43)
08:14:21.952504 IP gedapvl01.a.space.corp.domain > 172.28.19.52.53705: 10253 
NXDomain 0/1/0 (112)

When I start puppet, the startup is extremely slow, which lead me to the
assumption that something with DNS is not working correctly. Here is the
tcpdump snippet when running puppet:

08:17:08.497093 IP gedapvl01.a.space.corp.domain > 172.28.19.52.36834: 6015 
2/0/0 A 91.189.95.55, A 91.189.95.54 (66)
08:17:09.775535 IP 172.28.19.52.56145 > gedapvl01.a.space.corp.domain: 44576+ 
AAAA? puppet.a.space.corp. (37)
08:17:09.776626 IP gedapvl01.a.space.corp.domain > 172.28.19.52.56145: 44576 
0/1/0 (94)
08:17:09.776719 IP 172.28.19.52.43018 > gedapvl01.a.space.corp.domain: 28254+ 
AAAA? puppet. (24)
08:17:14.782915 IP 172.28.19.52.52767 > gedappl01.a.space.corp.domain: 28254+ 
AAAA? puppet. (24)
08:17:14.783060 IP 172.28.19.52.60943 > gedapvl01.a.space.corp.domain: 35223+ 
PTR? 13.16.28.172.in-addr.arpa. (43)
08:17:14.784074 IP gedapvl01.a.space.corp.domain > 172.28.19.52.60943: 35223 
1/0/0 PTR gedappl01.a.space.corp. (79)
08:17:16.402411 IP 172.28.19.52.54017 > gedapvl01.a.space.corp.domain: 24380+ 
A? daisy.ubuntu.com. (34)
08:17:16.426397 IP gedapvl01.a.space.corp.domain > 172.28.19.52.54017: 24380 
2/0/0 A 91.189.95.55, A 91.189.95.54 (66)
08:17:19.786837 IP 172.28.19.52.43018 > gedapvl01.a.space.corp.domain: 28254+ 
AAAA? puppet. (24)

It gets stuck when trying to resolve AAAA puppet.

** Could you please attach /etc/resolv.conf from the machine running
puppet? **

root@ubuntu12043:/lhome/ict# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 172.28.16.11
nameserver 172.28.16.13
search a.space.corp

The client is setup using DHCP.

** You say that the problem goes away when querying your Windows DNS
servers directly. Could you please post an equivalent tcpdump for
comparison? **

The same client using a windows DNS Server:

08:22:01.358496 IP gedaspw02.a.space.corp.domain > 172.28.19.52.42037: 34015* 
0/1/0 (94)
08:22:01.358589 IP 172.28.19.52.49655 > gedaspw02.a.space.corp.domain: 14368+ 
AAAA? puppet. (24)
08:22:01.359085 IP gedaspw02.a.space.corp.domain > 172.28.19.52.49655: 14368 
ServFail 0/0/0 (24)
08:22:01.359167 IP 172.28.19.52.38121 > gedaspw02.a.space.corp.domain: 14368+ 
AAAA? puppet. (24)
08:22:01.359589 IP gedaspw02.a.space.corp.domain > 172.28.19.52.38121: 14368 
ServFail 0/0/0 (24)
08:22:01.359658 IP 172.28.19.52.39728 > gedaspw02.a.space.corp.domain: 13331+ 
A? puppet.a.space.corp. (37)
08:22:01.360077 IP gedaspw02.a.space.corp.domain > 172.28.19.52.39728: 13331* 
1/0/0 A 172.28.16.12 (53)
08:22:01.381766 IP 172.28.19.52.40781 > gedaspw02.a.space.corp.domain: 10292+ 
AAAA? puppet.a.space.corp. (37)
08:22:01.382229 IP gedaspw02.a.space.corp.domain > 172.28.19.52.40781: 10292* 
0/1/0 (94)
08:22:01.382324 IP 172.28.19.52.57552 > gedaspw02.a.space.corp.domain: 63628+ 
AAAA? puppet. (24)
08:22:01.382705 IP gedaspw02.a.space.corp.domain > 172.28.19.52.57552: 63628 
ServFail 0/0/0 (24)
08:22:01.382778 IP 172.28.19.52.53545 > gedaspw02.a.space.corp.domain: 63628+ 
AAAA? puppet. (24)
08:22:01.383204 IP gedaspw02.a.space.corp.domain > 172.28.19.52.53545: 63628 
ServFail 0/0/0 (24)
08:22:01.383311 IP 172.28.19.52.44176 > gedaspw02.a.space.corp.domain: 14360+ 
A? puppet.a.space.corp. (37)
08:22:01.383702 IP gedaspw02.a.space.corp.domain > 172.28.19.52.44176: 14360* 
1/0/0 A 172.28.16.12 (53)
08:22:01.910869 IP 172.28.19.52.42662 > gedaspw02.a.space.corp.domain: 29987+ 
A? gedainst.a.space.corp. (39)
08:22:01.911367 IP gedaspw02.a.space.corp.domain > 172.28.19.52.42662: 29987* 
2/0/0 CNAME qnap-01.a.space.corp., A 172.28.4.104 (77)
08:22:01.911511 IP 172.28.19.52.45116 > gedaspw02.a.space.corp.domain: 14736+ 
A? gedainst.a.space.corp. (39)
08:22:01.911968 IP gedaspw02.a.space.corp.domain > 172.28.19.52.45116: 14736* 
2/0/0 CNAME qnap-01.a.space.corp., A 172.28.4.104 (77)
08:22:05.138105 IP 172.28.19.52.45117 > gedaspw02.a.space.corp.domain: 47727+ 
A? gedainst.a.space.corp. (39)
08:22:05.138707 IP gedaspw02.a.space.corp.domain > 172.28.19.52.45117: 47727* 
2/0/0 CNAME qnap-01.a.space.corp., A 172.28.4.104 (77)
08:22:05.138850 IP 172.28.19.52.50431 > gedaspw02.a.space.corp.domain: 12931+ 
A? gedainst.a.space.corp. (39)
08:22:05.139323 IP gedaspw02.a.space.corp.domain > 172.28.19.52.50431: 12931* 
2/0/0 CNAME qnap-01.a.space.corp., A 172.28.4.104 (77)
08:22:06.020444 IP 172.28.19.52.44044 > gedaspw02.a.space.corp.domain: 46259+ 
PTR? 0.0.0.0.in-addr.arpa. (38)
08:22:06.021940 IP gedaspw02.a.space.corp.domain > 172.28.19.52.44044: 46259 
NXDomain* 0/1/0 (121)
08:22:06.233766 IP 172.28.19.52.44316 > gedaspw02.a.space.corp.domain: 11411+ 
AAAA? puppet.a.space.corp. (37)
08:22:06.234393 IP gedaspw02.a.space.corp.domain > 172.28.19.52.44316: 11411* 
0/1/0 (94)
08:22:06.234492 IP 172.28.19.52.42124 > gedaspw02.a.space.corp.domain: 34880+ 
AAAA? puppet.a.space.corp.a.space.corp. (50)
08:22:06.234948 IP gedaspw02.a.space.corp.domain > 172.28.19.52.42124: 34880 
NXDomain* 0/1/0 (119)
08:22:06.235054 IP 172.28.19.52.49220 > gedaspw02.a.space.corp.domain: 50418+ 
A? puppet.a.space.corp. (37)
08:22:06.235527 IP gedaspw02.a.space.corp.domain > 172.28.19.52.49220: 50418* 
1/0/0 A 172.28.16.12 (53)

Here I do get a servfail when the client queries for AAAA puppet. The
BIND servers are setup as forwarders.

Regards,
Oliver




** Changed in: puppet (Ubuntu)
       Status: Incomplete => New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1020067

Title:
  Ubuntu 12.04 resolving hangs when querying AAAA records against BIND
  (Ubuntu 10.04) DNS servers

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1020067/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs