DNS Timeout Errors

Jay_Fenello · December 9, 2004, 9:04pm

Is anyone else experiencing DNS timeout
errors. I've tried using multiple name
resolvers, and tested multiple domain
names using different name servers, and
I keep getting "name not found" errors.

Trying the same domain name a second
time, and it resolves ok. This all
started a few days ago.

Any insights ???

Jay.

Christopher_L_Morro1 · December 9, 2004, 9:35pm

perhaps some examples of the domains queried and servers queried? source
addresses of the requests might also help.

Simon_Leinen1 · December 9, 2004, 10:30pm

Jay,

Is anyone else experiencing DNS timeout errors. I've tried using
multiple name resolvers, and tested multiple domain names using
different name servers, and I keep getting "name not found" errors.

Trying the same domain name a second time, and it resolves ok. This
all started a few days ago.

About three weeks ago, some of our users have told us that they were
experiencing many DNS resolution failures while surfing the Web. We
analyzed this, and part of the explanation we came up with should work
for others, especially if the following conditions are met:

Are you using BIND 9 on the recursive nameserver that you normally use?
If so, does the installation of BIND 9 on your recursive nameserver
include support for DNS queries over IPv6?

BIND 9 seems to have trouble when a nameserver responds fine under
IPv4, but doesn't respond well (or at all) under IPv6 (e.g. because
IPv6 connectivity between you and the server is somehow broken): It
will continue to query the name server under its unresponsive IPv6
address in some situations. I have seen this a lot when tracing IPv6
DNS queries from our recursive name servers(*).

This can be very noticeable, especially since A.GTLD-SERVERS.NET and
B.GTLD-SERVERS.NET now have AAAA records (IPv6 addresses). Many
ccTLDs - including ours - have recently added IPv6-reachable name
servers, too.

I'm wondering whether many users are seeing this, but I have no idea
how to gather data on this, especially historical data. (Except maybe
trying to correlate access times from server logs of popular Web
servers that refer to each other.)

I'm attaching a message from comp.protocols.dns.bind that refers to
this problem.