免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 2918 | 回复: 3

[DNS] 一个奇怪的dns客户端超时的问题请教各位兄弟 [复制链接]

论坛徽章:
0
发表于 2006-09-17 11:24 |显示全部楼层
使用IBM R6000的P170新建一台DNS服务器,作为内部解析使用。配置投入使用后,产生的问题是网页经常找不到站点,需要多次刷新才可以访问。通过nslookup解析时,发现前面的几次dns查询,如果dns cache中没有entry时,就会发生如下现象:
  1. C:\Documents and Settings\Administrator>nslookup
  2. Default Server:  dns1.icecf.com
  3. Address:  172.20.1.30

  4. > www.linuxeden.com
  5. Server:  dns1.benjms.com
  6. Address:  172.20.1.30

  7. DNS request timed out.
  8.     timeout was 2 seconds.
  9. DNS request timed out.
  10.     timeout was 2 seconds.
  11. *** Request to dns1.benjms.com timed-out
  12. > www.linuxeden.com
  13. Server:  dns1.icecf.com
  14. Address:  172.20.1.30

  15. DNS request timed out.
  16.     timeout was 2 seconds.
  17. DNS request timed out.
  18.     timeout was 2 seconds.
  19. *** Request to dns1.benjms.com timed-out
  20. > www.linuxeden.com
  21. Server:  dns1.icecf.com
  22. Address:  172.20.1.30

  23. Non-authoritative answer:
  24. Name:    www.linuxeden.com
  25. Address:  218.75.111.92

  26. >
复制代码

如果使用rndc flush清空cache后,故障可以重现,在linux下nslookup如下:

  1. [root@dns1 data]# nslookup
  2. > server 172.20.1.30
  3. Default server: 172.20.1.30
  4. Address: 172.20.1.30#53
  5. > www.zsu.edu.cn
  6. ;; connection timed out; no servers could be reached
  7. > www.zsu.edu.cn
  8. ;; Warning: ID mismatch: expected ID 8879, got 37989
  9. ;; Warning: ID mismatch: expected ID 8879, got 37989
  10. ;; connection timed out; no servers could be reached
  11. > www.zsu.edu.cn
  12. Server:         172.20.1.30
  13. Address:        172.20.1.30#53

  14. Non-authoritative answer:
  15. www.zsu.edu.cn  canonical name = pisces-1.zsu.edu.cn.
  16. Name:   pisces-1.zsu.edu.cn
  17. Address: 202.116.64.9
  18. >
复制代码

而dig则一切正常,请教各位兄弟为什么会这样呀?

nslookup时,相应的queries日志:

  1. Sep 17 10:56:14.847 client 172.20.4.4#1290: query: www.linuxeden.com IN A
  2. Sep 17 10:56:16.843 client 172.20.4.4#1291: query: www.linuxeden.com IN A
  3. Sep 17 10:56:21.183 client 172.20.4.4#1292: query: www.linuxeden.com IN A
  4. Sep 17 10:56:23.169 client 172.20.4.4#1293: query: www.linuxeden.com IN A
  5. Sep 17 10:56:26.225 client 172.20.4.4#1294: query: www.linuxeden.com IN A
复制代码


以下是运行环境:
内核版本:
  1. # uname -a
  2. Linux dns1 2.6.9-34.EL #1 SMP Fri Feb 24 16:46:57 EST 2006 ppc64 ppc64 ppc64 GNU/Linux
复制代码

内存占用:
  1. # free -m
  2.              total       used       free     shared    buffers     cached
  3. Mem:           967        897         69          0         64        631
  4. -/+ buffers/cache:        201        766
  5. Swap:         1951          0       1951
复制代码

CPU占用:
  1. # vmstat 1
  2. procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu----
  3. r  b   swpd   free   buff  cache   si   so    bi    bo   in    cs us sy id wa
  4. 0  0    176  71280  66284 647344    0    0     0     1    6     5  2  1 96  1
  5. 0  0    176  71280  66284 647344    0    0     0     0   57   185  0  0 100  0
  6. 1  0    176  71280  66284 647344    0    0     0    28   27   187  1  0 99  0
  7. 0  0    176  71280  66284 647344    0    0     0     0   60   199  0  1 99  0
复制代码

bind版本:
  1. # named -v
  2. BIND 9.2.4
复制代码

论坛徽章:
0
发表于 2006-09-17 11:30 |显示全部楼层
以下是named配置,由于比较长,删掉了部分forwarding zone的配置:

  1. /*bind9 configuration for primary DNS of BenjmS, config by BenjmS 20060706*/

  2. acl "user" {
  3.              172.16.0.0/12;    #PZ
  4.              192.168.0.0/16;   #LH
  5. };
  6. acl "datacenter" {
  7.              172.20.1.0/24;    #PZ DC
  8.              172.20.3.0/24;    #PZ YW3
  9.              172.16.0.0/16;    #PZ switch management IP
  10.              192.168.8.0/24;   #LH DC
  11. };
  12. acl "internet" {!10.0.0.0/8; !172.16.0.0/12; !192.168.0.0/16;};
  13. acl "secondary" {172.20.1.50;};      #secondary inner DNS defination
  14. acl "primary" {172.20.1.30;};        #primary inner DNS defination
  15. acl "bogusnets" {
  16.              0.0.0.0/8;               #default,wild card addresses
  17.              1.0.0.0/8;               #reserved addresses
  18.              2.0.0.0/8;        #reserved addresses
  19.              169.254.0.0/16;   #link-local delegated addresses
  20.              192.0.2.0/24;     #sample addresses
  21.              224.0.0.0/3;      #multicast address space
  22. };

  23. controls {inet 127.0.0.1 allow { localhost; } keys { rndckey; };};

  24. options {
  25.         directory "/var/named";
  26.         dump-file "/var/named/data/cache_dump.db";
  27.         statistics-file "/var/named/data/named_stats.txt";
  28.         allow-query {"user";};
  29.         allow-transfer {"secondary";127.0.0.1;};
  30.         allow-recursion {"user";};
  31.         allow-notify {"secondary";};
  32.         blackhole {"bogusnets";};
  33.         forwarders {61.144.56.100;202.96.128.86;202.96.128.68;61.144.56.101;};
  34.         version "0";
  35.         max-ncache-ttl 259200;
  36. };

  37. logging {
  38.         channel default {
  39.           file "log/default.log"   versions 3 size 20m;
  40.           severity info;
  41.           print-time yes;
  42.         };
  43.         category default {default_syslog;"default";};

  44.         channel queries {
  45.           file "log/queries.log"   versions 6 size 40m;
  46.           severity info;
  47.           print-time yes;
  48.         };
  49.         category queries {"queries";};

  50.         channel security {
  51.           file "log/security.log"   versions 3 size 20m;
  52.           severity info;
  53.           print-time yes;
  54.         };
  55.         category security {"security";};

  56.         channel config {
  57.           file "log/config.log"   versions 3 size 20m;
  58.           severity info;
  59.           print-time yes;
  60.         };
  61.         category config {"config";};

  62.         channel resolver {
  63.           file "log/resolver.log"   versions 3 size 20m;
  64.           severity info;
  65.           print-time yes;
  66.         };
  67.         category resolver {"resolver";};

  68.         channel xfer-in {
  69.           file "log/xfer-in.log"   versions 3 size 20m;
  70.           severity info;
  71.           print-time yes;
  72.         };
  73.         category xfer-in {"xfer-in";};

  74.         channel xfer-out {
  75.           file "log/xfer-out.log"   versions 3 size 20m;
  76.           severity info;
  77.           print-time yes;
  78.         };
  79.         category xfer-out {"xfer-out";};

  80.         channel update {
  81.           file "log/update.log"   versions 3 size 20m;
  82.           severity info;
  83.           print-time yes;
  84.         };
  85.         category update {"update";};

  86.         channel notify {
  87.           file "log/notify.log"   versions 3 size 20m;
  88.           severity info;
  89.           print-time yes;
  90.         };
  91.         category notify {"notify";};

  92.         channel network {
  93.           file "log/network.log"   versions 3 size 20m;
  94.           severity info;
  95.           print-time yes;
  96.         };
  97.         category network {"network";};

  98.         channel client {
  99.           file "log/queries.log"   versions 4 size 100m;
  100.           severity info;
  101.           print-time yes;
  102.         };
  103.         category client {"queries";};

  104.         channel unmatched {
  105.           file "log/unmatched.log"   versions 3 size 20m;
  106.           severity info;
  107.           print-time yes;
  108.         };
  109.         category unmatched {"unmatched";};
  110. };

  111. /********************************************************************************
  112. forward mapping
  113. ********************************************************************************/

  114. zone "." in {
  115.         type hint;
  116.         file "named.ca";
  117. };

  118. zone "localhost" in {
  119.         type master;
  120.         file "localhost.zone";
  121.         allow-update {"none";};
  122. };

  123. zone "localdomain" in {
  124.         type master;
  125.         file "localdomain.zone";
  126.         allow-update {"none";};
  127. };

  128. zone "gzicec.com" in {
  129.         file "master/gzicec.com";
  130.         type master;
  131. };


  132. zone "in" in {
  133.         file "master/in";
  134.         type master;
  135. };

  136. /********************************************************************************
  137. reverse mapping
  138. ********************************************************************************/

  139. zone "0.0.127.in-addr.arpa" in {
  140.         type master;
  141.         notify no;
  142.         file "named.local";
  143.         allow-update {"none";};
  144. };

  145. zone "20.172.in-addr.arpa" in {
  146.         type master;
  147.         file "master/20.172";
  148. };

  149. zone "168.192.in-addr.arpa" in {
  150.         type master;
  151.         file "master/168.192";
  152. };

  153. zone "16.172.in-addr.arpa" in {
  154.         type master;
  155.         file "master/16.172";
  156. };
复制代码

[ 本帖最后由 bingosek 于 2006-9-17 11:32 编辑 ]

论坛徽章:
0
发表于 2006-09-18 11:50 |显示全部楼层
就是这样的,本来就不建议你使用nslooup啊~~~~
用dig就完了啊~~~~没有啥问题好象~~~~
不过觉得你的forwarding配置有问题好想~~~不懂这些~~~

论坛徽章:
0
发表于 2006-09-18 12:19 |显示全部楼层

回复 3楼 butterfly_lf 的帖子

问题是网页的解析也有问题丫
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP