name resolution problem

Greetings:

My problem is that tinydns responds to a first query, but then times 
out on subsequent ones.  The delegation seems correct:

$ dnsq a petonets.com f.gtld-servers.net
1 petonets.com:
98 bytes, 1+0+2+2 records, response, noerror
query: 1 petonets.com
authority: petonets.com 172800 NS ns1.petonets.com
authority: petonets.com 172800 NS ns2.petonets.com
additional: ns1.petonets.com 172800 A 84.78.232.127
additional: ns2.petonets.com 172800 A 84.78.232.127

Here is my data file:

$ less /etc/tinydns/root/data
+ns1.petonets.com:84.78.232.127
+ns2.petonets.com:84.78.232.127
+pinger.petonets.com:84.78.232.127
+secure.petonets.com:84.78.232.127

.petonets.com::ns1.petonets.com
.petonets.com::ns2.petonets.com
+petonets.com:84.78.232.127
+www.petonets.com:84.78.232.127
 <at> petonets.com:84.78.232.127

84.78.232.127 is the remote IP my ISP gives me.  It is supposedly 
dynamic, but hasn't changed in 2 months.

Re: name resolution problem

On Thu, 01 Jan 2009 21:14:23 +0100
Lou Hevly <xyz <at> visca.com> wrote:

> After 3 or 4 minutes, it responds correctly again.

When you run the dnsq query against the LAN address (192.168.2.103),
i.e.

$ dnsq a petonets.com 192.168.2.103 | grep answer

do you get the same time-out problems? 

It could be that the router is to blame, e.g. it might consider the
repeated queries to be an attack of sorts.

-- 
Stefaan A Eeckels
--

-- 
"A ship in the harbor is safe. But that's not what ships are built for."
                                -- Rear Admiral Dr. Grace Murray Hopper.

Re: name resolution problem

Re: name resolution problem

On Sat, 3 Jan 2009 17:12:01 -0600
"Pete Ehlke" <pde <at> rfc822.net> wrote:

> His nat/pat is broken; it's incrementing the source port on the way
> out.

Now that's a novel concept :)

Maybe Lou could give us the skinny on his wireless "router" so we know
what not to buy.

-- 
Stefaan A Eeckels
--

-- 
Religion: a magic device for turning unanswerable questions into
unquestionable answers.                             -- Art Gecko

Re: name resolution problem

At 13:33 04/01/09 +0100, Stefaan A Eeckels wrote:
>On Sat, 3 Jan 2009 17:12:01 -0600
>"Pete Ehlke" <pde <at> rfc822.net> wrote:
>
> > His nat/pat is broken; it's incrementing the source port on the way
> > out.
>
>Now that's a novel concept :)
>
>Maybe Lou could give us the skinny on his wireless "router" so we know
>what not to buy.



It's a "gift" wireless router (SMC7908 VoWBRA) that my local ISP, 
ya.com, gave us (or perhaps "bribed us with") to stay with them for 
another year when we wanted to convert to wifi and had decided to 
change ISPs.  You get what you pay for.

So the question is, if we buy another router will the problem go 
away?  Or could this be something ya.com, for whatever reason, is doing 
from their end?

--

-- 
All the best (Adéu-siau),
Lou Hevly
soc <at> visca.com
http://visca.com

Re: name resolution problem

At 21:28 03/01/09 +0100, Stefaan A Eeckels wrote:
>On Thu, 01 Jan 2009 21:14:23 +0100
>Lou Hevly <xyz <at> visca.com> wrote:
>
> > After 3 or 4 minutes, it responds correctly again.
>
>When you run the dnsq query against the LAN address (192.168.2.103),
>i.e.
>
>$ dnsq a petonets.com 192.168.2.103 | grep answer
>
>do you get the same time-out problems?

No.

>It could be that the router is to blame, e.g. it might consider the
>repeated queries to be an attack of sorts.

I think this is it.  After reading Pete Ehlke's response I googled 
"reply from unexpected source" and eventually found a user with the 
same ISP as me (ya.com in Spain) who found that after the first query, 
the router would respond on successively higher port numbers.

Since typing the above, I have read Pete Ehlke's post which confirms 
this is precisely what is happening. Would this be a router problem or 
something ya.com, my ISP, was doing?

Thanks to both you and Pete for your input.

--

-- 
All the best (Adéu-siau),
Lou Hevly
soc <at> visca.com
http://visca.com

Re: name resolution problem

soc <at> visca.com wrote:

> Since typing the above, I have read Pete Ehlke's post which confirms 
> this is precisely what is happening. Would this be a router problem or 
> something ya.com, my ISP, was doing?

Could be either.  Short of opening a support ticket with your ISP, one
method that comes to mind would be to put your router into bridged mode
(if possible) so that you know the packets are leaving your part of the
network "unmolested".  This would at least give you the ability to sniff
the packets as they left your network.

--

-- 
Regards,
  Daryl Tester

"Oh Christmas tree, oh Christmas tree!  From hell's heart I stab at thee."
  -- A very Kaaahn! Christmas

zinq-djbdns

    I have just uploaded zinq-djbdns-0.01 to SourceForge
(http://zinq.sourceforge.net).  Apart from the autotoolization, it's
stock djbdns 1.05 + the SIGPIPE fix and a newer dnsroots.global
(updated about a year ago).

Re: zinq-djbdns

>    I have just uploaded zinq-djbdns-0.01 to SourceForge
> (http://zinq.sourceforge.net).

Hello Mark,
do you have this on any publicly accessible vcs?

Thanks,
Alejandro Mery

Re: zinq-djbdns

On Fri, Jan 9, 2009 at 2:09 PM, Alejandro Mery <amery <at> geeks.cl> wrote:
>>    I have just uploaded zinq-djbdns-0.01 to SourceForge
>> (http://zinq.sourceforge.net).
>
> Hello Mark,
> do you have this on any publicly accessible vcs?
>
> Thanks,
> Alejandro Mery

Subversion via SourceForge:

http://sourceforge.net/svn/?group_id=213575