Thread: DNS problem --- accidentally resolved: A ramble!

Some time back, I noticed that Airtel DNS had started "hijacking," that is, giving a fake response when it cannot resolve an address, to one of Airtel's own pages displaying the error message. My browser is quite capable of informing me of such errors,and without loosing the page I'm on if I clicked on a link. This hijacking is completely unacceptable to me.

Because, once seen, nobody, not even a man with an innumerate brain like mine, can forget Google's DNS addresses, I just quickly substituted them for Airtel's servers for an instant solution to my unwanted hijack problem. Hijack problem solved.

More recently, revisiting DNS, I was thinking that, although I had used Treewalker as a caching DNS in Windows, I had done nothing to set up the same kind of service since being converted to Linux. A few minutes later (yes, it is that easy!) I had BIND running as a caching server (using the Google DNSs as forwarders; ie the servers that my server asks when it has to resolve a new address), with my primary DNS set to 127.0.0.1. Most my regularly-visited sites were loading with a zing. An exception was the BBC news site, which slowed to a crawl on initial opening. Annoying, but only visited once a day and I didn't worry much.

Exploring the Ubuntu system log files (still finding my way around Ubuntu, and will be for the foreseeable future ) a couple of days back, I came across the output from BIND and some lines really stood out. Examples...

named[1388]: success resolving 'news.bbc.co.uk/AAAA' (in 'bbc.co.uk'?) after reducing the advertised EDNS UDP packet size to 512 octets

named[1388]: success resolving 'www.bbc.com/AAAA' (in 'bbc.com'?) after disabling EDNS

I started thinking about a post here, requesting help from current network pros. My knowledge is at least ten years old: EDNS actually means nothing to me! I did wonder if my DNS or Google's DNS was having to do with this. Next step, to change from Google and see what happens.

Last night (one of those thoughts one has at 2.00am, that result in staying up until 4.00) I got to wondering if namebench ran under linux, and if not, was there an equivalent. Well, it does. It recommended a change to another DNS (which seems to belong to Aircel!). I substituted this as the first forwarder for BIND. I was watching the log output for errors anyway, as, first off, I left out a ";" and BIND failed to start.

First thing, I wanted to know if there was any change with resolving BBC addresses. Yep: problem gone!

I call my fix "accidental" because I know what cured the problem, but I still have no understanding of what caused it.

If anyone can illuminate...

Having exactly the same problem .. Please, can you guide me to solve this .. Bleeding thing gets on my nerve .. Can you give the DNS you used atleast

Are you using BIND?

This is my /etc/bind/named.conf.options file

Code:

options {
	directory "/var/cache/bind";

	// If there is a firewall between you and nameservers you want
	// to talk to, you may need to fix the firewall to allow multiple
	// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

	// If your ISP provided one or more IP addresses for stable 
	// nameservers, you probably want to use them as forwarders.  
	// Uncomment the following block, and insert the addresses replacing 
	// the all-0's placeholder.

	 forwarders {
		202.148.202.3;
	 	8.8.8.8;
	 	8.8.8.4;
	 };

	auth-nxdomain no;    # conform to RFC1035
	listen-on-v6 { any; };
};

Thank you so much Nick.... Working for me now.

Great!

Actually, I was being a bit thick before: it should still work without any "forwarders" set up, but then it will seek answers from root servers which are probably a lot further away.

It does work: i tried it, but the initial lookup time is slower than specifying a nearby forwarder.

Ignorance is bliss ...

Woops! I'd better stop learning, then! Which would be a pity, as Linux provides a never-ending opportunity to learn