Hi,
we resently restarted our internetgateway and after that dns queries from our dns server are very slow and some faile completly. The gateway only got a new kernel, firewall rules aren't changed.
dig www.whatever.domain from the dns takes up to 5000 ms! after that, dig www.whatever.domain takes nearly nothing to be resolved.
ping from the firewall to a dns name takes very long, pinging the host directly works fine.
I have logged some output from bind and found lot of e.g.:
Mar 29 08:28:27.664 resolver: debug 1: createfetch: yahoo.fr AAAA
Mar 29 08:28:27.784 resolver: debug 1: createfetch: webdessl.ivwbox.de A
Mar 29 08:28:27.917 resolver: debug 1: createfetch: 232.224.85.83.list.dsbl.org TXT
Mar 29 08:28:27.921 resolver: debug 1: createfetch: 232.224.85.83.bl.spamcop.net TXT
Mar 29 08:28:28.336 resolver: debug 1: createfetch: pop3.web.de AAAA
Any ideas, why resolving takes so long or failes?
Regard
Götz Reinicke
-- Götz Reinicke IT Koordinator - IT OfficeNet
Tel. +49 (0) 7141 - 969 420 Fax +49 (0) 7141 - 969 55 420 goetz.reinicke@xxxxxxxxxxxxxxx
Filmakademie Baden-Württemberg Mathildenstr. 20 71638 Ludwigsburg www.filmakademie.de
