Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
3
Replies

CNR not resolving all queries

bread
Level 1
Level 1

‎01-08-2003 10:28 AM - edited ‎03-02-2019 04:01 AM

Greetings,

We are running CNR 5.0.11 on Solaris 8 and have encountered a problem where DNS queries are not being resolved. The queries are timing out, even when I set the timeout value high (i.e., 10 secs).

A possibly related problem stems from testing the above problem. I queried one of the root servers that CNR has in it's root server table (a.root-servers.net) and got back a reply stating :

Served by:

- A.GTLD-SERVERS.NET

192.5.6.30

which was followed in a long list by B thru J.GTLD-SERVERS.NET. When I queried some of these servers, they returned the authoritative server and IP address for the domain being queried.

This makes me wonder if the root servers have changed, which perhaps factors into the original problem.

If anybody has any input on this, I'd appreciate it.

Thanks

Brian Read

Labels:
0 Helpful
3 Replies 3

tcarlo
Level 1
Level 1

‎01-14-2003 07:21 AM

The list of root servers can be checked against those configured in cnr by visiting this web page ( http://www.root-servers.org/ ). I found one discrepency at server "J in my own installation. Are those records for which this server is authoritative for answered in a timely fashion?

...TC...

0 Helpful

startx001
Level 1
Level 1
In response to tcarlo

‎11-08-2014 04:20 AM

HI , i have other question .

 

I need to chane ip address on CNR . 

So i log in with root , change ip address , change ip relay on all CMTS , do i need something else to change , or some records ?

 

KR 

VZ

0 Helpful

tcarlo
Level 1
Level 1

‎01-14-2003 10:54 AM

Here's a reply I received from one of my colleagues:

"There isn't enough data here to know what his problem is, but yes, one of

the root servers recently changed.

That shouldn't be a big problem. CNR is configured with root "hints", which

are servers that are queried to learn the real root servers. As long as CNR

can successfully query one of these "hint" servers and learn the list of

current root-servers, it will be OK. Also, if one of the root servers is

changed, but we have cached information pointing to the old address, it will

be found not to work, and the other servers will be prefered. So the

root-server change is really a non-issue, though all customers should always

check the validity of their root hints from time to time.

He says he queried one of the root servers and got back something about

A.GTLD-SERVER.NET. He doesn't say what question he asked the root server, but I assume he asked it about some name he's having trouble resolving. This is a completely expected answer. The root servers do not provide recursion, so the best they can provide is a referral, which they did. They said that all they know is that the name in question is delegated to

A.GTLD-SERVERS.NET, which is one of the servers for .com and .net. Assuming he was asking about a name ending in .com or .net, this is the expected response.

None of this helps answer his original question, and for that he needs to

perform some real diagnosis about where CNR is sending it's queries and

whether the answers can come back. One of the most likely causes is that

someone in his org added a firewall which blocks inbound packets on UDP port 53."

Hope this helps,

...TC...

0 Helpful
Customers Also Viewed These Support Documents