Maintained by: NLnet Labs

[Unbound-users] Once TTL has gone, don't fetch again

Koh-ichi Ito
Mon Sep 7 07:46:37 CEST 2009 

Hello list,

One of colleague in Japan Unbound Users Group reports the
following problem, and I could reproduce.

Environ:
- his
 - unbound-1.3.3 + ldns-1.6.1 + libevent-1.4.2-stable
- mine
 - vanilla built unbound-1.3.3

Problem:
At first trial, unbound could resolve
"www.rurubu.com". After 1 hour(is its TTL), query to unbound
on "www.rurubu.com" ends with SERVFAIL.


Some condition observed:

	# authoritative answer on "www.rurubu.com" doesn't
	# contain ADDITIONAL SECTION.

	# I know that RFC 1035 says additional section is
	# "a posibilly empty list", so this is notable, but
	# no problem.

kohi at guest1[19]% dig @ns1.visualjapan.co.jp www.rurubu.com

; <<>> DiG 9.5.0-P2 <<>> @ns1.visualjapan.co.jp www.rurubu.com
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45680
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.rurubu.com.                        IN      A

;; ANSWER SECTION:
www.rurubu.com.         3600    IN      A       202.143.76.167

;; Query time: 13 msec
;; SERVER: 210.225.98.1#53(210.225.98.1)
;; WHEN: Mon Sep  7 23:35:46 2009
;; MSG SIZE  rcvd: 48

	# Authority on visualjapan.co.jp is deletgated to
	# those 3 servers.

kohi at guest1[22]% dig +norec @a.dns.jp visualjapan.co.jp NS
	   :
	(snip)
	   :
;; AUTHORITY SECTION:
visualjapan.co.jp.      86400   IN      NS      ns2.visualjapan.co.jp.
visualjapan.co.jp.      86400   IN      NS      ns1.visualjapan.co.jp.
visualjapan.co.jp.      86400   IN      NS      ns-tk022.ocn.ad.jp.

	# but one(ns-tk002.ocn.ad.jp) is lame delegated.

kohi at guest1[23]% dig +norec @ns-tk022.ocn.ad.jp ns1.visualjapan.co.jp

; <<>> DiG 9.5.0-P2 <<>> +norec @ns-tk022.ocn.ad.jp ns1.visualjapan.co.jp
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 28896
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ns1.visualjapan.co.jp.         IN      A

;; Query time: 13 msec
;; SERVER: 203.139.160.104#53(203.139.160.104)
;; WHEN: Mon Sep  7 23:41:15 2009
;; MSG SIZE  rcvd: 39



Though I can provide log with verbosity: 5 and the result of
unbound-control dump_cache, but these have quite large
amount to post this list, so I can send them off-list if you
need, or let me known appropriate keyword to grep, or
appropriate verbosity setting.

Thanks

					Koh-ichi Ito