Join Log in
Score:0
secooonder avatar Server

Bind9 server random query failed (timed out) error

gf flag
secooonder

i used bind 9.18.1 on Ubuntu 22.04.1. Some clients have an error while answering their queries. 53 port is open.Already most of the time it returns queries successfully

in query-errors.log ;

05-Jan-2023 11:49:30.517 query-errors: info: client @0x7fc9c414eb08 192.168.a.b#56431 (armmf.adobe.com): view intranet: query failed (timed out) for armmf.adobe.com/IN/A at query.c:7649
05-Jan-2023 11:49:30.745 query-errors: info: client @0x7fc990050418 192.168.c.d#58219 (mail.dunyagoz.com): view intranet: query failed (timed out) for mail.dunyagoz.com/IN/AAAA at query.c:7649
05-Jan-2023 11:49:30.881 query-errors: info: client @0x7fc97009aa18 192.168.e.f#62935 (trc-events.taboola.com): view intranet: query failed (timed out) for trc-events.taboola.com/IN/A at query.c:7649
05-Jan-2023 11:49:31.045 query-errors: info: client @0x7fc9c410d8b8 192.168.d.f#49344 (ctldl.windowsupdate.com): view intranet: query failed (timed out) for ctldl.windowsupdate.com/IN/A at query.c:7649
05-Jan-2023 11:49:31.565 query-errors: info: client @0x7fc9cc020f88 192.168.c.g#55081 (support.mozilla.org): view intranet: query failed (timed out) for support.mozilla.org/IN/A at query.c:7649

But No problems with queries from the on of the server

root@abcdef:/etc/bind# dig support.mozilla.org

; <<>> DiG 9.16.1-Ubuntu <<>> support.mozilla.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33708
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 6889e6378dd4076c0100000063b7c7116e137a6362eaecdc (good)
;; QUESTION SECTION:
;support.mozilla.org.           IN      A

;; ANSWER SECTION:
support.mozilla.org.    16      IN      CNAME   prod.sumo.mozit.cloud.
prod.sumo.mozit.cloud.  8       IN      CNAME   prod.sumo.prod.webservices.mozgcp.net.
prod.sumo.prod.webservices.mozgcp.net. 56 IN A  34.149.128.2

;; Query time: 71 msec
;; SERVER: 192.168.m.n#53(192.168.m.n)
;; WHEN: Cum Oca 06 10:00:33 +03 2023
;; MSG SIZE  rcvd: 178

Also successful returning dns query answers ;

queries.log

05-Jan-2023 11:49:30.616 queries: info: client @0x7fc9c0125f18 192.168.m.n#33931 (cn.pool.ntp.org): view intranet: query: cn.pool.ntp.org IN A + (192.168.m.n)
05-Jan-2023 11:49:30.628 queries: info: client @0x7fc9900815c8 192.168.s.s#45544 (cn.pool.ntp.org): view intranet: query: cn.pool.ntp.org IN A + (192.168.m.n)
05-Jan-2023 11:49:32.860 queries: info: client @0x7fc99801d7a8 192.168.d.c#56640 (www.google-analytics.com): view intranet: query: www.google-analytics.com IN A + (192.168.m.n)
05-Jan-2023 11:49:34.860 queries: info: client @0x7fc998015138 192.168.f.g#51265 (www.google-analytics.com): view intranet: query: www.google-analytics.com IN HTTPS + (192.168.m.n)
05-Jan-2023 11:49:36.988 queries: info: client @0x7fc980102198 192.168.d.e#65095 (stats.g.doubleclick.net): view intranet: query: stats.g.doubleclick.net IN A + (192.168.m.n)
05-Jan-2023 11:49:39.988 queries: info: client @0x7fc9c4112f08 192.168.d.k#59506 (stats.g.doubleclick.net): view intranet: query: stats.g.doubleclick.net IN HTTPS + (192.168.m.n)

Bind9 configuration;

named.conf;

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
//include "/etc/bind/named.conf.default-zones";




logging {


     channel queries_log {
          file "/var/log/named/queries" versions 10 size 40m;
          print-time yes;
          print-category yes;
          print-severity yes;
          severity dynamic;
     };


    channel default_log {
          file "/var/log/named/default" versions 3 size 20m;
          print-time yes;
          print-category yes;
          print-severity yes;
          severity info;
     };


  channel query-errors_log {
          file "/var/log/named/query-errors" versions 3 size 10m;
          print-time yes;
          print-category yes;
          print-severity yes;
          severity dynamic;
     };


category queries        { queries_log; };
category default        { default_debug; };
category query-errors   {query-errors_log; };


};

named.conf.options;

acl "trusted" {
             127.0.0.0/8 ;           
             212.c.a.b ;        
            176.a.b.c ;               


     
};




options {
        directory "/var/cache/bind";




            dnssec-validation auto;


            recursion yes;
        allow-recursion { trusted ; };


 forwarders {
              8.8.8.8 ;
              195.175.39.39 ;
              4.2.2.6 ;
 } ;
                 allow-transfer {"none";};
                  version "nooo";


                 
                       empty-zones-enable yes;


                   auth-nxdomain no;    # conform to RFC1035
                   listen-on port 53 { 127.0.0.1 ; 192.168.m.n ; d.c.e.f; };
                   listen-on-v6 { none; };

What is the problem ?

Please help me. King Regards

258
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.