Countdown in NSLOOKUP

Countdown in NSLOOKUP

Post by Kevin Darc » Tue, 11 Jan 2000 04:00:00

> Hello:

> Keep in mind during the following that this is my first exposure to named, so
> I may ask some unnecessary questions.  I have RTFMPs.

> I have a DG/UX box that's the primary nameserver for our domain (call it
>  We have no problems resolving names/hosts in our domain.

> We are also part of a larger intranet (call it - we even use the
> intranet's nameservers for the root domain, and have entered the nameserver
> info in root.cache thusly:

> .                          99999999    IN   NS
>     99999999    IN   A           123.456.789.10

> When we start named (4.9.3) on the DG/UX system, we have no problems
> resolving names in  When we do an nslookup, however, we can see the
> TTL for anything in counting down from 24 hrs, until eventually the
> TTL expires.  When the TTL has expired, we can no longer ping or connect to
> any machine in by hostname.  Once we restart named, however, we can
> connect to again for 24 hours.

> If I do an nslookup on addresses within, the TTL is displayed as
> 86400 (1 day), and never decrements.  The only addresses that decrement from
> 24 hours are those in

> Now I'm confused - I thought we had the data in root.cache so that if any
> hosts or domains expired, the cache data would be used as hints to tell my
> server where to find the information it needed, either by hostname or by IP
> address.  Apparently, however, the cache data is not kept forever, because
> when the timeout occurs, we get "ns_req: no address for root server" messages
> every time we try to access anything in

> Can someone point me in the right direction to solve this?  Should I indicate
> to my server that I am secondary for  When the timeout occurs, we
> can ping IP addresses, but not host names.

> If further info is needed, just let me know and I'll post it.  In the
> meantime, TIA.

The reason why the TTL's don't decrement is because you're
authoritative (master or slave) for the data: TTL's only apply to
non-authoritative data.

As for the bigger problem -- root records undergoing TTL expiration and
disappearing -- I'm not exactly sure why this is happening: later versions of
named have logic to "prime" (perform a root NS query using hints data) whenever
it discovers that it has no valid root data. Maybe this code doesn't exist in
4.9.3? Perhaps an upgrade is in order, for this and many other reasons.

Also, you should really be using more than 1 root server. I don't know if too
few root servers has anything to do with your problem, but it's generally a good
idea, from the standpoint of availability, to have several listed in your hints
file. I'd be surprised if doesn't have more root servers laying around;
do you get only one answer when you do a root NS query manually (when the root
queries are working, of course)? If you see multiple answers, then maybe some of
those other root servers should also be in yours hints file.

- Kevin


1. Countdown in NSLOOKUP


In your named.conf, you should also forward to, and set
"forward only" mode, if - as it seems to me you are saying - you use
this as your only gateway to the Internet.  It sounds like, once the
TTL for this record expires, you are left with no available root server
- which also tells me that you cannot reach the Internet to get to the
"real" root servers.

Hope this helps you and the other writer with an almost identical setup
and question.


COSPO/OSIS Computer Support                                     EMT-B
This message is not an official statement of COSPO policies.

2. ws467 won't turn on but will turn off

3. nslookup IPADDRESS works; nslookup HOSTNAME fails


5. final countdown....

6. OS/2 Frequently Asked Questions Rel. 2.0i (1 of 2)


8. Pro/Model.View

9. Ameritech Starts Countdown for Chicago Area Code Change

10. Help! Creating Countdown Date


12. Cisco 801 routet nicht ins Internet

13. Access Registrar - writing 'C' plug-ins ?