Home / server / Questions / 715187
Accepted
CharlesB
Asked: 2015-08-20 00:09:42 +0800 CST

Host command tries several servers

  • 772

I have a DNS server (pfSense) for my LAN, working perfectly, but some timeouts occur that I can't explain. Especially the "host" command gives the correct answer immediately, but then tries 2 times more with timeouts: 

charles3@cluj:~ » host -v cluj.int.acme.fr
Trying "cluj.int.acme.fr"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14189
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;cluj.int.acme.fr.      IN  A

;; ANSWER SECTION:
cluj.int.acme.fr.   1   IN  A   192.168.1.113

Received 52 bytes from 192.168.1.1#53 in 0 ms
Trying "cluj.int.acme.fr"
;; connection timed out; no servers could be reached
Trying "cluj.int.acme.fr"
;; connection timed out; no servers could be reached

The timeouts happens during last 4 lines of the output. This happens on the two different machines I have (Mac and Linux).

How can I know why are there two trials while answer has already been given?

domain-name-system

2 Answers

  1. Best Answer

    A complete answer from host could include IPv6 addresses. strace -f host on Linux suggest these arrive in a separate packet.

    It looks like host also queries MX addresses (kernel.org mail is handled by 30 ns4.kernel.org.), which requires another packet.

    So that would explain how you can have two more requests after the first one. I.e. the first-level question, of how this is even possible :).

    Dnsmasq used on consumer routers used to have a bug, triggered by the pattern of simultaneous ipv4/ipv6 queries used by the polipo web proxy, and the ipv6 result. I think the second query was ignored & timed out.

    I don't know what else would tend to cause this. A working local resolver should be returning SERVFAIL if necessary. Hopefully pfsense support forums would know more.

    You could confirm / narrow it down slightly

    # ipv4 only
host -t A cluj.int.acme.fr

# simulate the 3 default queries with separate instances
for type in A AAAA MX; do host -t $type cluj.int.acme.fr; done
    • 2

  2. man host

    The -a (all) option is equivalent to setting the -v option and asking host to make a query of type ANY.

    Better use -a option if you want to perform an ANY request because -v sends several queries.

    host -a example.com

    IP 10.104.11.40.53236 > 10.104.254.250.domain: 36007+ **ANY?** example.com. (28)
IP 10.104.254.250.domain > 10.104.11.40.53236: 36007 3/0/2 A 93.184.216.34, MX mail.example.com. 10, AAAA 2606:2800:220:1:248:1893:25c8:1946 (137)

    host -v example.com

    IP 10.104.11.40.62407 > 10.104.254.250.domain: 50385+ **A?** example.com. (28)
IP 10.104.254.250.domain > 10.104.11.40.62407: 50385 1/0/0 A 93.184.216.34 (44)
IP 10.104.11.40.57813 > 10.104.254.250.domain: 42995+ **AAAA?** example.com. (28)
IP 10.104.254.250.domain > 10.104.11.40.57813: 42995 1/0/0 AAAA 2606:2800:220:1:248:1893:25c8:1946 (56)
IP 10.104.11.40.62687 > 10.104.254.250.domain: 8222+ **MX?** example.com. (28)
IP 10.104.254.250.domain > 10.104.11.40.62687: 8222 1/0/2 MX mail.example.com. 10 (93)

    Check your firewall if there is any rules that can block sequential DNS queries (port 53).

    • 1