DNS request time out 2 seconds

Hi all,
I have configured DNS in fedora with bind 9.3. Every things works fine. But there is only one site problem ie with www.gmx.de (ie with gmx). when I dig from my dns server it shows name server for gmx. but when i try from any clinet mechine with nslookup. It gives error
DNS request time out 2 seconds.. and it won't browse but funny thing is sometimes it get browse for 1 or 2 hours and again it stops..
Please help me... Your help will be appricated.
Thanks
Regards
sudadg

Are you able to go to non .com/.net websites? Like, www.isc.org?

the site is opening ... http://www.isc.org/..

The site www.isc.org is opening but now dig also stopped gettgin error:


dig @sungava www.gmx.de ns

; <<>> DiG 9.3.0 <<>> @sungava www.gmx.de ns
;; global options: printcmd
;; connection timed out; no servers could be reached


and in log file i am getting error :

23-Nov-2004 15:42:45.575 queries: client 202.52.255.100#18485: query: gmx.de IN MX -
23-Nov-2004 15:42:47.907 queries: client 202.52.255.1#37902: query: gmx.de IN MX +
23-Nov-2004 15:42:47.908 resolver: createfetch: gmx.de MX
23-Nov-2004 15:42:52.912 queries: client 202.52.255.1#37902: query: gmx.de IN MX +
23-Nov-2004 15:42:52.913 resolver: createfetch: gmx.de MX
23-Nov-2004 15:42:53.231 queries: client 202.52.255.9#34386: query: gmx.de IN A +
23-Nov-2004 15:42:53.231 resolver: createfetch: gmx.de A
23-Nov-2004 15:42:57.922 queries: client 202.52.255.1#37902: query: gmx.de IN MX +
23-Nov-2004 15:42:57.923 resolver: createfetch: gmx.de MX
23-Nov-2004 15:43:03.246 queries: client 202.52.255.9#34386: query: gmx.de IN A +
23-Nov-2004 15:43:03.247 resolver: createfetch: gmx.de A
23-Nov-2004 15:43:13.266 queries: client 202.52.255.9#34386: query: gmx.de IN A +
23-Nov-2004 15:43:13.266 resolver: createfetch: gmx.de A
23-Nov-2004 15:43:23.286 queries: client 202.52.255.9#34386: query: gmx.de IN A +
23-Nov-2004 15:43:23.286 resolver: createfetch: gmx.de A
23-Nov-2004 15:43:24.898 queries: client 202.52.246.163#2610: query: gmx.de IN MX +
23-Nov-2004 15:43:24.898 resolver: createfetch: gmx.de MX

Ah, I misunderstood you before. So only one site doesn't work for you right? In that case, let's see the results for these commands:

ping www.gmx.de
dig www.gmx.de

sungava is my dns.
dig @sungava www.gmx.de ns

; <<>> DiG 9.3.0 <<>> @sungava www.gmx.de ns
;; global options: printcmd
;; connection timed out; no servers could be reached

ping www.gmx.de

Unknown host www.gmx.de

But from other ISP it work perfectly.

Thanks for you response..
Please help...

i have gone through www.dnsreport and see some of the domain TTL value

i have gone throught devshed.com,mos.com.np,gmx.de here is the report..


1.FOR devshed..

INFO WWW Record Your www.devshed.com A record is:

www.devshed.com. CNAME devshed.com. [TTL=14400]
devshed.com. A 66.230.239.174 [TTL=14400] [US]

2.For mos.com.np

WWW Record Your www.mos.com.np A record is:

www.mos.com.np. CNAME mos.com.np. [TTL=86400]
mos.com.np. A 202.52.255.35 [TTL=86400] [NP]

3. FOR gmx.de

INFO WWW Record Your www.gmx.de A record is:

www.gmx.de. A 213.165.64.215 [TTL=120] [DE]


If you see the TTL value its very less for gmx.de.. may be that is the problem but really confuse how from other ISP its
working perfectly without any problem..

With a little patience I'll help you find the problem. First of all, always follow my directions exactly. I didn't want to see the results for sungava. If the default server is other than sungava, then tell me. I must be certain that sungava resolves to something correct before proceeding with testing. By not assuming anything I have a much higher chance of finding the problem.

So let's see the results for this command:

dig @sungava www.yahoo.com

The results will tell me whether it is responding to queries at all, and also the IP address sungava resolves to.

I could't dig to the server cause i am not at office no linux server here. I am sending you nslookup result...

C:\Documents and Settings\Administrator>nslookup
Default Server: sungava.mos.com.np
Address: 202.52.255.47

> www.yahoo.com
Server: sungava.mos.com.np
Address: 202.52.255.47

Non-authoritative answer:
Name: www.yahoo.akadns.net
Addresses: 66.94.230.52, 66.94.230.35, 66.94.230.37, 66.94.230.38
66.94.230.41, 66.94.230.44, 66.94.230.45, 66.94.230.49
Aliases: www.yahoo.com

Well at least that command told me what the dig command would've. I'll give you dig and nslookup syntax from now on so that you have a choice. Enter one or the other commands below. Be sure that you show me the entire transaction in the case of nslookup.

dig +norec @202.52.255.47 www.gmx.de

nslookup - 202.52.255.47
> set norecurse
> set debug
> www.gmx.de

This will tell me what your server knows without using recursion. Disabling recursion makes the task of responding a lot easier on the server. Please either attach the results or place them within [Code] tags. nslookup results can get particularly ugly.

Here is the result for both dig and nslookup as you have told..



dig +norec @202.52.255.47 www.gmx.de

; <<>> DiG 9.3.0 <<>> +norec @202.52.255.47 www.gmx.de
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19036
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1

;; QUESTION SECTION:
;www.gmx.de. IN A

;; AUTHORITY SECTION:
gmx.de. 84608 IN NS dns.gmx.net.
gmx.de. 84608 IN NS ns.schlund.de.

;; ADDITIONAL SECTION:
dns.gmx.net. 171020 IN A 213.165.64.1

;; Query time: 169 msec
;; SERVER: 202.52.255.47#53(202.52.255.47)
;; WHEN: Wed Nov 24 10:41:19 2004
;; MSG SIZE rcvd: 94











C:\>nslookup -202.52.255.47
*** Invalid option: 202.52.255.47
Default Server: sungava.mos.com.np
Address: 202.52.255.47

> set norecurse
> set debug
> www.gmx.de
Server: sungava.mos.com.np
Address: 202.52.255.47

------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, recursion avail.
questions = 1, answers = 0, authority records = 2, additional = 1

QUESTIONS:
www.gmx.de, type = A, class = IN
AUTHORITY RECORDS:
-> gmx.de
nameserver = dns.gmx.net
ttl = 84723 (23 hours 32 mins 3 secs)
-> gmx.de
nameserver = ns.schlund.de
ttl = 84723 (23 hours 32 mins 3 secs)
ADDITIONAL RECORDS:
-> dns.gmx.net
internet address = 213.165.64.1
ttl = 171135 (1 day 23 hours 32 mins 15 secs)

------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, recursion avail.
questions = 1, answers = 0, authority records = 2, additional = 1

QUESTIONS:
www.gmx.de, type = A, class = IN
AUTHORITY RECORDS:
-> gmx.de
nameserver = ns.schlund.de
ttl = 84722 (23 hours 32 mins 2 secs)
-> gmx.de
nameserver = dns.gmx.net
ttl = 84722 (23 hours 32 mins 2 secs)
ADDITIONAL RECORDS:
-> dns.gmx.net
internet address = 213.165.64.1
ttl = 171134 (1 day 23 hours 32 mins 14 secs)

------------
Name: www.gmx.de
Served by:
- ns.schlund.de

gmx.de
- dns.gmx.net
213.165.64.1
gmx.de

Add this to your BIND's named.conf options{} block.

edns-udp-size 512;

rndc reconfig then tell me if everything works.

Nope its not working . I kept edns-udp-size 512; in options block as you said.

Show me the results of this command on the bind server:

dig +tcp @202.52.255.47 www.gmx.de