Anonymous_User Absent Member.
Absent Member.
2774 views

Slow DNS queries causing problems in GWIA

Hi all,

I've got the following problem at a customers site: the GWIA rejects
some mails to external recipients, it says that the domain is not
existant.

The problem seems to be the DNS resolution. When I ping a random
domain, the time till I see a response is very slow. There is no
packet loss and the domainresolution works fine, but it takes a few
seconds until the IP-Adress is displayed. Mabe the time is too long
for the GWIA, so it "thinks" the domain is not reachable.

The config is the following: NW 5 Server, no loaded named, GW6, one
NIC with a private IP which is connected to a Netgear DSL Router. They
use a flat, so the router is connected all the time. I tried to
configure the Server's resolv.cfg in different ways (DNS-Server: the
router, different external DNS-Servers and a different order of
these), but nothing changed.

Any ideas?


cu, Marco




Labels (1)
0 Likes
15 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Slow DNS queries causing problems in GWIA

Hi,

Marco Brück wrote:
>
> Hi all,
>
> I've got the following problem at a customers site: the GWIA rejects

some mails to external recipients, it says that the domain is not
existant.

Can you post the GWIA logs showing the error please? This actually
sounds as if the receipient denies acceptance because the sendings
domain DNS is improperly configured.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
Anonymous_User Absent Member.
Absent Member.

Antw: Re: Slow DNS queries causing problems in GWIA


Marco Brück wrote:
>
> Hi all,
>
> I've got the following problem at a customers site: the GWIA rejects

some mails to external recipients, it says that the domain is not
existant.



>>> Massimo Rosen<mrosenno@spamcfc-it.de> Montag, 6. Oktober 2003

11:52:03 >>>
>Hi,


>Can you post the GWIA logs showing the error please? This actually
>sounds as if the receipient denies acceptance because the sendings
>domain DNS is improperly configured.


Hi,

I wish I could. As I see at the moment GWIA is not saving log
files...a pity. But here is the part, that's important, I think:

Detected error on SMTP command
Command: mobilzeit.de
Response: 450 Host down (mobilzeit.de)
Building undeliverable message: ......


Hope this helps.

cu, Marco



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

Marco Brück wrote:
>
> I wish I could. As I see at the moment GWIA is not saving log

files...a pity. But here is the part, that's important, I think:
>
> Detected error on SMTP command
> Command: mobilzeit.de
> Response: 450 Host down (mobilzeit.de)
> Building undeliverable message: ......


That's not a DNS problem at all. 450 host down means the DNS resolve
was
succesful, but we can't connect to port 25. Is mobilzeit.de the
sending
domain? If yes, and if that server is behind NAT, you need to
configure
a route.cfg for your GWIA with a pointer to it's own *private* IP.
Lookup route.cfg in the KB.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Slow DNS queries causing problems in GWIA

In article <VB9gb.2136$mH2.1210@prv-forum3.provo.novell.com>, Marco
Brück wrote:
> I tried to configure the Server's resolv.cfg in different ways

(DNS-Server: the
router, different external DNS-Servers and a different order of
these), but nothing
changed.
>

Note that changes to resolv.cfg require that the server is rebooted
(not just restarted)
in order to take effect.

bd
NSC Volunteer SysOp
www.InsightNetSolutions.net




0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

mobilzeit.de is the receiving domain that cannot be reached. The same
problem I have with some other domains, like web.de.

The sending domain is boersch.de with the fileserver named
fs.boersch.de, which resolves to a private IP.

Could it be, that these domains do a reverse lookup, which naturally
doesn't work with DSL and so the sending mailserver is not accepted?
That should produce an other error message, I reckon?!

cu, Marco


>>> Massimo Rosen<mrosenno@spamcfc-it.de> Montag, 6. Oktober 2003

14:44:18 >>>
Hi,

Marco Brück wrote:
>
> I wish I could. As I see at the moment GWIA is not saving log

files...a pity. But here is the part, that's important, I think:
>
> Detected error on SMTP command
> Command: mobilzeit.de
> Response: 450 Host down (mobilzeit.de)
> Building undeliverable message: ......


That's not a DNS problem at all. 450 host down means the DNS resolve
was
succesful, but we can't connect to port 25. Is mobilzeit.de the
sending
domain? If yes, and if that server is behind NAT, you need to
configure
a route.cfg for your GWIA with a pointer to it's own *private* IP.
Lookup route.cfg in the KB.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de





0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

Marco Brück wrote:
>
> Hi,
>
> mobilzeit.de is the receiving domain that cannot be reached. The

same problem I have with some other domains, like web.de.
>
> The sending domain is boersch.de with the fileserver named

fs.boersch.de, which resolves to a private IP.
>
> Could it be, that these domains do a reverse lookup, which naturally

doesn't work with DSL and so the sending mailserver is not accepted?

Yes, but...


> That should produce an other error message, I reckon?!


Usually yes, unless they completely block SMTP that way. Usually
you'll
see a different error message from the receiving mailserver like "5XXDNS verification of sending domain failed" or similar.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Slow DNS queries causing problems in GWIA

Brad,

Brad Doster wrote:
> Note that changes to resolv.cfg require that the server is rebooted

(not just restarted)
> in order to take effect.


Only if the resolve is done via netdb. Quite a few applications
(including GWIA) don't use netdb at all to resolve DNS, but do it on
their own. GWIA should pickup resolve.cfg changes immediately.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

I just edited route.cfg and asked the customer to send e few mails to
mobilzeit.de, so I can check if the errors still occur. Will keep you
updated with the results. Thanks so far!

cu, Marco

>>> Massimo Rosen<mrosenno@spamcfc-it.de> Montag, 6. Oktober 2003

15:38:49 >>>
Hi,

Marco Brück wrote:
>
> Hi,
>
> mobilzeit.de is the receiving domain that cannot be reached. The

same problem I have with some other domains, like web.de.
>
> The sending domain is boersch.de with the fileserver named

fs.boersch.de, which resolves to a private IP.
>
> Could it be, that these domains do a reverse lookup, which naturally

doesn't work with DSL and so the sending mailserver is not accepted?

Yes, but...


> That should produce an other error message, I reckon?!


Usually yes, unless they completely block SMTP that way. Usually
you'll
see a different error message from the receiving mailserver like "5XXDNS verification of sending domain failed" or similar.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de





0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

I've created the route.cfg, as I understand it, it is like a hosts
file for the GWIA. That should work, but does not solve the problem I
think. When I do a ping to a random address (www.uhu.de e.g.) the
resolution into a IP-adress takes about 30 seconds. No packets are
lost, but the time until the adress is displayed seems much too lkong
to me?!

cu, Marco

>>> Massimo Rosen<mrosenno@spamcfc-it.de> Montag, 6. Oktober 2003

15:38:49 >>>
Hi,

Marco Brück wrote:
>
> Hi,
>
> mobilzeit.de is the receiving domain that cannot be reached. The

same problem I have with some other domains, like web.de.
>
> The sending domain is boersch.de with the fileserver named

fs.boersch.de, which resolves to a private IP.
>
> Could it be, that these domains do a reverse lookup, which naturally

doesn't work with DSL and so the sending mailserver is not accepted?

Yes, but...


> That should produce an other error message, I reckon?!


Usually yes, unless they completely block SMTP that way. Usually
you'll
see a different error message from the receiving mailserver like "5XXDNS verification of sending domain failed" or similar.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de





0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

Marco Brück wrote:
>
> Hi,
>
> I've created the route.cfg, as I understand it, it is like a hosts

file for the GWIA. That should work, but does not solve the problem I
think. When I do a ping to a random address (www.uhu.de e.g.) the
resolution into a IP-adress takes about 30 seconds. No packets are
lost, but the time until the adress is displayed seems much too lkong
to me?!

It does sound long, but it shouldn't cause a problem for GWIA, and
there's nothing in your GWIA logs yet that would warrant that it's
really a DNS problem. But you may have general communication problems
to
the internet. What's the contents of your resolv.cfg?

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

I got feedback from the customer, the modified route.cfg works. The
domain mobilzeit.de is now reachable. So far, so good. The contents of
my resolv.cfg:

boersch.de
213.83.0.4 (Our "official" DNS-Server NS1)
172.16.0.254 (The DSL-Router of the customer, which is capable of DNS
as well)
212.19.35.214 (Our second DNS-Server NS2)

cu,

Marco

>>> Massimo Rosen<mrosenno@spamcfc-it.de> Dienstag, 7. Oktober 2003

13:36:30 >>>
Hi,

Marco Brück wrote:
>
> Hi,
>
> I've created the route.cfg, as I understand it, it is like a hosts

file for the GWIA. That should work, but does not solve the problem I
think. When I do a ping to a random address (www.uhu.de e.g.) the
resolution into a IP-adress takes about 30 seconds. No packets are
lost, but the time until the adress is displayed seems much too lkong
to me?!

It does sound long, but it shouldn't cause a problem for GWIA, and
there's nothing in your GWIA logs yet that would warrant that it's
really a DNS problem. But you may have general communication problems
to
the internet. What's the contents of your resolv.cfg?

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de





0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

Marco Brück wrote:
>
> Hi,
>
> I got feedback from the customer, the modified route.cfg works. The

domain mobilzeit.de is now reachable. So far, so good. The contents of
my resolv.cfg:
>
> boersch.de
> 213.83.0.4 (Our "official" DNS-Server NS1)
> 172.16.0.254 (The DSL-Router of the customer, which is capable of

DNS as well)
> 212.19.35.214 (Our second DNS-Server NS2)


The two "official" nameservers are both acting up big time. They
deliver
nonsense responses galore, aka they both claim to be Authoritative for

every .de domain, they have massive problem resolving .com domains,
and
when they answer they again claim to be authoritative. On xxxx.de
queries they also respond in the Authority section with the
rootsrevers
for .de, which is just another big nono. I'd start with them, they are

most certainly the cause of your problem.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

now that is something new to me. To test and correct this, it would be
helpful, if you'd let me know, which tool you used to get this
information. So I could give this info to the responsible engineer.

cu,

Marco

>>> Massimo Rosen<mrosenno@spamcfc-it.de> Dienstag, 7. Oktober 2003

14:12:10 >>>
Hi,

Marco Brück wrote:
>
> Hi,
>
> I got feedback from the customer, the modified route.cfg works. The

domain mobilzeit.de is now reachable. So far, so good. The contents of
my resolv.cfg:
>
> boersch.de
> 213.83.0.4 (Our "official" DNS-Server NS1)
> 172.16.0.254 (The DSL-Router of the customer, which is capable of

DNS as well)
> 212.19.35.214 (Our second DNS-Server NS2)


The two "official" nameservers are both acting up big time. They
deliver
nonsense responses galore, aka they both claim to be Authoritative for

every .de domain, they have massive problem resolving .com domains,
and
when they answer they again claim to be authoritative. On xxxx.de
queries they also respond in the Authority section with the
rootsrevers
for .de, which is just another big nono. I'd start with them, they are

most certainly the cause of your problem.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de





0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Antw: Re: Slow DNS queries causing problems in GWIA

Hi,

Marco Brück wrote:
>
> Hi,
>
> now that is something new to me. To test and correct this, it would

be helpful, if you'd let me know, which tool you used to get this
information. So I could give this info to the responsible engineer.

Just a simple nslookup. Try for instance a nslookup for the mx record
of
any .de domain.

CU,
--
Massimo Rosen
Novell Support Connection Sysop
No emails please!
http://www.cfc-it.de



0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.