I am trying to setup a DNS server for my company but am coming across a few problems.
Basically, the DNS works perfectly if I manually set it in my computer/router but if the router gets the DNS servers through DHCP, the first request always fails/times out. Interestingly, when the request is made this way, the querylog in the server looks like this:
20-Feb-2009 09:58:31.127 queries: info: client IP ADDRESS#60095: query: 1.0.168.192.in-addr.arpa IN PTR +
20-Feb-2009 09:58:31.142 queries: info: client IP ADDRESS#60097: query: IN AAAA +
20-Feb-2009 09:58:31.224 queries: info: client IP ADDRESS#60099: query: IN AAAA +
20-Feb-2009 09:58:32.769 queries: info: client IP ADDRESS#60102: query: IN A +
20-Feb-2009 09:58:39.814 queries: info: client 127.0.0.1#56998: query: (Reverse lookup for the client IP ADDRESS) IN PTR +
20-Feb-2009 09:58:39.815 queries: info: client 127.0.0.1#65324: query: (Reverse lookup for the client IP ADDRESS) IN PTR +
as opposed to just (when it works):
20-Feb-2009 09:58:32.769 queries: info: client IP ADDRESS#60102: query: IN A +
This makes me believe that for some reason, in the first scenario, the request is always taking 5-6 seconds to get to the host (and hence why the first request fails/times out). Subsequently, the router has the DNS entry in it's cache, so the second request works without timing out.
The querylog seems to suggest that when a request is made from a NAT/MASQUERADED host, the server tries to reverse-DNS the host, looks for the domain in IPV6 twice and then finally retrieves it as it should (the A + query). Interestingly, this pattern repeats itself for any DNS request coming from a NAT/MASQ host.
I have no idea why this occurring and I would greatly appreciate any help you can provide.
Basically, the DNS works perfectly if I manually set it in my computer/router but if the router gets the DNS servers through DHCP, the first request always fails/times out. Interestingly, when the request is made this way, the querylog in the server looks like this:
20-Feb-2009 09:58:31.127 queries: info: client IP ADDRESS#60095: query: 1.0.168.192.in-addr.arpa IN PTR +
20-Feb-2009 09:58:31.142 queries: info: client IP ADDRESS#60097: query: IN AAAA +
20-Feb-2009 09:58:31.224 queries: info: client IP ADDRESS#60099: query: IN AAAA +
20-Feb-2009 09:58:32.769 queries: info: client IP ADDRESS#60102: query: IN A +
20-Feb-2009 09:58:39.814 queries: info: client 127.0.0.1#56998: query: (Reverse lookup for the client IP ADDRESS) IN PTR +
20-Feb-2009 09:58:39.815 queries: info: client 127.0.0.1#65324: query: (Reverse lookup for the client IP ADDRESS) IN PTR +
as opposed to just (when it works):
20-Feb-2009 09:58:32.769 queries: info: client IP ADDRESS#60102: query: IN A +
This makes me believe that for some reason, in the first scenario, the request is always taking 5-6 seconds to get to the host (and hence why the first request fails/times out). Subsequently, the router has the DNS entry in it's cache, so the second request works without timing out.
The querylog seems to suggest that when a request is made from a NAT/MASQUERADED host, the server tries to reverse-DNS the host, looks for the domain in IPV6 twice and then finally retrieves it as it should (the A + query). Interestingly, this pattern repeats itself for any DNS request coming from a NAT/MASQ host.
I have no idea why this occurring and I would greatly appreciate any help you can provide.