An interesting set of problems...

Hey all,

I've purused the google groups and the ISC ML archives, but I
haven't found a solution to a couple of problems I had recently.

First off, I'm running BIND 8.3.4 on solaris 8 (running on an
Ultra enterprise 2 with 256MB of ram). The server is serving a mostly
windows environment (about 600 hosts) spread out over a few city blocks.
I forward all of my requests to our parent organization (we're behind
several firewalls). One of the problems I had was every so often, when,
say going to a web page, IE would say the host could not be found. If
you try to go to the page immediately after that, it went right to it.
This was very intermittent, and seemed to happen more after the cache
had been flushed. I never did find a solution to it.

Then my organization upgraded to active directory. 4 active
directory name servers forwarded requests to my name server and shorlty
thereafter, the real problem started. After a period of time, my name
server stopped forwarding. It would still serve it's authoritative
zones, but it wouldn't forward to the parent org's dns servers anymore.
All requests timed out. I can still ping my name server, the load was
low, named was not using much memory, and the network connectivity is
good (to both my server and the parent orgs servers). Named just
wouldn't forward. I had full debuigging and logging turned on, nothing
unusual shows up. If I restart named (send it a HUP or kill and
restart) it starts forwarding again (for anywhere from 10 to 30 minutes,
then it stops forwarding again.

As a response to all of this, I've upgraded to 9.2.2, and will
be putting it into production next week. I'll have two servers (or
possibly more). My big questions is, does anyone understand why named
8.3.4 behaved this way? I don't want to have a repeat incident next
week. I can post my sanitized config from work tommarrow if that would
help. I appreciate anyone's help on this. Thanks.


--
Bill Woodford
woodford@comcast.net