resolv.conf options rotate and discovery of ISP DNS issue

Lately I somehow bumped on the manpage of resolv.conf. While reading it I saw the following really nice option:

rotate               sets  RES_ROTATE  in _res.options, which causes round robin selection of name‐
                     servers from among those listed.  This has the effect of spreading  the  query
                     load  among  all  listed servers, rather than having all clients try the first
                     listed server first every time.

Since then my /etc/resolv.conf on both Gentoo and Debian looks like that:
options rotate

(I prefer using GrNET‘s DNS servers than any others in Greece, especially for my laptop configuration. Since they allow recursion I can use them to avoid lousy DNS services provided by lousy DSL routers regardless of the ISP I am currently using, when I am “mobile” with my laptop.)

While using the following config I issued a ping command on a teminal and a tcpdump command on another to see what was actually happening. The result looked like this:
root@lola:~# tcpdump -ni eth1 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
11:20:46.405694 IP > 39212+ A? (25)
11:20:46.444266 IP > 39212* 1/5/8 A (319)
11:20:46.484490 IP > 50452+ PTR? (46)
11:20:46.584171 IP > 50452 ServFail 0/0/0 (46)
11:20:46.584449 IP > 50452+ PTR? (46)
11:20:46.624179 IP > 50452 1/7/6 (357)
11:20:47.484420 IP > 33179+ PTR? (46)
11:20:47.524176 IP > 33179 1/7/6 (357)
11:20:48.484483 IP > 21949+ PTR? (46)
11:20:48.524184 IP > 21949 1/3/6 (271)
11:20:49.487610 IP > 8619+ PTR? (46)
11:20:49.534204 IP > 8619 ServFail 0/0/0 (46)
11:20:49.534429 IP > 8619+ PTR? (46)
11:20:49.574138 IP > 8619 1/7/6 (357)
11:20:50.494537 IP > 3415+ PTR? (46)
11:20:50.534145 IP > 3415 1/7/6 (357)
11:20:51.494552 IP > 4504+ PTR? (46)
11:20:51.534205 IP > 4504 1/3/6 (271)
11:20:52.494554 IP > 48450+ PTR? (46)
11:20:52.544197 IP > 48450 ServFail 0/0/0 (46)
11:20:52.544409 IP > 48450+ PTR? (46)
11:20:52.584232 IP > 48450 1/7/6 (357)

People who are used to reading tcpdump output will immediately point out the ServFail entries of the log. Server refused to provide proper results for the PTR query of

Further investigation of the problem:

root@lola:~# dig ptr @
;  IN  PTR

root@lola:~# dig ptr @
;  IN  PTR

root@lola:~# dig ptr @
;  IN  PTR

It was obvious that 2 out of 3 DNS servers responded as they should and the other did not.

What I did was to notify a friend working as an administrator there (GrNET) and let him know of the problem. After some investigation, he later on told me that the problem was related to dnssec issues. Possibly a configuration error on RIPE‘s side. As far as I know they had to temporarily disable dnssec on the 147.102 zone…I am not aware whether they fixed the problem (using dnssec) yet though.

I am really glad they acted as fast as possible regarding the solution of the problem 🙂

3 Responses to “resolv.conf options rotate and discovery of ISP DNS issue”

  1. Faidon Liambotis
    September 29th, 2009 | 00:15
    Using Mozilla Firefox Mozilla Firefox 3.0.12 on Debian GNU/Linux Debian GNU/Linux

    Investigation so far has showed that it’s a BIND 9.5 issue.
    Upgrading to 9.6 or stopping to be authoritative for (GRNET is NTUA’s slave) solves the problem.
    Strangely, the problem happened only to early allocation /16 ranges such as NTUA, AUTH, TUC etc.

    We’ve decided to disable DNSSEC validation for the moment. We’ll reenable it when the long-awaited split of authoritative and recursive NS happens.

  2. September 29th, 2009 | 10:23
    Using Google Chrome Google Chrome on Linux Linux

    Hmm, good trick. I’d think that nameservers would have a way to distribute though. Could be wrong. I had to add ‘options single-request’ earlier to my ‘/etc/resolv.conf.head’ to fix some ipv6 issues. Thought resolv.conf just held nameservers, learn something new everyday. I use dhcpcd but I think that the head and tail files can be used for any dhcp client.

  3. ram 
    October 12th, 2009 | 10:25
    Using Mozilla Firefox Mozilla Firefox 3.0.14 on Ubuntu Linux Ubuntu Linux

    It’s not clear what is the exact purpose of this project, are you trying to do something like 1passwd which would be extremely interesting under Linux, or it’s just a GUI for reading encrypted files?
    It’s nice to have ebuilds!

Leave a reply