Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: leo.xue
leo.xue Author
User level: Level 1
0 points

DNS after reducing the advertised EDNS UDP packet size to 512 octets

hello User uploaded file
There is something wrong with my DNS server, it open internet webs so slow,and i have no idea with this .



04-Mar-2011 14:31:57.264 zone 0.0.127.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: loaded serial 1997022700
04-Mar-2011 14:31:57.264 zone 15.0.168.192.in-addr.arpa/IN/com.apple.ServerAdmin.DNS.public: loaded serial 2011030204
04-Mar-2011 14:31:57.265 zone ******/IN/com.apple.ServerAdmin.DNS.public: loaded serial 2011030404
04-Mar-2011 14:31:57.265 zone localhost/IN/com.apple.ServerAdmin.DNS.public: loaded serial 42
04-Mar-2011 14:31:57.265 running
04-Mar-2011 14:32:00.066 host unreachable resolving 'b. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:7fd::1#53
04-Mar-2011 14:32:00.261 host unreachable resolving 'r. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:500:2f::f#53
04-Mar-2011 14:32:00.261 host unreachable resolving 'r. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:503:c27::2:30#53
04-Mar-2011 14:32:00.261 host unreachable resolving 'r. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:503:ba3e::2:30#53
04-Mar-2011 14:32:00.261 host unreachable resolving 'r. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:7fd::1#53
04-Mar-2011 14:32:00.261 host unreachable resolving 'r. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:dc3::35#53
04-Mar-2011 14:32:00.361 host unreachable resolving 'dr. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:500:1::803f:235#53
04-Mar-2011 14:32:00.361 host unreachable resolving 'dr. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:7fd::1#53
04-Mar-2011 14:32:00.361 host unreachable resolving 'dr. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:dc3::35#53
04-Mar-2011 14:32:00.361 host unreachable resolving 'dr. dns-sd.udp.0.0.168.192.in-addr.arpa/PTR/IN': 2001:503:ba3e::2:30#53
04-Mar-2011 14:32:00.866 host unreachable resolving './NS/IN': 2001:7fd::1#53
04-Mar-2011 14:32:01.005 success resolving './NS' (in '.'?) after reducing the advertised EDNS UDP packet size to 512 octets
04-Mar-2011 14:32:01.408 success resolving 'local/SOA' (in '.'?) after disabling EDNS
04-Mar-2011 14:32:01.533 host unreachable resolving 't.arin.net/AAAA/IN': 2001:503:ba3e::2:30#53
04-Mar-2011 14:32:01.534 host unreachable resolving 'v.arin.net/AAAA/IN': 2001:500:1::803f:235#53
04-Mar-2011 14:32:01.534 host unreachable resolving 'v.arin.net/AAAA/IN': 2001:7fd::1#53
04-Mar-2011 14:32:01.534 host unreachable resolving 'v.arin.net/AAAA/IN': 2001:503:ba3e::2:30#53
04-Mar-2011 14:32:01.534 host unreachable resolving 'w.arin.net/A/IN': 2001:500:1::803f:235#53


anyone help!! User uploaded file Thanks a lot.

Message was edited by: leo.xue

xserver, Mac OS X (10.6.1), DNS

Posted on Mar 3, 2011 10:34 PM

Reply
8 replies
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,733 points

Mar 24, 2011 6:49 AM in response to tyrol25

Shut off IPv6 DNS networking and try again.

That probably easiest via System Preferences > Network > select controller > Advanced ... > TCP/IP > Configure IPv6 > Off. (There's also a way to shut it off for BIND at launch time via tweaking the startup plist, but let us not go there first.)

The "DNS after reducing the advertised EDNS UDP packet size to 512" stuff is a problem with an intervening DNS server, or the path to a DNS server. If there are forwarding servers configured, remove them and remove the references. There is probably a broken firewall/gateway/router box here (or more?) that are blocking UDP packet fragments, or that are blocking UDP packets larger than 512 bytes, etc.
Reply
User profile for user: tyrol25
tyrol25
User level: Level 1
14 points

Mar 28, 2011 3:27 AM in response to MrHoffman

Mr. Hoffman,

Thank you for the advice. At least in my case, shutting off IPv6 and deleting the forwarding DNS servers didn't solve the issue. Only after replacing the Airport Extreme Base Station with another router (D-Link) the problem appears to have disappeared. The AEBS is still under warranty so I'll be contacting Apple about this.

Thanks again for your suggestions!
Reply
User profile for user: Heath Roberts
Heath Roberts
User level: Level 1
0 points

Apr 21, 2011 8:01 PM in response to MrHoffman

Turning off IPv6 doesn't seem to make any difference for me, either--some of the failures are AAAA records, but A queries are equallt unresolvable. For me, the problem seems to be caused by a Time Warner Ubee router that doesn't like DNS requests larger than 512 bytes, combined with the fact that Snow Leopard's DNS resolver *really* wants to use EDNS & provides no mechanism to turn it off.


(yes, I know it's "TWC's problem", but it's affecting *me*, and I'd like to fix it (well, implement a workaround) in less time than TWC is likely to take)

Reply
User profile for user: Heath Roberts
Heath Roberts
User level: Level 1
0 points

Apr 21, 2011 8:20 PM in response to Heath Roberts

It may be early to declare victory, but it appears that forcing bind to port 53 per the comment in /etc/named.conf:


/*

User uploaded fileUser uploaded file

* If there is a firewall between you and nameservers you want

* to talk to, you might need to uncomment the query-source

* directive below. Previous versions of BIND always asked

* questions using port 53, but BIND 8.1 uses an unprivileged

* port by default.

*/

// query-source address * port 53;


(i.e. take out those two slashes in front of "query-source address")


has worked.

I'll have to do tcpdump some traffic sometime to see whether bind is still sending EDNS requests.

Reply
User profile for user: oszillo
oszillo
User level: Level 1
0 points

Aug 9, 2013 1:19 PM in response to Olaf Seifert

also interesting, when setting DNS servers IPs in Network Settings for your host,

it is important that the IPs are not doubled.


in example if you have Networksettings like

automatic DHCP given from router or server.

IP-Adress: 192.168.2.2

Subnetmask: 255.255.255.0

Router IP: 192.168.2.1

DNS-Server: 127.0.0.1, 192.168.2.2

wich means localhost and again same machine, just different IP..
then your lookup mechanism has to walk thru this steps to know if there is nothing inside to resolve adresses.


which means in this example it would take double the time if DNS-Server would be just 127.0.0.1


you can see if there is a lot to work thru in your logs.

look for something like "sizing zone task pool based on 9 zones".

this mount of zones will change if you set the correct DNS server IP.

more zones are slower than less, very logical!


but this will not solve your problem with packet size at all, it just reduces circles after dns resolves not known adresses even with packet size change.

Reply

DNS after reducing the advertised EDNS UDP packet size to 512 octets

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up