$ uname -a
Linux ubuntu 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
$ docker -v
Docker version 20.10.8, build 3967b7d
$ docker-compose -v
docker-compose version 1.29.1, build c34c88b2
Dockerfile
FROM coredns/coredns:1.8.4
...
Corefile
. {
forward . 8.8.8.8
errors
log . "{common}"
hosts /etc/coredns/hosts {
fallthrough
}
reload
}
I am running an ubuntu server, and I have a coredns running on docker. My problem is coredns is giving "NXDOMAIN" in the logs for some specific domains.
- cnn.com
- deb.debian.org (debian.org is fine ...)
$ cat /etc/resolv.conf
# resolv.conf(5) file generated by tailscale
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
$ dig cnn.com @127.0.0.1
; <<>> DiG 9.16.1-Ubuntu <<>> cnn.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21210
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cnn.com. IN A
;; ANSWER SECTION:
cnn.com. 9 IN A 151.101.193.67
cnn.com. 9 IN A 151.101.1.67
cnn.com. 9 IN A 151.101.129.67
cnn.com. 9 IN A 151.101.65.67
;; Query time: 19 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Apr 14 11:16:52 JST 2022
;; MSG SIZE rcvd: 128
$ ping cnn.com -c4
PING cnn.com(2a04:4e42:200::323 (2a04:4e42:200::323)) 56 data bytes
64 bytes from 2a04:4e42:200::323 (2a04:4e42:200::323): icmp_seq=2 ttl=55 time=18.6 ms
64 bytes from 2a04:4e42:200::323 (2a04:4e42:200::323): icmp_seq=3 ttl=55 time=18.7 ms
64 bytes from 2a04:4e42:200::323 (2a04:4e42:200::323): icmp_seq=4 ttl=55 time=18.8 ms
--- cnn.com ping statistics ---
4 packets transmitted, 3 received, 25% packet loss, time 7052ms
rtt min/avg/max/mdev = 18.551/18.695/18.796/0.104 ms
[INFO] 100.120.120.94:43627 - 41421 "A IN deb.debian.org. udp 32 false 512" NOERROR qr,rd,ra 124 0.020672765s
[INFO] 100.120.120.94:43627 - 60616 "AAAA IN deb.debian.org. udp 32 false 512" NOERROR qr,rd,ra 136 0.022341271s
[INFO] 100.120.120.94:35279 - 26054 "PTR IN 4.4.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.1.0.0.2.4.e.4.4.0.a.2.ip6.arpa. udp 90 false 512" NXDOMAIN qr,rd,ra 172 0.020486826s
[INFO] 100.120.120.94:35238 - 60789 "PTR IN 4.4.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.1.0.0.2.4.e.4.4.0.a.2.ip6.arpa. udp 90 false 512" NXDOMAIN qr,rd,ra 172 0.020337411s
[INFO] 100.120.120.94:44571 - 37525 "AAAA IN cnn.com. udp 25 false 512" NOERROR qr,rd,ra 165 0.019740253s
[INFO] 100.120.120.94:44571 - 3240 "A IN cnn.com. udp 25 false 512" NOERROR qr,rd,ra 117 0.019772094s
[INFO] 100.120.120.94:53597 - 44735 "PTR IN 3.2.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.4.e.4.4.0.a.2.ip6.arpa. udp 90 false 512" NXDOMAIN qr,rd,ra 172 0.020004059s
[INFO] 100.120.120.94:60810 - 58014 "PTR IN 3.2.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.4.e.4.4.0.a.2.ip6.arpa. udp 90 false 512" NXDOMAIN qr,rd,ra 172 0.020336111s
####
this goes fine
####
[INFO] 100.120.120.94:56127 - 43371 "A IN google.com. udp 28 false 512" NOERROR qr,rd,ra 54 0.053885944s
[INFO] 100.120.120.94:56127 - 61295 "AAAA IN google.com. udp 28 false 512" NOERROR qr,rd,ra 66 0.055172987s
[INFO] 100.120.120.94:51036 - 14508 "PTR IN e.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.5.2.8.0.4.0.0.4.0.0.8.6.4.0.4.2.ip6.arpa. udp 90 false 512" NOERROR qr,rd,ra 201 0.019446238s
[INFO] 100.120.120.94:51348 - 28874 "PTR IN e.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.5.2.8.0.4.0.0.4.0.0.8.6.4.0.4.2.ip6.arpa. udp 90 false 512" NOERROR qr,rd,ra 201 0.019516342s
When I ping to cnn.com,
PING cnn.com(2a04:4e42:200::323 (2a04:4e42:200::323)) 56 data bytes, this takes like 5 secs to show.64 bytes from 2a04:4e42:200::323 (2a04:4e42:200::323): icmp_seq=2 ttl=55 time=18.6 ms, this initial one takes another 5 secs to show.
And this delay only happens if I ping on the server itself. If I use the server as the primary DNS on a computer in the network, it works as expected (responds normally).
What is possibly slowing it down?