All,
Ping, traceroute, telnet, etc. fail from time to time (not always). They fail with “unknown host”. But nslookup always works. If you try a ping after an nslookup on the same host it will always work. This is very strange.
I am running HP-UX 11i with a fairly empty hosts file (only the local server information) a properly configured resolv.conf and nsswitch.conf to go to files, then DNS. I have a lot of experience with DNS so I know nsswitch.conf and resolv.conf are right.
I noticed with tcpdump that on failures the behavior is that the host will open a port (random > 1024) to connect to port 53 on the DNS server. The DNS server responds to the randomly opened port and then the local server refuses the packet (says “udp port xxxxx unreachable for dns.server.com”). Its like the port was closed before the response got back, but the response was quick so it shouldn’t be a timing issue.
Any thoughts?
