Solved

DNS -infinite loop to time.apple.com

Posted on 2011-03-14
15
1,300 Views
Last Modified: 2013-11-11
Hi Everyone,

I have several MAC OS X computers running version 10.6.4 that keep querying for time.apple.com.
I don't know where the problem is resides:

1) The computers that are asking for time.apple.com every few seconds?
2) My DNS server running on Windows 2008 Enterprise edition that keeps going to the internet to resolve the request for time.apple.com.

Why is it not cached after the first request? All other requests are cached like I expect them to be. Why are so many computers hitting the dns server so frequently?

Thanks
/Nick Rigas
0
Comment
Question by:sjsduser
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 3
  • +1
15 Comments
 
LVL 32

Accepted Solution

by:
nappy_d earned 500 total points
ID: 35129065
I would recommend that you stop using Apple's NTP server and change to your Windows 2008 server for NTP.  I am assuming that you have Active Directory in place, of course.

Also, you 2008 server is most likely not a public and authoratative DNS server.  Because of this, it will always refer your clients to internet DNS for resolution.
0
 
LVL 53

Expert Comment

by:strung
ID: 35129082
What IP address does your DNS server show for time.apple.com? Is it correct? I get 17.151.16.20.
0
 
LVL 53

Expert Comment

by:strung
ID: 35129131
Apparently time.apple.com has four servers:
17.151.16.20
17.151.16.21
17.151.16.22
17.151.16.23
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 

Author Comment

by:sjsduser
ID: 35131369
Hi,
We do have a time server running here.
Our Mac computers "should be" updating to it.
I notice that some don't have the correct plist file.
------------------------------------------------
nslookup time.apple.com
Server:  *****
Address:  10.X.X.X

Non-authoritative answer:
Name:    time.apple.com
Addresses:  17.151.16.21
          17.151.16.22
          17.151.16.23
          17.151.16.20
-----------------------------------------------------
What I don't understand is, everything worked before.
Suddenly I have 1000's of sessions in my firewall.
Each request for Time.apple.com creates another session.
Is there a known issue with DNS on Windows?

/Nick
0
 
LVL 53

Expert Comment

by:strung
ID: 35131395
Why don't you set the Macs to sync with your server rather than time.apple.com?
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 35131536
That's what I suggested here http:#35129065 that he use his own internal NTP server.  This is the process that should be done if your Macs are integrated with AD.  Even it AD integration is not setup, use of your internal NTP server is recommened (I.M.O)
0
 
LVL 53

Expert Comment

by:strung
ID: 35131557
Sorry, Nappy, I missed your message because my first message was posted almost contemporaneously.
0
 

Author Comment

by:sjsduser
ID: 35148123
Quick Update,

I've changed the time server to my local machine.
Will see if this make a difference.
I will need to wait till the Mac Server administrator comes back to push it out division wide.

It still does not explain why my server is not caching the results for time.apple.com. The dns server always forwarding the requests to the root hints.

/Nick
0
 

Author Comment

by:sjsduser
ID: 35150269
Our dns logs have this in the log over and over again

eg.

16/03/2011 11:10:25 AM 1628 PACKET 0000000038FB8B0 UDP Snd 10.24.2.254 6d17 R Q [8281 DR SERVFAIL] TXT (4)time(5)apple(3)com(0)

What does this mean?
0
 

Author Comment

by:sjsduser
ID: 35150317
and here is the first part when initially received by the dns server 9 seconds earlier

16/03/2011 11:10:16 AM 1A90 PACKET 00000000033EB790 UDP Rvc 10.24.2.254 6d17 Q [0001 D NOERROR TXT (4)time(5)apple(3)com(0)


0
 

Author Comment

by:sjsduser
ID: 35150367
More digging has revealed it also seems to be sending the request to

17.112.144.59 and 17.72.133.64 which appears to be nserver4.apple.com

Apple dns server I presume
0
 
LVL 32

Expert Comment

by:nappy_d
ID: 35150569
When you say your "local machine" do you mean an NTP server on your network or are you pointing to the Mac itself?
0
 

Author Comment

by:sjsduser
ID: 35150767
Yes the time server has been changed from time.apple.com to our local time server.

It appears that time.apple.com does not have a TXT record and that is why those requests keep failing. But why does it keep requesting them?
0
 
LVL 12

Expert Comment

by:nxnw
ID: 35798330
FYI, when I use dig @17.112.144.59 -t txt time.apple.com, I get, among other things,
;; ANSWER SECTION:
time.apple.com.            3600      IN      TXT      "ntp minpoll 9 maxpoll 12 iburst"
I wonder if the problem with the DNS query might be, either, a dirty cache or some misconfiguration of the DNS server.

That is a problem that should likely be sorted out in due course, but your primary issue has presumably been corrected by using your internal NTP server (as advised by nappy_d). As a general rule, clients should be using the same NTP server as the server they are using for authentication (not only with AD, but OD as well).

0
 

Author Closing Comment

by:sjsduser
ID: 37185541
I ended up assigning computers to update to my local NTP server, then I edited each Apple Airport to update to my local time server and this resolved the issue.

/Thanks to everyone who participated.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The /etc/authorization file in Mac OS X 10.x can be used to control access to the various panes of the System Preferences amongst other things. It’s used by some of us Mac Sys Admin’s to give Standard Users access to System Prefs panes that only adm…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question