| Title: | SEAL |
| Moderator: | GALVIA::SMITH |
| Created: | Mon Mar 21 1994 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 1989 |
| Total number of notes: | 8209 |
A customer is experiencing the following problem with AVFW NT V1.1:
While trying to connect to some WWW servers he gets an error stating:
Host name invalid in proxy request (HTTP status code: 404)
The second attemt (Repload) does normally work.
This seems to have to do with a DNS timeout which is too short.
Checking with NSLOOKUP on the firewall I do get also some timeout
messages and then it aborts. Requerying does give the correct
result.
Is there a way to increase the query timeout value, or another
workaround or source for this phenomen ?
Thanks,
Gast
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 1804.1 | look at note 1693 | BACHUS::ROELANDTS | Wa d'es ma da ve ne stuut | Tue Feb 18 1997 09:36 | 10 |
Gaston,
Look at note 1693, we have a same issue with another customer in Sweden
regarding this. Chris works on this.
Rgds,
Guy
| |||||
| 1804.2 | Loads of people have the problem | SIOG::JORDAN | Wed Feb 19 1997 04:49 | 12 | |
Hi,
I discovered this on a site and entered a note (using the customers
name) in the AltaVista support forums on 28th Jan. Go have a look at
http://support.altavista.software.digital.com in the firewall forum
(Note 318). You will see that many other people have this problem.
AltaVista engineering are meant to be investigating this problem.
Regards
Brian
| |||||
| 1804.3 | Add the forwarders line | NETRIX::"[email protected]" | Scott Estabrooks | Wed Feb 19 1997 17:39 | 25 |
The fundamental timeout is presumably happening on the internal DNS server. Most DNS implementations do not support a timeout value (Microsoft DNS is one that does support it), as it ties down all applications that use it to the same timeout value. Ideally it is the responsibility of the application (e.g. web server) to resend the query if it doesn't get a response on the first try, since they know what is an acceptable timeout value for the application. If it is indeed the internal DNS server that concerns you, add the firewall host to the forwarders line two or more times. This will cause it to retry the query if it timeouts the first time. If you are running MS dns on the internal server, you can set the HKEY_LOCAL_MACHINE\\System\currentcontrolset\services\dns\forwarder timeout. If the firewall concerns you, then you can add the internal dns server to the name server list twice. I suspect that the root of the problem is the internal server, as it is the one that has to wait the longest, and has to give the response to the application. There are no current plans to add a timeout to the NT firewall dns. This is a common workaround for the problem (assuming your dns is set up correctly otherwise). ScottE [Posted by WWW Notes gateway] | |||||
| 1804.4 | problem description and workaround | BACHUS::ROETS | Chris Roets | Mon Feb 24 1997 05:02 | 5 |
They actual problem is discribed in notes 1778.
It is a real bug in the AFWNT name-server
There is also a workaround for this problem in this notes-file
Chris
| |||||