# packets for first query with personal DNS server

Hello everyone -

I asked earlier about my new DNS server (subj: DNS server config) and
applied the information I received, which was very helpful. Now I'm not as
concerned about my DNS server wildly notifying everyone because of various
TLD stuff. However I do have a question about how it is resolving
packets (more of an information question I believe - but maybe not ). I
have been capturing the packets for most of the initial queries to see how
it is doing. I am getting the hostnames resolved - such as google, yahoo,
etc - but when I looked at the packet headers with ethereal I noticed that
it took almost 130 packets (or datagrams, whatever ) to resolve the
initial query of www.google.com. I mean it was sending packets to [za|zc
zf|zh].akadns.org (apparently google's domain, or one of them) all right in
a row, then it started sending packets to
chia,dill,BASIL,henna,epazote.ARIN.NET (and others), the regional domains.
And it did this a couple of times (hence all the packets). There were also
a few [Standard query response, Format error] packets received (plus some
[Short Frame]).

I am wondering if this is normal because after this initial query, i.e. when
I pinged yahoo or received mail from my ISP, the name resolution took far
fewer (~20 packets for each). Does it just need to gather a bunch of info
for its first query, or is something screwed up with my setup? (my vote is
on the latter )

Also, are the [Format error] responses because I'm sending the queries from
a private address going through an NAT router, thus making the source
port != 53? Or is it something else? Or normal?


Thanks for your time and any help -
jab3