Some ISP's having problem with my www subdomain

Mark Andrews Mark_Andrews at isc.org
Thu Feb 26 20:42:53 UTC 2004 

> This is quite strange and I wonder if anybody can offer me some
> advice, knowlege, or help.
> 
> I run a website called lucidsage.com, hosted by Yahoo (not open yet,
> still under construction).
> 
> I have noticed that there are times when I cannot hit:
> www.lucidsage.com but CAN hit lucidsage.com (without the www
> subdomain). When I can't hit www.lucidsage.com, I get an error in
> Internet Explorer stating that it could not resolve the address.
> 
> The difference 'appears' to be the ISP I happen to be using when I try
> to hit the page. For example, I used to be able to make the problem
> manifest itself from my office but not at home (different ISPs). If I
> call up a friend (who is using a different ISP) and they try, they can
> successfully hit both versions of the address.
> 
> In talking to Yahoo, they obviously claim that everything is perfect
> on their end since they themselves can hit both www.lucidsage.com and
> lucidsage.com and that the problem must be elsewhere. Unfortunately,
> I'm not familiar enough with how DNS works to know if they are correct
> or not.
> 
> I did get one clue that I suspect might hold the answer. As I
> mentioned earlier, I used to have this problem when trying to access
> the site from my office. Our IT staff found a problem where some of
> our DNS queries were being dropped because our firewall was limiting
> UDP packets to 512 bytes but our Microsoft Windows Server 2003 was
> configured to allow packets greater than 512. When hitting a large
> site like Yahoo, whose DNS queries I 'assume' can contain
> significantly more data than smaller sites, those queries were being
> dropped because they were being sent in packets greater than the 512
> limit on the firewall. The following microsoft article discusses this
> problem:
> 
> http://support.microsoft.com/default.aspx?scid=kb;en-us;828263
> 
> Before our IT dept fixed this, I had trouble accessing subdomains such
> as mail.yahoo.com but could successfully access yahoo.com. After the
> fix, I was able to access subdomains successfully.
> 
> Could this same thing be happening with other ISPs? For example, a
> friend of mine using CompuServe cannot access www.lucidsage.com but
> CAN access lucidsage.com. Is it likely CompuServe (and who knows how
> many other ISPs) are having a problem like the one mentioned above?
> 
> Any thoughts or ideas?
> 
> Thanks.

	If the first dig succeeds and the second fails you likely
	have a firewall problem.

	dig www.lucidsage.com @yns1.yahoo.com
	dig www.lucidsage.com @yns1.yahoo.com +dnssec

	+dnssec turns on EDNS.

	Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list