different answers from google's authoritative servers
Sotiris Tsimbonis
stsimb at forthnet.gr
Wed Jun 1 11:34:00 UTC 2016
Hi all,
We have 3 recursive resolvers on the same subnet, and one of them is
getting different answers for the same things from google's
authoritative dns servers.
[root at syz3ns01 ~]# RESOLVERS="ns1.google.com. ns2.google.com.
ns3.google.com. ns4.google.com."
[root at syz3ns01 ~]# SITES="www.google.com. www.google.gr."
[root at syz3ns01 ~]# for resolver in ${RESOLVERS} ; do for site in
${SITES}; do echo "${resolver} ${site} $(dig +short A ${site}
@${resolver})" ; done ; done
ns1.google.com. www.google.com. 216.58.211.4
ns1.google.com. www.google.gr. 216.58.211.3
ns2.google.com. www.google.com. 216.58.211.4
ns2.google.com. www.google.gr. 216.58.211.3
ns3.google.com. www.google.com. 216.58.211.4
ns3.google.com. www.google.gr. 216.58.211.3
ns4.google.com. www.google.com. 216.58.211.4
ns4.google.com. www.google.gr. 216.58.211.3
[root at syz3ns02 ~]# RESOLVERS="ns1.google.com. ns2.google.com.
ns3.google.com. ns4.google.com."
[root at syz3ns02 ~]# SITES="www.google.com. www.google.gr."
[root at syz3ns02 ~]# for resolver in ${RESOLVERS} ; do for site in
${SITES}; do echo "${resolver} ${site} $(dig +short A ${site}
@${resolver})" ; done ; done
ns1.google.com. www.google.com. 216.58.211.36
ns1.google.com. www.google.gr. 216.58.211.35
ns2.google.com. www.google.com. 216.58.211.36
ns2.google.com. www.google.gr. 216.58.211.35
ns3.google.com. www.google.com. 216.58.211.36
ns3.google.com. www.google.gr. 216.58.211.35
ns4.google.com. www.google.com. 216.58.211.36
ns4.google.com. www.google.gr. 216.58.211.35
[root at syz3ns03 ~]# RESOLVERS="ns1.google.com. ns2.google.com.
ns3.google.com. ns4.google.com."
[root at syz3ns03 ~]# SITES="www.google.com. www.google.gr."
[root at syz3ns03 ~]# for resolver in ${RESOLVERS} ; do for site in
${SITES}; do echo "${resolver} ${site} $(dig +short A ${site}
@${resolver})" ; done ; done
ns1.google.com. www.google.com. 172.217.16.36
ns1.google.com. www.google.gr. 172.217.16.35
ns2.google.com. www.google.com. 172.217.16.36
ns2.google.com. www.google.gr. 172.217.16.35
ns3.google.com. www.google.com. 172.217.16.36
ns3.google.com. www.google.gr. 172.217.16.35
ns4.google.com. www.google.com. 172.217.16.36
ns4.google.com. www.google.gr. 172.217.16.35
The IP addresses of our servers are 84.205.252.16, 84.205.252.18 and
84.205.252.20 respectively.
The problem with the third answer set is on the users' browsers, it
produces an ssl certificate error and users cannot access google.
traceroute to google's dns servers are different on the penultimate hop
(hop 12)
[root at syz3ns01 ~]# traceroute ns3.google.com.
traceroute to ns3.google.com (216.239.36.10), 30 hops max, 38 byte packets
1 syz3fw01-dmz.servers.n3.syzefxis.gov.gr (10.95.1.1) 0.405 ms 0.262
ms 0.217 ms
2 84.205.252.6 (84.205.252.6) 0.718 ms 0.504 ms 0.511 ms
3 193.92.42.169 (193.92.42.169) 0.937 ms 1.024 ms 0.482 ms
4 194.219.208.29 (194.219.208.29) 1.017 ms 1.004 ms 0.946 ms
MPLS Label=757472 CoS=5 TTL=1 S=0
5 xe-0-3-1.core-lsf-08.forthnet.gr (213.16.247.193) 0.950 ms 1.063
ms 0.982 ms
6 74.125.48.74 (74.125.48.74) 8.373 ms 8.374 ms 8.341 ms
7 72.14.237.27 (72.14.237.27) 8.352 ms 72.14.237.189 (72.14.237.189)
12.085 ms 72.14.237.27 (72.14.237.27) 8.979 ms
8 209.85.253.114 (209.85.253.114) 26.920 ms 26.114 ms 25.789 ms
MPLS Label=772454 CoS=5 TTL=1 S=0
9 216.239.58.8 (216.239.58.8) 50.816 ms 209.85.241.233
(209.85.241.233) 42.159 ms 43.461 ms
MPLS Label=756878 CoS=5 TTL=1 S=0
10 209.85.251.178 (209.85.251.178) 45.549 ms 44.474 ms 45.682 ms
MPLS Label=720256 CoS=5 TTL=1 S=0
11 74.125.37.103 (74.125.37.103) 39.998 ms 216.239.49.244
(216.239.49.244) 48.116 ms 74.125.37.150 (74.125.37.150) 42.865 ms
MPLS Label=25186 CoS=5 TTL=1 S=0
12 209.85.251.231 (209.85.251.231) 39.575 ms 72.14.238.43
(72.14.238.43) 43.933 ms 209.85.242.165 (209.85.242.165) 46.748 ms
13 * *Icmp checksum is wrong
*
14 ns3.google.com (216.239.36.10) 41.453 ms 39.987 ms 47.545 ms
[root at syz3ns01 ~]#
[root at syz3ns02 ~]# traceroute ns3.google.com.
traceroute to ns3.google.com (216.239.36.10), 30 hops max, 38 byte packets
1 syz3fw01-dmz.servers.n3.syzefxis.gov.gr (10.95.1.1) 0.232 ms 0.283
ms 0.209 ms
2 84.205.252.6 (84.205.252.6) 0.688 ms 0.535 ms 0.455 ms
3 193.92.42.169 (193.92.42.169) 1.715 ms 0.835 ms 0.726 ms
4 194.219.208.29 (194.219.208.29) 1.248 ms 0.876 ms 0.773 ms
MPLS Label=757472 CoS=5 TTL=1 S=0
5 xe-0-3-1.core-lsf-08.forthnet.gr (213.16.247.193) 0.755 ms 1.047
ms 0.944 ms
6 74.125.48.74 (74.125.48.74) 8.331 ms 8.546 ms 8.328 ms
7 72.14.237.189 (72.14.237.189) 12.286 ms 72.14.237.27 (72.14.237.27)
5.935 ms 72.14.237.189 (72.14.237.189) 13.211 ms
8 209.85.253.114 (209.85.253.114) 22.488 ms 209.85.240.160
(209.85.240.160) 25.713 ms 26.401 ms
MPLS Label=554255 CoS=5 TTL=1 S=0
9 216.239.57.244 (216.239.57.244) 41.070 ms 209.85.241.233
(209.85.241.233) 34.822 ms 209.85.242.79 (209.85.242.79) 38.180 ms
MPLS Label=27780 CoS=5 TTL=1 S=0
10 209.85.251.178 (209.85.251.178) 36.262 ms 66.249.95.39
(66.249.95.39) 44.744 ms 209.85.143.25 (209.85.143.25) 43.497 ms
MPLS Label=25688 CoS=5 TTL=1 S=0
11 216.239.49.240 (216.239.49.240) 42.459 ms 216.239.49.244
(216.239.49.244) 42.738 ms 39.587 ms
MPLS Label=731306 CoS=5 TTL=1 S=0
12 72.14.238.215 (72.14.238.215) 46.858 ms 216.239.51.147
(216.239.51.147) 48.715 ms 209.85.246.164 (209.85.246.164) 86.761 ms
Icmp checksum is wrong
13 * * *
14 ns3.google.com (216.239.36.10) 48.178 ms 48.106 ms 48.157 ms
[root at syz3ns02 ~]#
[root at syz3ns03 ~]# traceroute ns3.google.com.
traceroute to ns3.google.com (216.239.36.10), 30 hops max, 38 byte packets
1 syz3fw01-dmz.servers.n3.syzefxis.gov.gr (10.95.1.1) 0.297 ms 0.393
ms 0.447 ms
2 84.205.252.6 (84.205.252.6) 0.454 ms 0.574 ms 0.751 ms
3 193.92.42.169 (193.92.42.169) 0.938 ms 0.823 ms 0.733 ms
4 194.219.208.29 (194.219.208.29) 1.260 ms 0.766 ms 1.267 ms
MPLS Label=757472 CoS=5 TTL=1 S=0
5 xe-0-3-1.core-lsf-08.forthnet.gr (213.16.247.193) 15.388 ms 1.248
ms 1.446 ms
6 74.125.48.74 (74.125.48.74) 5.410 ms 5.378 ms 5.435 ms
7 72.14.237.27 (72.14.237.27) 12.224 ms 12.309 ms 72.14.237.189
(72.14.237.189) 5.354 ms
8 209.85.240.160 (209.85.240.160) 22.422 ms 35.365 ms 22.601 ms
MPLS Label=536927 CoS=5 TTL=1 S=0
9 216.239.57.244 (216.239.57.244) 43.196 ms 209.85.242.79
(209.85.242.79) 40.263 ms 216.239.57.244 (216.239.57.244) 43.387 ms
MPLS Label=27555 CoS=5 TTL=1 S=0
10 209.85.251.178 (209.85.251.178) 41.581 ms 209.85.143.25
(209.85.143.25) 36.869 ms 66.249.95.39 (66.249.95.39) 44.804 ms
MPLS Label=24801 CoS=5 TTL=1 S=0
11 216.239.49.244 (216.239.49.244) 44.189 ms 74.125.37.154
(74.125.37.154) 47.331 ms 216.239.49.244 (216.239.49.244) 48.582 ms
MPLS Label=549098 CoS=5 TTL=1 S=0
12 209.85.246.135 (209.85.246.135) 47.964 ms 209.85.251.231
(209.85.251.231) 42.683 ms 72.14.238.215 (72.14.238.215) 43.525 ms
13 * * *
14 ns3.google.com (216.239.36.10) 49.559 ms 48.009 ms 48.148 ms
[root at syz3ns03 ~]#
Any ideas please?
Sot.
More information about the bind-users
mailing list