Some ISP's having problem with my www subdomain

Jeff Lasman blists at nobaloney.net
Fri Feb 27 03:02:23 UTC 2004 

On Wednesday 25 February 2004 03:52 pm, Bill wrote:

> In talking to Yahoo, they obviously claim that everything is perfect
> on their end since they themselves can hit both www.lucidsage.com and
> lucidsage.com and that the problem must be elsewhere. Unfortunately,
> I'm not familiar enough with how DNS works to know if they are
> correct or not.

Perfect? Will maybe to them.

For lucidsage.com they return a list of 20 congtiguous A records, all on 
the same network.

For www.lucidsage.com they return two CNAME records, one to 
geo.premiumservices.yahoo.com, and one to premium.geo.yahoo.akadns.net 
(akami?).

Then for premium.geo.yahoo.akadns.net they return 8 A records, which all 
appear to be a subset of those A records they returned for 
lucidsage.com.

A bit messy perhaps.

> Our IT staff found a problem where some of
> our DNS queries were being dropped because our firewall was limiting
> UDP packets to 512 bytes but our Microsoft Windows Server 2003 was
> configured to allow packets greater than 512. When hitting a large
> site like Yahoo, whose DNS queries I 'assume' can contain
> significantly more data than smaller sites, those queries were being
> dropped because they were being sent in packets greater than the 512
> limit on the firewall.

And yes, definitely long enough to not make it through a firewall 
configured to only allow a limited of bytes through in a UDP packet.

> Could this same thing be happening with other ISPs? For example, a
> friend of mine using CompuServe cannot access www.lucidsage.com but
> CAN access lucidsage.com. Is it likely CompuServe (and who knows how
> many other ISPs) are having a problem like the one mentioned above?

Yes.

> Any thoughts or ideas?

Hit Yahoo with a cluestick?

Handle DNS for the domain yourself?

Note that the latter suggestion may not be feasible if indeed the "aka" 
indicates akami, as these records have extremely low TTLs, and the IP#s 
could change as often as every half minute.

Jeff
-- 
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html"

More information about the bind-users mailing list