Sporadic resolution problems

Sten Carlsen ccc2716 at vip.cybercity.dk
Thu Jun 24 23:32:34 UTC 2004 

Matthew Hoskison wrote:
>>Possibly you should think along the line of access problems, ACLs, 
>>firewalls etc.
>>Is there any pattern in who gets good results and who gets bad? Internal 
>>/ external in some context?
>>    
>>
>
>There seems to be no rhyme or reason as to who gets successful resolutions and
>who gets failures, other than the subjective observation that the majority of
>the reports (aka complaints) of failure are from US clients.
>
>I'm tempted to think it could be a firewall issue, since I beefed up the
>iptables ruleset at roughly the time when the first issues were reported. ns1
>is a box at rackshack, and ns2 is right here next to me on a Sparc through a
>DSL link, so the only internal user in that respect is myself. Firewall issues
>would affect all clients, and there has not been a significant decrease in
>traffic *inside* the firewall on tcp/udp 53 since I changed the ruleset.
>
>I could happily delude myself that it was nothing more serious than a couple of
>packets dropping out for those who can't get resolution, if it were not for the
>fact that ISC and Google's mail servers can't resolve my primary mail domain of
>room41.net.
>
>Amongst those domains I know to be experiencing problems are room41.net,
>babysfirstsite.org and ill-behaviour.com. I'm at a loss as to where to look
>next. I throw myself upon your collective wisdom!
>
>
>
>		
>__________________________________
>Do you Yahoo!?
>Yahoo! Mail - 50x more storage than other providers!
>http://promotions.yahoo.com/new_mail
>
>  
>
Somehow you have what looks like delegation problems to me.
If I do dig room41.net from my PC, via my BIND server, I get a timeout.

If I try different I get:
silver:~>dig @195.137.113.86 ns1.room41.net

; <<>> DiG 8.3 <<>> @195.137.113.86 ns1.room41.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      ns1.room41.net, type = A, class = IN

;; ANSWER SECTION:
ns1.room41.net.         1H IN A         195.137.113.86

;; AUTHORITY SECTION:
room41.net.             3H IN NS        ns2.room41.com.
room41.net.             3H IN NS        ns1.room41.com.

;; ADDITIONAL SECTION:
ns1.room41.com.         3H IN A         216.127.74.118
ns2.room41.com.         3H IN A         195.137.113.86

;; Total query time: 94 msec
;; FROM: silver.s-carlsen.dk to SERVER: 195.137.113.86  195.137.113.86
;; WHEN: Fri Jun 25 01:24:30 2004
;; MSG SIZE  sent: 32  rcvd: 126

I am asking what according to whois is NS2... for the address of NS1.  
The answer section gives  NS1=195.137...  the additional section has a 
different address for NS1... and the NS1 address for NS2.

I am not sure what this means, except that it is a mess, that needs 
cleaning up.

-- 
Best regards

Sten Carlsen

No improvements come from shouting:

       "MALE BOVINE MANURE!!!"

More information about the bind-users mailing list