Domain unresolved in Singapore

Mark Andrews Mark_Andrews at isc.org
Tue Feb 19 22:29:08 UTC 2008 

> 
> On Tue, 2008-02-19 at 09:43 +0100, Stephane Bortzmeyer wrote:
> > On Tue, Feb 19, 2008 at 03:30:48PM +0700,
> >  Kadek Hendra Lesmana <ikadek at gmail.com> wrote 
> >  a message of 10 lines which said:
> > 
> > > Why this address is unresolved in Singapore but it's okay in Germany?
> > > I checked with DNS Report from DNS-Stuff and no error, only some
> > > warning.
> > 
> > Bad tools, use another tool.
> > 
> > Zonecheck (http://www.zonecheck.fr/) clearly indicates the problem:
> > only two name servers and probably in the same room, which means that
> > any network glitch will prevent name resolution. Use more diverse name ser
> vers.
> 
> The fact that these servers are on the same subnet or in the same AS
> does not necessarily mean they're in the same room. There are plenty of
> ways to build fault tolerance into the underlying network that render
> this kind of warning meaningless.
> 
> Maybe they are in the same room, and there was a problem with one or
> both at the time the OP was testing. They certainly are up now.
> 
> Is the problem ongoing? What does a dig +trace guentner-asiapacific.com
> from Singapore look like?

	It would help to fix the broken delegation.  Nothing will be
	reliable until that is fixed.

guentner-asiapacific.com. 172800 IN     NS      ns1.guentner.co.id.
guentner-asiapacific.com. 172800 IN     NS      ns2.guentner.co.id.
;; Received 97 bytes from 192.26.92.30#53(C.GTLD-SERVERS.NET) in 446 ms

slox.guentner-asiapacific.com. 300 IN   A       222.124.211.242
guentner-asiapacific.com. 300   IN      NS      ns2.guentner-asiapacific.com.
guentner-asiapacific.com. 300   IN      NS      ns1.guentner-asiapacific.com.
;; Received 131 bytes from 222.124.211.227#53(ns1.guentner.co.id) in 496 ms

	
> > w> IP addresses are likely to be all on the same subnet
> >  | Adv: ZoneCheck
> >  |   To avoid loosing all connectivity with the authoritative DNS in case
> >  | of network outage it is advised to host the DNS on different networks.
> >  | 
> >  | Ref: IETF RFC2182 (Abstract)
> >  |   The Domain Name System requires that multiple servers exist for every
> >  | delegated domain (zone). This document discusses the selection of
> >  | secondary servers for DNS zones. Both the physical and topological
> >  | location of each server are material considerations when selecting
> >  | secondary servers. The number of servers appropriate for a zone is also
> >  | discussed, and some general secondary server maintenance issues
> >  | considered.
> >  `----- -- -- - -  -
> >  :   All the servers are likely to be on the subnet 222.124.211.224/28,
> >  : try moving some of them to another subnet.
> >  `..... .. .. . .  .
> > => generic
> > 
> > w> Nameservers are all part of the same AS
> >  | Adv: ZoneCheck
> >  |   To avoid loosing all connectivity with the authoritative DNS in case
> >  | of a routing problem inside your Autonomous System, it is advised to
> >  | host the DNS on different AS.
> >  `----- -- -- - -  -
> >  :   All the nameservers are part of the same Autonomous System (AS number
> >  : 17974), try to have some of them hosted on another AS.
> >  `..... .. .. . .  .
> > => generic
> > 
> -- 
> Jeff Reasoner
> HCCA
> 513 728-7902 voice
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list