Domain unresolved in Singapore
Mark Andrews
Mark_Andrews at isc.org
Tue Feb 19 22:29:08 UTC 2008
>
> On Tue, 2008-02-19 at 09:43 +0100, Stephane Bortzmeyer wrote:
> > On Tue, Feb 19, 2008 at 03:30:48PM +0700,
> > Kadek Hendra Lesmana <ikadek at gmail.com> wrote
> > a message of 10 lines which said:
> >
> > > Why this address is unresolved in Singapore but it's okay in Germany?
> > > I checked with DNS Report from DNS-Stuff and no error, only some
> > > warning.
> >
> > Bad tools, use another tool.
> >
> > Zonecheck (http://www.zonecheck.fr/) clearly indicates the problem:
> > only two name servers and probably in the same room, which means that
> > any network glitch will prevent name resolution. Use more diverse name ser
> vers.
>
> The fact that these servers are on the same subnet or in the same AS
> does not necessarily mean they're in the same room. There are plenty of
> ways to build fault tolerance into the underlying network that render
> this kind of warning meaningless.
>
> Maybe they are in the same room, and there was a problem with one or
> both at the time the OP was testing. They certainly are up now.
>
> Is the problem ongoing? What does a dig +trace guentner-asiapacific.com
> from Singapore look like?
It would help to fix the broken delegation. Nothing will be
reliable until that is fixed.
guentner-asiapacific.com. 172800 IN NS ns1.guentner.co.id.
guentner-asiapacific.com. 172800 IN NS ns2.guentner.co.id.
;; Received 97 bytes from 192.26.92.30#53(C.GTLD-SERVERS.NET) in 446 ms
slox.guentner-asiapacific.com. 300 IN A 222.124.211.242
guentner-asiapacific.com. 300 IN NS ns2.guentner-asiapacific.com.
guentner-asiapacific.com. 300 IN NS ns1.guentner-asiapacific.com.
;; Received 131 bytes from 222.124.211.227#53(ns1.guentner.co.id) in 496 ms
> > w> IP addresses are likely to be all on the same subnet
> > | Adv: ZoneCheck
> > | To avoid loosing all connectivity with the authoritative DNS in case
> > | of network outage it is advised to host the DNS on different networks.
> > |
> > | Ref: IETF RFC2182 (Abstract)
> > | The Domain Name System requires that multiple servers exist for every
> > | delegated domain (zone). This document discusses the selection of
> > | secondary servers for DNS zones. Both the physical and topological
> > | location of each server are material considerations when selecting
> > | secondary servers. The number of servers appropriate for a zone is also
> > | discussed, and some general secondary server maintenance issues
> > | considered.
> > `----- -- -- - - -
> > : All the servers are likely to be on the subnet 222.124.211.224/28,
> > : try moving some of them to another subnet.
> > `..... .. .. . . .
> > => generic
> >
> > w> Nameservers are all part of the same AS
> > | Adv: ZoneCheck
> > | To avoid loosing all connectivity with the authoritative DNS in case
> > | of a routing problem inside your Autonomous System, it is advised to
> > | host the DNS on different AS.
> > `----- -- -- - - -
> > : All the nameservers are part of the same Autonomous System (AS number
> > : 17974), try to have some of them hosted on another AS.
> > `..... .. .. . . .
> > => generic
> >
> --
> Jeff Reasoner
> HCCA
> 513 728-7902 voice
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list