Name servers that are offline, resolve for other carriers?
Mark Andrews
Mark_Andrews at isc.org
Tue Oct 19 23:50:28 UTC 2004
> I just was informed that cadoj-gwwa.doj.ca.gov was not able to
> resolve, I traced it back to doj.ca.gov nameservers are offline,
> ns1.doj.ca.gov and ns2.
Well the two servers most probably live on the same lan
which increases the likelyhood of single point failures
making them not visible from some points on the net.
ns1.doj.ca.gov. 4H IN A 167.10.5.248
ns2.doj.ca.gov. 4H IN A 167.10.5.249
Also how did you determine that they were offline? You
can't ping them. (I really don't know what the point of
blocking icmp echo to externally advertised services. It
doesn't hide the machine, icmp echo to unicast addresses
is not a security threat and it just makes remote diagnostics
harder.)
I would be looking for routing problems.
> Now if the servers are offline, and cant provide resolution. Why can
> other people? Where is it cached? I tried Verizon and BT, both
> resolve.
>
> Is there some dns caching software that everyone is using that I'm not
> aware of?
>
> Any ideas, Tired of people saying "It resolves on the desktop
> network!", when the customers name servers are offline.
>
> Thanks.
>
; <<>> DiG 9.3.1prerelease <<>> +trace cadoj-gwwa.doj.ca.gov
;; global options: printcmd
. 187347 IN NS M.ROOT-SERVERS.NET.
. 187347 IN NS A.ROOT-SERVERS.NET.
. 187347 IN NS B.ROOT-SERVERS.NET.
. 187347 IN NS C.ROOT-SERVERS.NET.
. 187347 IN NS D.ROOT-SERVERS.NET.
. 187347 IN NS E.ROOT-SERVERS.NET.
. 187347 IN NS F.ROOT-SERVERS.NET.
. 187347 IN NS G.ROOT-SERVERS.NET.
. 187347 IN NS H.ROOT-SERVERS.NET.
. 187347 IN NS I.ROOT-SERVERS.NET.
. 187347 IN NS J.ROOT-SERVERS.NET.
. 187347 IN NS K.ROOT-SERVERS.NET.
. 187347 IN NS L.ROOT-SERVERS.NET.
;; Received 500 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
gov. 172800 IN NS F.GOV.ZONEEDIT.COM.
gov. 172800 IN NS G.GOV.ZONEEDIT.COM.
gov. 172800 IN NS A.GOV.ZONEEDIT.COM.
gov. 172800 IN NS B.GOV.ZONEEDIT.COM.
gov. 172800 IN NS C.GOV.ZONEEDIT.COM.
gov. 172800 IN NS D.GOV.ZONEEDIT.COM.
gov. 172800 IN NS E.GOV.ZONEEDIT.COM.
;; Received 279 bytes from 2001:dc3::35#53(M.ROOT-SERVERS.NET) in 374 ms
ca.gov. 10800 IN NS NS1.NET.ca.gov.
ca.gov. 10800 IN NS NS2.NET.ca.gov.
ca.gov. 10800 IN NS NS3.NET.ca.gov.
;; Received 145 bytes from 66.197.185.229#53(F.GOV.ZONEEDIT.COM) in 269 ms
doj.ca.gov. 86400 IN NS ns1.doj.ca.gov.
doj.ca.gov. 86400 IN NS ns2.doj.ca.gov.
;; Received 107 bytes from 134.186.254.252#53(NS1.NET.ca.gov) in 190 ms
cadoj-gwwa.doj.ca.gov. 14400 IN A 167.10.5.145
doj.ca.gov. 14400 IN NS ns1.doj.ca.gov.
doj.ca.gov. 14400 IN NS ns2.doj.ca.gov.
;; Received 123 bytes from 167.10.5.248#53(ns1.doj.ca.gov) in 193 ms
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list