nanog mailing list archives
Re: Weird DNS issues for domains
From: Bjørn Mork <bjorn () mork no>
Date: Thu, 29 Sep 2005 21:20:12 +0200
Matthew Crocker <matthew () crocker com> writes:
I just tested it from a Verizon DSL host and it worked. You might want to consider reading RFC 2182 though, particularly the part about geographically diverse nameservers.Yeah, yeah, that is overrated. If my site goes dark and my DNS goes down it doesn't really matter as the bandwidth and the web server will also be down. Having a live DNS server in another part of the country won't help if the access routers handling the traffic for the T1 to the school is also down. Geographically diverse name servers sounds great in theory but for this application it won't gain any redundancy.
I wonder what that application could be... Single server with two addresses? Two servers behind a failing firewall? Well, if you don't care then why should we? There's definitely something seriously wrong with your configuration, and it is related to the two colocated servers. I sometimes get the result below. Works once, and then it fails because of answers from the wrong address: bjorn@canardo:~$ dig www.mtrsd.k12.ma.us @dns-auth1.crocker.com ; <<>> DiG 9.2.4 <<>> www.mtrsd.k12.ma.us @dns-auth1.crocker.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34405 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.mtrsd.k12.ma.us. IN A ;; ANSWER SECTION: www.mtrsd.k12.ma.us. 604800 IN A 159.250.29.161 ;; AUTHORITY SECTION: mtrsd.k12.ma.us. 604800 IN NS dns-auth2.crocker.com. mtrsd.k12.ma.us. 604800 IN NS dns-auth1.crocker.com. ;; ADDITIONAL SECTION: dns-auth2.crocker.com. 600 IN A 204.97.12.57 dns-auth1.crocker.com. 600 IN A 204.97.12.58 ;; Query time: 279 msec ;; SERVER: 204.97.12.58#53(dns-auth1.crocker.com) ;; WHEN: Thu Sep 29 21:11:17 2005 ;; MSG SIZE rcvd: 144 bjorn@canardo:~$ dig www.mtrsd.k12.ma.us @dns-auth2.crocker.com ; <<>> DiG 9.2.4 <<>> www.mtrsd.k12.ma.us @dns-auth2.crocker.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44398 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.mtrsd.k12.ma.us. IN A ;; ANSWER SECTION: www.mtrsd.k12.ma.us. 604800 IN A 159.250.29.161 ;; AUTHORITY SECTION: mtrsd.k12.ma.us. 604800 IN NS dns-auth2.crocker.com. mtrsd.k12.ma.us. 604800 IN NS dns-auth1.crocker.com. ;; ADDITIONAL SECTION: dns-auth2.crocker.com. 600 IN A 204.97.12.57 dns-auth1.crocker.com. 600 IN A 204.97.12.58 ;; Query time: 255 msec ;; SERVER: 204.97.12.57#53(dns-auth2.crocker.com) ;; WHEN: Thu Sep 29 21:11:21 2005 ;; MSG SIZE rcvd: 144 bjorn@canardo:~$ dig www.mtrsd.k12.ma.us @dns-auth1.crocker.com ;; reply from unexpected source: 204.97.12.57#53, expected 204.97.12.58#53 ;; reply from unexpected source: 204.97.12.57#53, expected 204.97.12.58#53 ; <<>> DiG 9.2.4 <<>> www.mtrsd.k12.ma.us @dns-auth1.crocker.com ;; global options: printcmd ;; connection timed out; no servers could be reached After a while the session seems to time out and things will work again. Once, before the same shit happens again. Bjørn
Current thread:
- Re: Weird DNS issues for domains, (continued)
- Re: Weird DNS issues for domains John Dupuy (Sep 29)
- Re: Weird DNS issues for domains Petri Helenius (Sep 29)
- Re: Weird DNS issues for domains Randy Bush (Sep 29)
- Re: Weird DNS issues for domains Todd Vierling (Sep 29)
- Re: Weird DNS issues for domains Crist Clark (Sep 29)
- Re: Weird DNS issues for domains Peter (Sep 30)
- Re: Weird DNS issues for domains Crist Clark (Sep 30)
- Re: Weird DNS issues for domains John Dupuy (Sep 29)
- Re: Weird DNS issues for domains Randy Bush (Sep 29)
- Re: Weird DNS issues for domains Todd Vierling (Sep 29)
- Re: Weird DNS issues for domains Bjørn Mork (Sep 29)
- Re: Weird DNS issues for domains Robert E . Seastrom (Sep 29)
- Re: Weird DNS issues for domains Mark Andrews (Sep 29)
- Re: off-list Re: Weird DNS issues for domains Edward Lewis (Sep 29)
- Re: Weird DNS issues for domains Simon Waters (Sep 30)