|
|
| Author |
Message |
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
 Posted: 12/01/04 - 01:52 Post subject: realpoor I need your help
|
|
|
All-
I am trying to troubleshoot a DNS issue. So if you all would so kind as to do the following for me I'd really appreciate it.
Try to browse to the following web address:
www.dailydispatch.com
Report whether or not you were able to reach the above website and who your ISP and physical location is in this thread (or via PM). I am asking you all this as I'm trying to track down a hard to reproduce bug in some name server software/database backend that I administer for a client of mine. It only takes a second and allows me to get a large cross section of users across various ISP's so I can see if I can draw a commonality between people's ability to get to the site.
|
|
|
Back to top
|
|
|
|
 |
khrath
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 8750
|
|
|
Back to top
|
|
|
|
|
Spitulski
RealPoor Guru
Joined: 23 Nov 2002
Posts: 4344
Location: Washington
|
|
Posted: 12/01/04 - 02:17 Post subject:
|
|
|
Qwest.net home DSL
Vancouver, WA
Content loaded
Having said that, a tracert dies once it hits IINet's ac3 access router at 198.145.240.67. Dunno if that helps.
|
|
|
Back to top
|
|
|
|
|
Okami
RealPoor Guru
Joined: 11 Oct 2002
Posts: 2242
Location: The new board
|
|
Posted: 12/01/04 - 03:53 Post subject:
|
|
|
I was able to browse fine.
hayward, California
Comcast
|
|
|
Back to top
|
|
|
|
|
r00typooh
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 5178
Location: Miami, FL
|
|
Posted: 12/01/04 - 04:32 Post subject:
|
|
|
i had a big post for you but closed realpoor accidently... so now you get the summary
bellsouth DSL (uunet/level3) (miami)
browse to the site fine
server with GNAX (lots of providers, check their site for info) (atlanta)
browse to the site fine
server with FDC (cogent, yipes, xo, and level3) (chicago)
browse to the site fine
if i can help you with anything, let me know. 
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/01/04 - 04:52 Post subject:
|
|
|
| r00tus wrote: | i had a big post for you but closed realpoor accidently... so now you get the summary
bellsouth DSL (uunet/level3) (miami)
browse to the site fine
server with GNAX (lots of providers, check their site for info) (atlanta)
browse to the site fine
server with FDC (cogent, yipes, xo, and level3) (chicago)
browse to the site fine
if i can help you with anything, let me know. |
Thanks man I appreciate it. Its a really weird problem. I have a similar issue on my deployment on my server and the domain www.techiekb.com and its completely random. Its usually the third level domain that won't resolve so www.techiekb.com doesn't resolve but techiekb.com resolves. And its the same issue with www.dailydispatch.com as well. There's nothing in the logs showing an error. Usually when someone says it doesn't work I tail the logs and I never see the inbound request for the hostname which tells me its usually caching nameservers that are returning nx domain when someone can't browse, but the question is at some point that server responding that way had to have made a query to my server and received an NX domain response. I've checked google to see if it might be that maybe MySQL is just has issues with a bunch of simultaneous connections but that doesn't seem to be a problem (for reference at peak I've seen as many as 40 child MySQL processes running) and right now its at about 24 running children.
Also for reference I'm using the MySQL SDB which is the simplified driver for Bind which allows it to access a MySQL database. There are other drivers out there for Postgres and ODBC and other shit too but I chose MySQL since I know it best. I'm not seeing any errors in either the Bind logs or the SQL logs either as I mentioned already so its really sketchy on whats going on. I'm not sure if its the SQL patch for Bind or Bind itself ... I know when Bind is running using its native flat file format it works fine all the time AFAIK.
Anyways thats what I've got going on. 2 boxes are running Redhat 9 and the other is running Slackware 9.1. Also worth mentioning is that all servers when issues are reported resolve the affected domains when queried directly.
*ninja edit* Also if you guys are interested here's the webapp I wrote to control the whole shebang. www.techiekb.com/projects/dnsadmin
Login = demo
pass = demo
I have db replication working across multiple hosts yadda yadda anyways its pretty cool stuff if you're a geek like me heh.
|
|
|
Back to top
|
|
|
|
|
khrath
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 8750
|
|
Posted: 12/01/04 - 06:03 Post subject:
|
|
|
|
do you have another nameserver out there that could be corrupting your info with the root servers?
|
|
|
Back to top
|
|
|
|
|
khrath
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 8750
|
|
Posted: 12/01/04 - 06:05 Post subject:
|
|
|
|
I actually had something like this once....i think i fixed it by telling bind to listen only on a specific interface for requests.
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/01/04 - 06:06 Post subject:
|
|
|
| khrath wrote: | | do you have another nameserver out there that could be corrupting your info with the root servers? |
I wondered that too but in the case of my domain techiekb.com its all squared away. There was an issue with the root's having the wrong info for the DNS server IP for dailydispatch.com for awhile but thats been resolved as well. I tried digging directly at the roots but I think they have recursion disabled.
|
|
|
Back to top
|
|
|
|
|
khrath
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 8750
|
|
Posted: 12/01/04 - 06:21 Post subject:
|
|
|
whois is your friend
[james@khrath ~] whois dailydispatch.com
Whois Server Version 1.3
>CUT ALOT OF BS OUT<
Domain servers in listed order:
Name Server: ns1.ifpdx.com
Name Server: ns2.ifpdx.com
Name Server: ns3.ifocus-astoria.com
[james@khrath ~] ping -c 5 ns3.ifocus-astoria.com
ping: cannot resolve ns3.ifocus-astoria.com: Host name lookup failure
Your third server doesn't exist, thats why requests are timing out.
WOULD YOU LIKE FRIES WITH THAT BABY???
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/01/04 - 06:41 Post subject:
|
|
|
| khrath wrote: | whois is your friend
[james@khrath ~] whois dailydispatch.com
Whois Server Version 1.3
>CUT ALOT OF BS OUT<
Domain servers in listed order:
Name Server: ns1.ifpdx.com
Name Server: ns2.ifpdx.com
Name Server: ns3.ifocus-astoria.com
[james@khrath ~] ping -c 5 ns3.ifocus-astoria.com
ping: cannot resolve ns3.ifocus-astoria.com: Host name lookup failure
Your third server doesn't exist, thats why requests are timing out.
WOULD YOU LIKE FRIES WITH THAT BABY??? |
Do you think that would cause something as random as this? Some kind of DNS poisoning by proxy?
|
|
|
Back to top
|
|
|
|
|
khrath
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 8750
|
|
Posted: 12/01/04 - 06:48 Post subject:
|
|
|
why does yahoo have like 50 dns servers?
they use them all for load balancing.
when you send a request to a dns server that doesn't exist, you get a time out. you wont always get this time out though because you have 2 perfectly good dns servers to use, but on occasion, this third will be sent a request.
have the third dns server removed, should fix it.
|
|
|
Back to top
|
|
|
|
|
kemble
RealPoor Sensei
Joined: 14 Oct 2002
Posts: 1909
Location: MI
|
|
Posted: 12/01/04 - 09:40 Post subject:
|
|
|
Yes, Yahoo uses them for load balancing, but they also have a DNS load balancing system in place.
In a normal system, requests for DNS should not be going to the tertiary server unless the first 2 are down or at their connection limit.
|
|
|
Back to top
|
|
|
|
|
r00typooh
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 5178
Location: Miami, FL
|
|
Posted: 12/01/04 - 11:58 Post subject:
|
|
|
|
khrath, ur so smart...
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/01/04 - 13:57 Post subject:
|
|
|
|
Well I fixed the issue with the tertiary server. However the guy who I do the work for decided to point it to another DNS host until the *issues* can be resolved yet everyone who has posted or pm'd me or I've asked via chat has said it was working fine. So I'm not sure what the deal is now sigh.
|
|
|
Back to top
|
|
|
|
|
kemble
RealPoor Sensei
Joined: 14 Oct 2002
Posts: 1909
Location: MI
|
|
Posted: 12/01/04 - 14:25 Post subject:
|
|
|
How can you fix it, if you are no longer receiving the DNS traffic? 
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/01/04 - 18:11 Post subject:
|
|
|
| kemble wrote: | | How can you fix it, if you are no longer receiving the DNS traffic? |
yea exactly.. I don't think anything is broken. I got a cross sample from you guys and it was all working for everyone until he changed shit with the registrar =\
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/03/04 - 03:25 Post subject:
|
|
|
|
I wanted to say thanks to all the people who replied and PM'd me.. Unfortunately it looks like its a bug that doesn't show itself all the time so its really fscking hard to find. If anyone has the time and willingness to help me debug A) Bind B) Mysql C) The Patch that enables the driver so the 2 can talk (written in C) I'd be most appreciative.
|
|
|
Back to top
|
|
|
|
|
khrath
RealPoor Master of Posts
Joined: 11 Oct 2002
Posts: 8750
|
|
Posted: 12/03/04 - 03:30 Post subject:
|
|
|
|
I don't use mysql with bind, I do it the old fashioned way with a mess of zone files, sorry.
|
|
|
Back to top
|
|
|
|
|
gotissues68
RealPoor Sensei
Joined: 21 Aug 2003
Posts: 1866
|
|
Posted: 12/03/04 - 14:12 Post subject:
|
|
|
| khrath wrote: | | I don't use mysql with bind, I do it the old fashioned way with a mess of zone files, sorry. |
dirty jew 
|
|
|
Back to top
|
|
|
|
|
Fattguyy
RealPoor Master of Posts
Joined: 09 Sep 2003
Posts: 9911
Location: Shreveport, Louisiana
|
|
Posted: 12/03/04 - 14:15 Post subject:
|
|
|
|
You need penis in your face, that`s all the help you get from me.
|
|
|
Back to top
|
|
|
|
|
|
|
