date:20200907

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

2020-09-07 Thread Robert Kisteleki

Hello,

> Since the main weakness of this domain is the lack of diversity in
> authoritative name servers' IP addresses, I guess that your problem
> comes from a routing issue between RIPE NCC and 158.108.0.0/16 (and
> 2406:3100::/32). Another guess (may be they're both true): the message
> "kasetsart.university is of an unsupported resource type. It should be
> a hostname." may come from a obsolete hardcoded list of TLDs at
> RIPEstat (the other names are ancient TLDs).

Indeed we needed to tend to RIPEstat to fix this. Christian writes in
his tweet:

"An operational change caused a regression in the parsing of domain
names on #RIPEstat and some new TLDs were not recognised. A fix has been
deployed! Apologies for this inconvenience."

https://twitter.com/christian_toysh/status/1302902462429396992

Cheers,
Robert
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

2020-09-07 Thread Stephane Bortzmeyer

On Mon, Sep 07, 2020 at 10:43:57AM +0200,
 Stephane Bortzmeyer  wrote 
 a message of 22 lines which said:

> Since the main weakness of this domain is the lack of diversity in
> authoritative name servers' IP addresses, I guess that your problem
> comes from a routing issue between RIPE NCC and 158.108.0.0/16 (and
> 2406:3100::/32).

Speaking of routing, and while it is probably not the root cause of
your problem, you may want to review the security of
158.108.0.0/16. There is one ROA for the origin 9411 (OK) but also
route objects for other origins such as 4618. One of them is in the
NTT IRR (others in RADB, which is probably less reliable).

Anyway, some RIPE Atlas probes seem to have trouble reaching your name servers:

% blaeu-resolve -r 100 --nameserver 158.108.216.53 --type A kasetsart.university
Nameserver 158.108.216.53
[158.108.216.5] : 20 occurrences 
[TIMEOUT] : 2 occurrences 
Test #27041050 done at 2020-09-07T08:50:23Z

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

2020-09-07 Thread Ralf Weber


Moin!

On 7 Sep 2020, at 9:52, Pirawat WATANAPONGSE wrote:


First of all, my apologies if my topic is wrong for this mailing list.
If that’s the case, please kindly point me to the site/community 
that can

help me.

Today [2020-09-07],
I notice that one of our zones, “kasetsart.university”, is no 
longer

recognized by the RIPEstat Tool Suite [Reference:
https://stat.ripe.net/widget/reverse-dns-ip#w.resource=158.108.216.5],
although (I believe that) we have set it up the same way as any other 
zones

under our care.

The thing is... the suite used to work just fine until today.

Background information: the “domain” in question is registered 
with GoDaddy

[Reference: https://bgp.he.net/dns/kasetsart.university#_whois]

Myself being a definite Amateur Level at this, I am out of my depth as 
to

how to further investigate this ‘symptom’.
Well there is nothing wrong with your DNS, so everybody should be able 
to

resolve and reach your domain:

dig +short -x 158.108.216.5
ku.ac.th.
ku.th.
www.ku.ac.th.
www.ku.th.
www.kasetsart.org.
www.kasetsart.university.
www.kasetsart-university.org.
kasetsart.org.
kasetsart.university.
kasetsart-university.org.

dig +short kasetsart.university.
158.108.216.5

So I assume something with RIPE stats changed or failed. You can contact 
them

at:
s...@ripe.net

The one thing I noted though is that when I use a web browser to reach
https://kasetsart.university
the certificate presented is for *.ku.ac.th and not 
kasetsart.university.


So long
-Ralf
—--
Ralf Weber
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

2020-09-07 Thread Stephane Bortzmeyer

On Mon, Sep 07, 2020 at 02:52:45PM +0700,
 Pirawat WATANAPONGSE  wrote 
 a message of 123 lines which said:

> I notice that one of our zones, “kasetsart.university”, is no longer
> recognized by the RIPEstat Tool Suite [Reference:
>
>https://stat.ripe.net/widget/reverse-dns-ip#w.resource=158.108.216.5],

For me, the domain kasetsart.university works fine. It is also the
opinion of Zonemaster 
and of DNSviz
.

Since the main weakness of this domain is the lack of diversity in
authoritative name servers' IP addresses, I guess that your problem
comes from a routing issue between RIPE NCC and 158.108.0.0/16 (and
2406:3100::/32). Another guess (may be they're both true): the message
"kasetsart.university is of an unsupported resource type. It should be
a hostname." may come from a obsolete hardcoded list of TLDs at
RIPEstat (the other names are ancient TLDs).

___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

[dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

2020-09-07 Thread Pirawat WATANAPONGSE

Dear all ,


First of all, my apologies if my topic is wrong for this mailing list.
If that’s the case, please kindly point me to the site/community that can
help me.

Today [2020-09-07],
I notice that one of our zones, “kasetsart.university”, is no longer
recognized by the RIPEstat Tool Suite [Reference:
https://stat.ripe.net/widget/reverse-dns-ip#w.resource=158.108.216.5],
although (I believe that) we have set it up the same way as any other zones
under our care.

The thing is... the suite used to work just fine until today.

Background information: the “domain” in question is registered with GoDaddy
[Reference: https://bgp.he.net/dns/kasetsart.university#_whois]

Myself being a definite Amateur Level at this, I am out of my depth as to
how to further investigate this ‘symptom’.

Therefore, I would like to humbly ask the following questions:
1. How can I know where the problem lies: Is it my own authoritative
servers, or the “university” zone servers, or the RIPEstat Suite? Or is
there a ‘domain-war’ going on that I am not aware of?
2. What are the effects to that zone from the outsiders’ point-of-view? Is
my zone now ‘invisible’ to the outside world?

Thanks in advance for all the help on this matter.


Best regards,

Pirawat.

-- 
_/_/  _/_/ _/_/   _/_/ Assist.Prof. Pirawat WATANAPONGSE,
Ph.D.
   _/_/_/_/   _/_/   _/_/ Department of Computer Engineering
  _/_/  _/_/ _/_/   _/_/ Kasetsart University, Bangkhen (Main)
Campus
 _/_/_/_/   _/_/   _/_/ Bangkok 10900, THAILAND
_/_/_/_/   _/_/   _/_/ eMail: pirawa...@ku.th or
pirawa...@ku.ac.th
   _/_/  _/_/ _/_/   _/_/ Tel: +66 2 797 0999 extension 1417
  _/_/_/_/_/_/_/_/_/_/ Fax: +66 2 579 6245
_/_/  _/_/  _/_/_/_/http://www.cpe.ku.ac.th/~pw/
___
dns-operations mailing list
dns-operations@lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

Re: [dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

[dns-operations] Seeking Advice: RIPEstat no longer recognizes my sub-zone under .university

5 matches

Site Navigation

Mail list logo

Footer information