Re: [dns-operations] weird DNS problem
On Wed, Jun 26, 2013 at 11:15:32PM -0500, alex flores a...@mordormx.net wrote a message of 58 lines which said: One more weird thing is that just as the problem appeared, just dissapeared from the dns affected and it start to work correctly, but now we received the report from another dns So it looks like the condition that block the dns communication dissapear and then apply to another dns. So it smells like a network problem. They are typically transient. alejandro.flo...@mexis.net: Host or domain name not found. Name service error for name=mexis.net type=MX: Host not found, try again You have only two authoritative name servers, in the same /16 and the same AS. From traceroute, they also seem to be in the same physical location. That is not enough to providence resilience and reliability. A network issue with this prefix/AS/location is sufficient to explain the symptoms you describe. DNS depends on IP, remember. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] weird DNS problem
You have only two authoritative name servers, in the same /16 and the same AS. From traceroute, they also seem to be in the same physical location. That is not enough to providence resilience and reliability. A network issue with this prefix/AS/location is sufficient to explain the symptoms you describe. DNS depends on IP, remember. i privately pointed him to 2182. of course that only deals with his L3 problem. randy ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
[dns-operations] weird DNS problem
Hi there This is Alejandro Flores from Mexis, an ISP in Mexico city We are having some weirs issues we would like to share with the list, looking for some help or comment We have 2 authoritative DNS 207.249.67.253 and 207.249.77.253. (ns1.infoacces.net and ns2.infoacces.net) In the last 2 weeks we have been receiving some users reports about problems to have email delivered from our mail server to external email servers (and from external servers to our server). As usual we verify the logs and we started to see problems related with reverse, however our reverse are correct, so we checked the DNS used by the remote provider, the result is that their dns is unable to reach our DNS We check any firewall policy that could be blocking the request but thats not the case. We checked our DNS, but these hasnt been changed in a long time Again, using an external affected DNS we enable the debug, and we noticed that the DNS was unable to get the TLD Servers from the root servers, Thats a theory about the possible reason to the situation. One more weird thing is that just as the problem appeared, just dissapeared from the dns affected and it start to work correctly, but now we received the report from another dns So it looks like the condition that block the dns communication dissapear and then apply to another dns. In this moment for example aol.com is affected, if i try to send me an email from aol the bounce error is - The delivery status notification errors - alejandro.flo...@mexis.net: Host or domain name not found. Name service error for name=mexis.net type=MX: Host not found, try again But if i use gmail or any other email service it works. Any tip or idea to solve this situation? The dns logs just dont show anything, cause the dns request never reach the dns, in fact is the user in a server affected query our dns he receive the correct response, so maybe the problem could be that the dns query is unable to get the authoritative dns... may be. Thanks for any comment Alejandro Flores L. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] weird DNS problem
Whois shows recent changes. As you are with NetSol you may have been caught up in last week's debacle. Unfortunately there isn't a free way to lookup back at recent changes to whois data. Database last updated on 27-Jun-2013 00:27:16 EDT. Mark In message CAEPLxq_y-s9UN8VXZZT_mjbDCuSueO-HZD==NSYKwVuUJR-=t...@mail.gmail.com , alex flores writes: Hi there This is Alejandro Flores from Mexis, an ISP in Mexico city We are having some weirs issues we would like to share with the list, looking for some help or comment We have 2 authoritative DNS 207.249.67.253 and 207.249.77.253. (ns1.infoacces.net and ns2.infoacces.net) In the last 2 weeks we have been receiving some users reports about problems to have email delivered from our mail server to external email servers (and from external servers to our server). As usual we verify the logs and we started to see problems related with reverse, however our reverse are correct, so we checked the DNS used by the remote provider, the result is that their dns is unable to reach our DNS We check any firewall policy that could be blocking the request but thats not the case. We checked our DNS, but these hasnt been changed in a long time Again, using an external affected DNS we enable the debug, and we noticed that the DNS was unable to get the TLD Servers from the root servers, Thats a theory about the possible reason to the situation. One more weird thing is that just as the problem appeared, just dissapeared from the dns affected and it start to work correctly, but now we received the report from another dns So it looks like the condition that block the dns communication dissapear and then apply to another dns. In this moment for example aol.com is affected, if i try to send me an email from aol the bounce error is - The delivery status notification errors - alejandro.flo...@mexis.net: Host or domain name not found. Name service err or for name=mexis.net type=MX: Host not found, try again But if i use gmail or any other email service it works. Any tip or idea to solve this situation? The dns logs just dont show anything, cause the dns request never reach the dns, in fact is the user in a server affected query our dns he receive the correct response, so maybe the problem could be that the dns query is unable to get the authoritative dns... may be. Thanks for any comment Alejandro Flores L. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs