----- "Torsten" <t...@the-damian.de> wrote: > Am Tue, 14 Sep 2010 08:23:03 +0200 > schrieb Torsten <t...@the-damian.de>: > > > Am Tue, 14 Sep 2010 05:15:16 +0000 (UTC) > > schrieb cybers...@comcast.net: > > > > > > > > > > > > > > Hello List, > > > > > > > > > > > > I've run into an issue that has me stumped for the time being. > I'm > > > working on a website that is hosted on a delegated subdomain. The > > > site is www-mbclive.mbc.irides.com. The mbc.irides.com subdomain > is > > > delegated to two Barracuda load balancers known as > > > dns1.mbc.irides.com and dns2.mbc.irides.com. > > > > > > > > > > > > DNS seems to work fine for the majority of our users, however, in > > > the past week we've heard from many Verizon FIOS users that they > are > > > unable to visit the site due to resolution issues. One sent in a > dig > > > from his home computer and I was wondering why he doesn't receive > an > > > answer: > > > > > > > > > > > > scott$ dig @71.252.0.12 www-mbclive.mbc.irides.com > > > > > > ; <<>> DiG 9.6.0-APPLE-P2 <<>> @71.252.0.12 > > > www-mbclive.mbc.irides.com ; (1 server found) > > > ;; global options: +cmd > > > ;; Got answer: > > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62184 > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, > ADDITIONAL: > > > 0 > > > > > > ;; QUESTION SECTION: > > > ;www-mbclive.mbc.irides.com. IN A > > > > > > ;; AUTHORITY SECTION: > > > www-mbclive.mbc.irides.com. 10 IN SOA > dns1.mbc.irides.com. > > > 1. 3600 3600 3600 3600 3600 > > > > > > ;; Query time: 20 msec > > > ;; SERVER: 71.252.0.12#53(71.252.0.12) > > > ;; WHEN: Mon Sep 13 21:31:08 2010 > > > ;; MSG SIZE rcvd: 86 > > > > > > > > > > > > Can anyone tell if there is a DNS issue on our end that may cause > us > > > to not play nice w/ Verizon? This issue just popped up in the > last > > > two weeks. Prior to that time visitors were not complaining. Any > > > assistance is greatly appreciated. > > > > > > > I'm having troubles getting an answer from both dns1.mbc.irides.com > > and dns2.mbc.irides.com for www-mbclive.mbc.irides.com. > > > > A dig query freezes for about 12 seconds before returning an > answer. > > Maybe there's a problem with a misconfigured firewall. > > > > [...@localhost ~]$ traceroute -q 1 dns2.mbc.irides.com > > traceroute to dns2.mbc.irides.com (209.252.251.240), 30 hops max, > 60 > > byte packets 1 10.43.64.254 (10.43.64.254) 0.336 ms > > 2 vl67.cr30.isham.de.easynet.net (194.64.6.252) 0.927 ms > > 3 ge1-5.br2.isham.de.easynet.net (194.64.4.126) 0.695 ms > > 4 ge3-0-2.gr10.isham.de.easynet.net (87.86.71.244) 0.632 ms > > 5 te2-0-0.gr10.ixfra.de.easynet.net (87.86.77.95) 9.862 ms > > 6 ge-5-1-4.edge3.frankfurt1.level3.net (212.162.40.77) 9.964 ms > > 7 vlan79.csw2.Frankfurt1.Level3.net (4.68.23.126) 18.392 ms > > 8 ae-72-72.ebr2.Frankfurt1.Level3.net (4.69.140.21) 10.387 ms > > 9 ae-41-41.ebr2.washington1.level3.net (4.69.137.50) 98.620 ms > > 10 ae-5-5.ebr2.washington12.level3.net (4.69.143.222) 101.159 ms > > 11 ae-6-6.ebr2.chicago2.level3.net (4.69.148.146) 113.618 ms > > 12 ae-22-52.car2.chicago2.level3.net (4.69.138.165) 115.322 ms > > 13 paetec-comm.car2.chicago2.level3.net (4.71.250.34) 115.955 ms > > 14 gi-3-1-0.core01.chcgil01.paetec.net (66.155.191.97) 139.525 ms > > 15 po-4-0-0.core02.rochny01.paetec.net (64.80.253.217) 137.915 ms > > 16 gi-6-0-0.edge02.rochny01.paetec.net (66.155.216.183) 140.368 > ms > > 17 * > > 18 * > > 19 * > > 20 * > > 21 * > > 22 * > > 23 * > > 24 * > > 25 * > > 26 * > > 27 * > > 28 * > > 29 * > > 30 * > > > > > I just noticed that the problem might as well be the very short TTL > of > the NS A Records of 10 seconds.
Thanks Torsten, the low TTL's have to do with us using the LB's in a failover environment between two locations. Today I was given access to a Linux box on the Verizon network that is using their DNS server 71.252.0.12, which is affected by this problem. Digs and pings to www-mbclive.mbc.irides.com from this device fail. What can I do to better test and pinpoint the cause of the failure? _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
