[Pdns-users] Problem with .au/.uk sites not resolving

bert hubert bert.hubert at netherlabs.nl
Fri May 24 17:59:55 UTC 2013 

Hi Tony,

So from what I understand, your issue is with resolving domains that are not yours through the PowerDNS Recursor?

And that your authoritative servers are not involved in this issue?

Which version of the PowerDNS Recursor do you run? Please note that version 3.3 is rather more strict in its interpretation of DNS rules than 3.5.1, and that this might be the issue.

Does the log file have anything relevant to say? Are the domains you mention the specific ones with issues, or is it generic .au, .uk?

    Bert


On May 24, 2013, at 7:53 PM, Tony DeMatteis wrote:

> Hello,
> 
> We have PDNS running for several years w/o any issues.  Our setup is two Authoritative, two resolvers, and a mySQL backend.  Problem that has been brought to my attention by customers is that certain domains are unreachable.  I can reach those sites reported via the IP Address.  Google resolves the site(s) fine.  We've verified reachability from other ISP's, i.e. they resolve the domains.  I don't have any firewall rules that would prohibit reaching an key IP.  Here's what I see.
> 
> Thank you for your input!!
> 
> tonyd
> 
> 
> # dig my primary resolver (same for secondary)
> root at tonyd# dig @216.19.2.83 unitedserviceclub.com.au
> 
> ; <<>> DiG 9.7.3 <<>> @216.19.2.83 unitedserviceclub.com.au
> ; (1 server found)
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> 
> 
> 
> # dig my primary resolver a second time
> root at tonyd# dig @216.19.2.83 unitedserviceclub.com.au
> 
> ; <<>> DiG 9.7.3 <<>> @216.19.2.83 unitedserviceclub.com.au
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6159
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;unitedserviceclub.com.au.    IN    A
> 
> ;; Query time: 2459 msec
> ;; SERVER: 216.19.2.83#53(216.19.2.83)
> ;; WHEN: Fri May 24 10:39:51 2013
> ;; MSG SIZE  rcvd: 42
> 
> 
> 
> # dig my primary authoritative
> root at tonyd# dig @216.19.2.80 unitedserviceclub.com.au
> 
> ; <<>> DiG 9.7.3 <<>> @216.19.2.80 unitedserviceclub.com.au
> ; (1 server found)
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> 
> 
> 
> # dig primary resolver with +norec
> root at tonyd# dig @216.19.2.83 unitedserviceclub.com.au +norec
> 
> ; <<>> DiG 9.7.3 <<>> @216.19.2.83 unitedserviceclub.com.au +norec
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12017
> ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4
> 
> ;; QUESTION SECTION:
> ;unitedserviceclub.com.au.    IN    A
> 
> ;; AUTHORITY SECTION:
> com.au.            101509    IN    NS    w.au.
> com.au.            101509    IN    NS    x.au.
> com.au.            101509    IN    NS    y.au.
> com.au.            101509    IN    NS    z.au.
> 
> ;; ADDITIONAL SECTION:
> z.au.            101469    IN    A    37.209.198.2
> y.au.            101469    IN    A    37.209.196.2
> w.au.            101469    IN    A    37.209.192.2
> x.au.            101469    IN    A    37.209.194.2
> 
> ;; Query time: 1 msec
> ;; SERVER: 216.19.2.83#53(216.19.2.83)
> ;; WHEN: Fri May 24 10:40:01 2013
> ;; MSG SIZE  rcvd: 170
> 
> 
> # dig 8.8.8.8  BINGO!
> root at tonyd# dig @8.8.8.8 unitedserviceclub.com.au
> 
> ; <<>> DiG 9.7.3 <<>> @8.8.8.8 unitedserviceclub.com.au
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39625
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;unitedserviceclub.com.au.    IN    A
> 
> ;; ANSWER SECTION:
> unitedserviceclub.com.au. 1800    IN    A    68.171.219.193
> 
> ;; Query time: 188 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Fri May 24 10:41:01 2013
> ;; MSG SIZE  rcvd: 58
> 
> 
> 
> # dig Random site from our resolvers
> root at tonyd# dig @216.19.2.83 devry.edu
> 
> ; <<>> DiG 9.7.3 <<>> @216.19.2.83 devry.edu
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36779
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
> 
> ;; QUESTION SECTION:
> ;devry.edu.            IN    A
> 
> ;; ANSWER SECTION:
> devry.edu.        600    IN    A    166.78.67.22
> 
> ;; AUTHORITY SECTION:
> devry.edu.        600    IN    NS    adns1.devry.net.
> devry.edu.        600    IN    NS    adns3.devry.net.
> devry.edu.        600    IN    NS    adns4.devry.net.
> devry.edu.        600    IN    NS    adns2.devry.net.
> 
> ;; ADDITIONAL SECTION:
> adns2.devry.net.    3599    IN    A    206.209.110.52
> adns1.devry.net.    3599    IN    A    206.209.110.51
> adns3.devry.net.    3599    IN    A    206.209.104.51
> adns4.devry.net.    3599    IN    A    206.209.104.52
> 
> ;; Query time: 200 msec
> ;; SERVER: 216.19.2.83#53(216.19.2.83)
> ;; WHEN: Fri May 24 10:45:53 2013
> ;; MSG SIZE  rcvd: 196
> 
> 
> 
> root at tonyd# dig @216.19.2.83 earthlink.net
> 
> ; <<>> DiG 9.7.3 <<>> @216.19.2.83 earthlink.net
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62913
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 2, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;earthlink.net.            IN    A
> 
> ;; ANSWER SECTION:
> earthlink.net.        1794    IN    A    209.86.93.205
> earthlink.net.        1794    IN    A    209.86.93.206
> earthlink.net.        1794    IN    A    209.86.93.207
> earthlink.net.        1794    IN    A    209.86.93.208
> earthlink.net.        1794    IN    A    209.86.93.209
> earthlink.net.        1794    IN    A    209.86.93.210
> earthlink.net.        1794    IN    A    209.86.93.211
> earthlink.net.        1794    IN    A    209.86.93.201
> earthlink.net.        1794    IN    A    209.86.93.202
> earthlink.net.        1794    IN    A    209.86.93.203
> earthlink.net.        1794    IN    A    209.86.93.204
> 
> ;; AUTHORITY SECTION:
> earthlink.net.        839    IN    NS    scratchy.earthlink.net.
> earthlink.net.        839    IN    NS    itchy.earthlink.net.
> 
> ;; Query time: 0 msec
> ;; SERVER: 216.19.2.83#53(216.19.2.83)
> ;; WHEN: Fri May 24 10:46:24 2013
> ;; MSG SIZE  rcvd: 250
> 
> 
> 
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20130524/1a1b769f/attachment-0001.html>

More information about the Pdns-users mailing list