BIND DNS strange behaviour resolving dns

8 posts / 0 new
Topic locked
Last post
#1 Wed, 10/31/2012 - 06:05
pixel_paul
pixel_paul's picture

BIND DNS strange behaviour resolving dns

I'm not sure if this is related to Cloudmin or not but it is a mighty strange issue that I'm struggling to get to the bottom of. I've posted the question over at Server Fault and the kind people there have troubleshooted with me, but I thought that as my local DNS server is running Cloudmin, that I can scratch that off the list for being a misconfiguration issue.

http://serverfault.com/questions/443663/bind-dns-strange-behaviour-resol...

Thanks for your time,

Paul

Wed, 10/31/2012 - 09:32
andreychek

Howdy,

Yeah, that connection timed out error is a bit unusual... do you receive that for any other lookups as well? Or just the one you showed there?

When that occurs, are you seeing any errors in any of your logs?

-Eric

Wed, 10/31/2012 - 09:37 (Reply to #2)
pixel_paul
pixel_paul's picture

Hi Eric,

Yeah it occurs on a few domains, code.jquery.com, and cdn.sublimevideo.net to name another one. i just cant see why my local dns lookup would be blocked on certain domains.

Paul

Wed, 10/31/2012 - 17:04
Locutus

I'd start out by checking the exact delegation path of the problematic domain, using dig domainthatdoesntwork.com +trace. You might want to post the result here for further inspection. :)

Does the problem occur with all third-level domains?

Thu, 11/01/2012 - 05:30 (Reply to #4)
pixel_paul
pixel_paul's picture

Ok, a bit more digging and i've come up with this. These cant be resolved:

code.jquery.com (jquery.com is resolved) - edgecast cdn.sublimevideo.net (sublimevideo.net resolved) - edgecast

However I can access:

code.google.com en.wikipedia.org help.yahoo.com

However, I cant access http://www.edgecast.com/ which is the cdn for sublime and jquery. So it is sounding highly likely (as said in discussions from serverfault) that my ip address is being blocked by edgecast when doing dns lookups?

Thu, 11/01/2012 - 07:14
Locutus

Can you please, as I requested, post the result of a "dig +trace" for a domain that doesn't work?

Thu, 11/01/2012 - 07:35 (Reply to #6)
pixel_paul
pixel_paul's picture

sure:

dig edgecastcdn.net +trace

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.5 <<>> edgecastcdn.net +trace
;; global options: +cmd
.                       336970  IN      NS      c.root-servers.net.
.                       336970  IN      NS      j.root-servers.net.
.                       336970  IN      NS      m.root-servers.net.
.                       336970  IN      NS      l.root-servers.net.
.                       336970  IN      NS      i.root-servers.net.
.                       336970  IN      NS      d.root-servers.net.
.                       336970  IN      NS      b.root-servers.net.
.                       336970  IN      NS      k.root-servers.net.
.                       336970  IN      NS      f.root-servers.net.
.                       336970  IN      NS      e.root-servers.net.
.                       336970  IN      NS      h.root-servers.net.
.                       336970  IN      NS      a.root-servers.net.
.                       336970  IN      NS      g.root-servers.net.
;; Received 508 bytes from 127.0.0.1#53(127.0.0.1) in 4 ms

net.                    172800  IN      NS      a.gtld-servers.net.
net.                    172800  IN      NS      b.gtld-servers.net.
net.                    172800  IN      NS      c.gtld-servers.net.
net.                    172800  IN      NS      d.gtld-servers.net.
net.                    172800  IN      NS      e.gtld-servers.net.
net.                    172800  IN      NS      f.gtld-servers.net.
net.                    172800  IN      NS      g.gtld-servers.net.
net.                    172800  IN      NS      h.gtld-servers.net.
net.                    172800  IN      NS      i.gtld-servers.net.
net.                    172800  IN      NS      j.gtld-servers.net.
net.                    172800  IN      NS      k.gtld-servers.net.
net.                    172800  IN      NS      l.gtld-servers.net.
net.                    172800  IN      NS      m.gtld-servers.net.
;; Received 490 bytes from 193.0.14.129#53(193.0.14.129) in 923 ms

edgecastcdn.net.        172800  IN      NS      ns1.edgecastcdn.net.
edgecastcdn.net.        172800  IN      NS      ns2.edgecastcdn.net.
;; Received 101 bytes from 192.43.172.30#53(192.43.172.30) in 11066 ms

;; connection timed out; no servers could be reached
Fri, 11/02/2012 - 05:30
Locutus

Okay, it indeed seems that for some reason DNS requests from your test system to "ns*.edgecastcdn.net" are blocked.

The IPs are as follows:

edgecastcdn.net.        3600    IN      A       93.184.221.133
edgecastcdn.net.        172800  IN      NS      ns1.edgecastcdn.net.
edgecastcdn.net.        172800  IN      NS      ns2.edgecastcdn.net.
;; Received 188 bytes from 72.21.80.5#53(ns1.edgecastcdn.net) in 7 ms
ns1.edgecastcdn.net.    172703  IN      A       72.21.80.5
ns2.edgecastcdn.net.    172800  IN      A       72.21.80.6

You might want to try "mtr" to trace the route to those nameservers and see where it fails. It should look like this if it works okay:

 Host                                                                                                                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. rigel.tianet.de                                                                                                                   0.0%    23    0.2   0.2   0.2   0.3   0.0
 2. static.1.106.9.176.clients.your-server.de                                                                                         0.0%    23    2.3   1.9   0.8   4.4   1.3
 3. hos-tr1-juniper1.rz15.hetzner.de                                                                                                  0.0%    23    0.4   0.5   0.4   1.8   0.3
 4. hos-bb1.juniper1.ffm.hetzner.de                                                                                                   0.0%    23    5.0   5.1   5.0   5.7   0.1
 5. r1fra1.core.init7.net                                                                                                             0.0%    23   14.5   8.2   5.1  15.2   4.0
 6. xe-0.de-cix.frnkge03.de.bb.gin.ntt.net                                                                                            0.0%    23    7.1  14.0   6.6 104.8  22.3
 7. ae-1.r02.frnkge03.de.bb.gin.ntt.net                                                                                              13.6%    22    6.4   9.0   6.2  23.7   4.5
    po-1.r01.frnkge03.de.bb.gin.ntt.net
 8. edgecast-0.r01.frnkge03.de.bb.gin.ntt.net                                                                                         0.0%    22    6.0   6.3   5.8   6.9   0.3
    edgecast-0.r02.frnkge03.de.bb.gin.ntt.net
 9. ns1.edgecastcdn.net                                                                                                               0.0%    22    6.0   6.1   5.8   7.3   0.4
Topic locked