• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 545
  • Last Modified:

cannot access many .co.uk domains

Hello all,
We are having something very strange happening here. 3 or 4 times over the last 2 weeks we keep completely losing access to the majority of websites ending in a .co.uk domain name.

All sites under .com/.net or any other combination are fine - but not .co.uk

Strange thing is it doesnt completely remove access to ALL .co.uk - we can still get to our host 1&1.co.uk for instance but the majority of sites are unreachable. They simply time out with an error message that the site cannot be reached.

I figured DNS must be the issue, i have flushed DNS both on my servers and workstations - including my DNS servers, i have restarted all related routers to force them to resynch with my isp. This has not helped and the issue is affecting every user in the business.

NSLOOKUP also times out when trying to contact the websites in question. I cannot ping them either.This has really got me stumped. Any ideas?
0
No1_Reggie
Asked:
No1_Reggie
  • 7
  • 6
1 Solution
 
Chris DentPowerShell DeveloperCommented:

Hey,

Do you use Forwarders in DNS? If you do, you might consider removing or changing them.

Chris
0
 
rehanahmedsCommented:
use open dns when the problem occurs to test if your configured DNS is the culprit.

i think there IPs are

Primary server: 208.67.222.222
Alternative server: 208.67.220.220

you can double check this...  opendns is free and i havent seen it not working....
0
 
No1_ReggieAuthor Commented:
Hi Chris,

I dont use forwarders as such - but have many forward lookup zones - is this what you are saying to delete?The forwarders section in my DNS management is still set at default as far as i can see - none have been added.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Chris DentPowerShell DeveloperCommented:

> is this what you are saying to delete

No, not at all :)

If you're not using Forwarders then you're using Root Hints.

Can you resolve any public .co.uk name?

Chris
0
 
No1_ReggieAuthor Commented:
I thought you meant that :)

Yes i can resolve some public .co.uk names such as 1&1.co.uk (our web hosts), google.co.uk works, i have tried about 30 other sites so far and those are the only ones i can get to work.

0
 
Chris DentPowerShell DeveloperCommented:

Hmm well... it could be a routing problem.

I take it clearing the cache or restarting the service has no effect?

We might see if it's purely name resolution or a bigger issue than that. Try adding "4.2.2.4" as a forwarder on your DNS Server? That one belongs to Verizon. I just don't much recommend using it permanently, they might take it down if it gets too busy (it's been up for years).

Chris
0
 
No1_ReggieAuthor Commented:
Hi Chris, sorry i should have mentioned, restarting the service does work - but only for a limited period of time. Changing my DNS to point to open dns or any other dns does get round the problem - but i am looking more for a permanent fix for my own dns rather using external dns if you know what i mean.

Considering that the system seems to work normally and then goes down seems to point to the fact that there is some form of gradual corruption or destruction in my dns. Restarting the service or rebooting the dns server brings everything back online for a few hours or a couple of days before the problem re-appears.
0
 
No1_ReggieAuthor Commented:
Just to clarify - although restarting the service does have an effect - clearing the cach does not - that is one of the things that makes this very odd.
0
 
Chris DentPowerShell DeveloperCommented:

> but i am looking more for a permanent fix

Yeah, absolutely :) Just curious if it worked :)

Fully patched I guess? There were a number of odd problems with the early versions that vanished with patching. But it is a fairly obvious question so I suspect it's already addressed.

Can you take a look in the cache and see which Name Server records are listed for .co.uk? And see if any of the failing domains are listed there?

Chris
0
 
Chris DentPowerShell DeveloperCommented:

We do have to consider the Firewall with an issue like this as well. If the responses are being dropped by a Firewall it can make life really upsetting. Anything interesting in use there?

Chris
0
 
No1_ReggieAuthor Commented:
Hi Chris, back after the weekend :)

1). Yes all fully patched.
2) Name Servers in the cache - interesting, i dont have a specific .co.uk folder in there. I have a uk folder and in there i have 3 seperate folders called a). co b). net c) NIC
3). Name servers in the root of the UK folder are all  ns1.nic.uk, ns2, ns3 and so on, nsa.nic.uk, nsb, nsc and so on.
4). Yes the failing domains are listed under the co folder. Funny thing is all domains are still working from today - so nothing failling at present. I wqill continue trying through the day to see if anything fails.
5). Firewall is a Cisco ASA5510 series. Nothing partcularly interesting in there, i have a good look at it but cant find anything obvious.
6). Dont you just hate these weird things that make no sense ;0) Still they make life interesting. Thanks for persevering with me.
0
 
Chris DentPowerShell DeveloperCommented:

> Dont you just hate these weird things that make no sense

Yes, very much so :)

It could be EDNS, but we would expect that to be a lot more random that just UK domains.

And it could be (or have been) a routing issue which would be harder to trace down. Except there we wouldn't necessarily expect it to disappear after a service restart.

Chris
0
 
No1_ReggieAuthor Commented:
Thanks Chris, i will monitor it through the day and hopefully it has sorted itself. I will award you the points tomorrow as you certainly deserve them.
0
 
No1_ReggieAuthor Commented:
Thanks for the help Chris, problem reoccurring but you definately deserve the points. Regards
Reggie.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now