Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

CentOS:  DNS named giving out random timeouts?

Posted on 2011-09-08
12
Medium Priority
?
577 Views
Last Modified: 2012-05-12
Hi All,

I have a VPS running DNS (named).  If i telnet to the server frommy hose and run a query i get an authorative response with the correct IP.  I've tried the exact same test from four other locaction, three timeout and one works.


Any suggestions on how to fix it.  As quite a lot of users are unable to access my server.


many thanks

D
0
Comment
Question by:detox1978
  • 5
  • 4
  • 3
12 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507332
What is one of the domains you are having trouble resolving?
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507346
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507374
everything is working again.

very bizarre.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 2

Author Comment

by:detox1978
ID: 36507378
Any idea what could have caused this?


I sent an email to the support team to see if any network changes were made.  So maybe they fixed it.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 1000 total points
ID: 36507381
Ok so I noticed you have dns1.aurl.co.uk and dns2.aurl.co.uk for your NS records, but they both resolve to the same IP.  You should really look into some free secondary name service, something like zoneedit.com

Aside from that everything looks just fine, I tried dozens of queries to your NS and all is well.

Paste output of the queries you are running that are failing.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 1000 total points
ID: 36507384
Hi,

So your test in both situations is that:
- you telnet the server
- then you query the server locally over the telnet session

When at home you get the result but if you're not home yo get error to your query ?

If this is the case I'd suspect about a connectivity problems/ packet fragmentation. Try to ping your server from remote locations using large packets. suckr as 1400, 1500,1800 etc. With a command similar to this one:


ping -s 1500  your_server.example.com



Cheers,
K.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 1000 total points
ID: 36507404
I guess this is it:

from my system:
 
# ping dns2.aurl.co.uk        
PING dns2.aurl.co.uk (91.223.16.149) 56(84) bytes of data.
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=1 ttl=50 time=87.9 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=102 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=87.1 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=4 ttl=50 time=84.5 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=86.3 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=85.7 ms

Open in new window


But when I ping with a packet larger than 1400 bytes:


 
# ping -s 1500 dns2.aurl.co.uk
PING dns2.aurl.co.uk (91.223.16.149) 1500(1528) bytes of data.
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=112 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=110 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=114 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=116 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=8 ttl=50 time=109 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=10 ttl=50 time=116 ms
^C1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=11 ttl=50 time=113 ms

--- dns2.aurl.co.uk ping statistics ---
11 packets transmitted, 7 received, 36% packet loss, time 10026ms
rtt min/avg/max/mdev = 109.512/113.375/116.457/2.409 ms

Open in new window


So contact your ISP and ask them to fix their DNS subnet and correct the packet fragmentation issue..


Cheers,
K.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 1000 total points
ID: 36507439
Unless he's doing DNSSEC (he is not) or IPv6 (he is not) or has some huge ridiculous TXT records, the odds of him having a DNS packet exceeding 1400 bytes is slim to none.

Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507505
Thanks for the info.

There's nothing fancy with the server.  Hopefully the host will come back and say what the changed.


I had a quick look at zoneedit and the charge for secondary dns.   "Please note that free zones do not include tertiary nameservice or other premium services."
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507510
Ah ya know I remember zoneedit from long ago but I must admit they could have changed their model since then.

IMO just google "free secondary dns", I just did and there are a TON more than when I looked long ago...
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 36509570
> Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.

It is not about packet size approaching 1400 byte. IT is about the DNS servers are placed in an network segment having packet fragmentation issues. 1400 byte packages are just to display there's a problem (fragmented packets can not be assembled later). With these type of packets you wouldn't know at what point you will have an issue when communicating from different networks not just 1400+ byte packets from where

Cheers,
K.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36510683
The host came back to me to say there was a BGP upstream issue.  Apparently someone  was having issues but didn't know.  They said they were able to remove the vendor from their BGP list after my email and have listed in on their outage page.

I guess these things happen.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month10 days, 22 hours left to enroll

572 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question