Solved

CentOS:  DNS named giving out random timeouts?

Posted on 2011-09-08
12
567 Views
Last Modified: 2012-05-12
Hi All,

I have a VPS running DNS (named).  If i telnet to the server frommy hose and run a query i get an authorative response with the correct IP.  I've tried the exact same test from four other locaction, three timeout and one works.


Any suggestions on how to fix it.  As quite a lot of users are unable to access my server.


many thanks

D
0
Comment
Question by:detox1978
  • 5
  • 4
  • 3
12 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507332
What is one of the domains you are having trouble resolving?
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507346
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507374
everything is working again.

very bizarre.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507378
Any idea what could have caused this?


I sent an email to the support team to see if any network changes were made.  So maybe they fixed it.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 250 total points
ID: 36507381
Ok so I noticed you have dns1.aurl.co.uk and dns2.aurl.co.uk for your NS records, but they both resolve to the same IP.  You should really look into some free secondary name service, something like zoneedit.com

Aside from that everything looks just fine, I tried dozens of queries to your NS and all is well.

Paste output of the queries you are running that are failing.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507384
Hi,

So your test in both situations is that:
- you telnet the server
- then you query the server locally over the telnet session

When at home you get the result but if you're not home yo get error to your query ?

If this is the case I'd suspect about a connectivity problems/ packet fragmentation. Try to ping your server from remote locations using large packets. suckr as 1400, 1500,1800 etc. With a command similar to this one:


ping -s 1500  your_server.example.com



Cheers,
K.

0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507404
I guess this is it:

from my system:
 
# ping dns2.aurl.co.uk        
PING dns2.aurl.co.uk (91.223.16.149) 56(84) bytes of data.
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=1 ttl=50 time=87.9 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=102 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=87.1 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=4 ttl=50 time=84.5 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=86.3 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=85.7 ms

Open in new window


But when I ping with a packet larger than 1400 bytes:


 
# ping -s 1500 dns2.aurl.co.uk
PING dns2.aurl.co.uk (91.223.16.149) 1500(1528) bytes of data.
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=112 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=110 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=114 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=116 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=8 ttl=50 time=109 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=10 ttl=50 time=116 ms
^C1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=11 ttl=50 time=113 ms

--- dns2.aurl.co.uk ping statistics ---
11 packets transmitted, 7 received, 36% packet loss, time 10026ms
rtt min/avg/max/mdev = 109.512/113.375/116.457/2.409 ms

Open in new window


So contact your ISP and ask them to fix their DNS subnet and correct the packet fragmentation issue..


Cheers,
K.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 250 total points
ID: 36507439
Unless he's doing DNSSEC (he is not) or IPv6 (he is not) or has some huge ridiculous TXT records, the odds of him having a DNS packet exceeding 1400 bytes is slim to none.

Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507505
Thanks for the info.

There's nothing fancy with the server.  Hopefully the host will come back and say what the changed.


I had a quick look at zoneedit and the charge for secondary dns.   "Please note that free zones do not include tertiary nameservice or other premium services."
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507510
Ah ya know I remember zoneedit from long ago but I must admit they could have changed their model since then.

IMO just google "free secondary dns", I just did and there are a TON more than when I looked long ago...
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 36509570
> Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.

It is not about packet size approaching 1400 byte. IT is about the DNS servers are placed in an network segment having packet fragmentation issues. 1400 byte packages are just to display there's a problem (fragmented packets can not be assembled later). With these type of packets you wouldn't know at what point you will have an issue when communicating from different networks not just 1400+ byte packets from where

Cheers,
K.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36510683
The host came back to me to say there was a BGP upstream issue.  Apparently someone  was having issues but didn't know.  They said they were able to remove the vendor from their BGP list after my email and have listed in on their outage page.

I guess these things happen.
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now