Solved

CentOS:  DNS named giving out random timeouts?

Posted on 2011-09-08
12
572 Views
Last Modified: 2012-05-12
Hi All,

I have a VPS running DNS (named).  If i telnet to the server frommy hose and run a query i get an authorative response with the correct IP.  I've tried the exact same test from four other locaction, three timeout and one works.


Any suggestions on how to fix it.  As quite a lot of users are unable to access my server.


many thanks

D
0
Comment
Question by:detox1978
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
12 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507332
What is one of the domains you are having trouble resolving?
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507346
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507374
everything is working again.

very bizarre.
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 2

Author Comment

by:detox1978
ID: 36507378
Any idea what could have caused this?


I sent an email to the support team to see if any network changes were made.  So maybe they fixed it.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 250 total points
ID: 36507381
Ok so I noticed you have dns1.aurl.co.uk and dns2.aurl.co.uk for your NS records, but they both resolve to the same IP.  You should really look into some free secondary name service, something like zoneedit.com

Aside from that everything looks just fine, I tried dozens of queries to your NS and all is well.

Paste output of the queries you are running that are failing.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507384
Hi,

So your test in both situations is that:
- you telnet the server
- then you query the server locally over the telnet session

When at home you get the result but if you're not home yo get error to your query ?

If this is the case I'd suspect about a connectivity problems/ packet fragmentation. Try to ping your server from remote locations using large packets. suckr as 1400, 1500,1800 etc. With a command similar to this one:


ping -s 1500  your_server.example.com



Cheers,
K.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507404
I guess this is it:

from my system:
 
# ping dns2.aurl.co.uk        
PING dns2.aurl.co.uk (91.223.16.149) 56(84) bytes of data.
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=1 ttl=50 time=87.9 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=102 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=87.1 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=4 ttl=50 time=84.5 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=86.3 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=85.7 ms

Open in new window


But when I ping with a packet larger than 1400 bytes:


 
# ping -s 1500 dns2.aurl.co.uk
PING dns2.aurl.co.uk (91.223.16.149) 1500(1528) bytes of data.
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=112 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=110 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=114 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=116 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=8 ttl=50 time=109 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=10 ttl=50 time=116 ms
^C1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=11 ttl=50 time=113 ms

--- dns2.aurl.co.uk ping statistics ---
11 packets transmitted, 7 received, 36% packet loss, time 10026ms
rtt min/avg/max/mdev = 109.512/113.375/116.457/2.409 ms

Open in new window


So contact your ISP and ask them to fix their DNS subnet and correct the packet fragmentation issue..


Cheers,
K.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 250 total points
ID: 36507439
Unless he's doing DNSSEC (he is not) or IPv6 (he is not) or has some huge ridiculous TXT records, the odds of him having a DNS packet exceeding 1400 bytes is slim to none.

Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507505
Thanks for the info.

There's nothing fancy with the server.  Hopefully the host will come back and say what the changed.


I had a quick look at zoneedit and the charge for secondary dns.   "Please note that free zones do not include tertiary nameservice or other premium services."
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507510
Ah ya know I remember zoneedit from long ago but I must admit they could have changed their model since then.

IMO just google "free secondary dns", I just did and there are a TON more than when I looked long ago...
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 36509570
> Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.

It is not about packet size approaching 1400 byte. IT is about the DNS servers are placed in an network segment having packet fragmentation issues. 1400 byte packages are just to display there's a problem (fragmented packets can not be assembled later). With these type of packets you wouldn't know at what point you will have an issue when communicating from different networks not just 1400+ byte packets from where

Cheers,
K.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36510683
The host came back to me to say there was a BGP upstream issue.  Apparently someone  was having issues but didn't know.  They said they were able to remove the vendor from their BGP list after my email and have listed in on their outage page.

I guess these things happen.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question