Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

CentOS:  DNS named giving out random timeouts?

Posted on 2011-09-08
12
570 Views
Last Modified: 2012-05-12
Hi All,

I have a VPS running DNS (named).  If i telnet to the server frommy hose and run a query i get an authorative response with the correct IP.  I've tried the exact same test from four other locaction, three timeout and one works.


Any suggestions on how to fix it.  As quite a lot of users are unable to access my server.


many thanks

D
0
Comment
Question by:detox1978
  • 5
  • 4
  • 3
12 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507332
What is one of the domains you are having trouble resolving?
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507346
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507374
everything is working again.

very bizarre.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 2

Author Comment

by:detox1978
ID: 36507378
Any idea what could have caused this?


I sent an email to the support team to see if any network changes were made.  So maybe they fixed it.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 250 total points
ID: 36507381
Ok so I noticed you have dns1.aurl.co.uk and dns2.aurl.co.uk for your NS records, but they both resolve to the same IP.  You should really look into some free secondary name service, something like zoneedit.com

Aside from that everything looks just fine, I tried dozens of queries to your NS and all is well.

Paste output of the queries you are running that are failing.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507384
Hi,

So your test in both situations is that:
- you telnet the server
- then you query the server locally over the telnet session

When at home you get the result but if you're not home yo get error to your query ?

If this is the case I'd suspect about a connectivity problems/ packet fragmentation. Try to ping your server from remote locations using large packets. suckr as 1400, 1500,1800 etc. With a command similar to this one:


ping -s 1500  your_server.example.com



Cheers,
K.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507404
I guess this is it:

from my system:
 
# ping dns2.aurl.co.uk        
PING dns2.aurl.co.uk (91.223.16.149) 56(84) bytes of data.
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=1 ttl=50 time=87.9 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=102 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=87.1 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=4 ttl=50 time=84.5 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=86.3 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=85.7 ms

Open in new window


But when I ping with a packet larger than 1400 bytes:


 
# ping -s 1500 dns2.aurl.co.uk
PING dns2.aurl.co.uk (91.223.16.149) 1500(1528) bytes of data.
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=112 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=110 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=114 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=116 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=8 ttl=50 time=109 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=10 ttl=50 time=116 ms
^C1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=11 ttl=50 time=113 ms

--- dns2.aurl.co.uk ping statistics ---
11 packets transmitted, 7 received, 36% packet loss, time 10026ms
rtt min/avg/max/mdev = 109.512/113.375/116.457/2.409 ms

Open in new window


So contact your ISP and ask them to fix their DNS subnet and correct the packet fragmentation issue..


Cheers,
K.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 250 total points
ID: 36507439
Unless he's doing DNSSEC (he is not) or IPv6 (he is not) or has some huge ridiculous TXT records, the odds of him having a DNS packet exceeding 1400 bytes is slim to none.

Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507505
Thanks for the info.

There's nothing fancy with the server.  Hopefully the host will come back and say what the changed.


I had a quick look at zoneedit and the charge for secondary dns.   "Please note that free zones do not include tertiary nameservice or other premium services."
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507510
Ah ya know I remember zoneedit from long ago but I must admit they could have changed their model since then.

IMO just google "free secondary dns", I just did and there are a TON more than when I looked long ago...
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 36509570
> Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.

It is not about packet size approaching 1400 byte. IT is about the DNS servers are placed in an network segment having packet fragmentation issues. 1400 byte packages are just to display there's a problem (fragmented packets can not be assembled later). With these type of packets you wouldn't know at what point you will have an issue when communicating from different networks not just 1400+ byte packets from where

Cheers,
K.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36510683
The host came back to me to say there was a BGP upstream issue.  Apparently someone  was having issues but didn't know.  They said they were able to remove the vendor from their BGP list after my email and have listed in on their outage page.

I guess these things happen.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question