Solved

CentOS:  DNS named giving out random timeouts?

Posted on 2011-09-08
12
569 Views
Last Modified: 2012-05-12
Hi All,

I have a VPS running DNS (named).  If i telnet to the server frommy hose and run a query i get an authorative response with the correct IP.  I've tried the exact same test from four other locaction, three timeout and one works.


Any suggestions on how to fix it.  As quite a lot of users are unable to access my server.


many thanks

D
0
Comment
Question by:detox1978
  • 5
  • 4
  • 3
12 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507332
What is one of the domains you are having trouble resolving?
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507346
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507374
everything is working again.

very bizarre.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 2

Author Comment

by:detox1978
ID: 36507378
Any idea what could have caused this?


I sent an email to the support team to see if any network changes were made.  So maybe they fixed it.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 250 total points
ID: 36507381
Ok so I noticed you have dns1.aurl.co.uk and dns2.aurl.co.uk for your NS records, but they both resolve to the same IP.  You should really look into some free secondary name service, something like zoneedit.com

Aside from that everything looks just fine, I tried dozens of queries to your NS and all is well.

Paste output of the queries you are running that are failing.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507384
Hi,

So your test in both situations is that:
- you telnet the server
- then you query the server locally over the telnet session

When at home you get the result but if you're not home yo get error to your query ?

If this is the case I'd suspect about a connectivity problems/ packet fragmentation. Try to ping your server from remote locations using large packets. suckr as 1400, 1500,1800 etc. With a command similar to this one:


ping -s 1500  your_server.example.com



Cheers,
K.

0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 250 total points
ID: 36507404
I guess this is it:

from my system:
 
# ping dns2.aurl.co.uk        
PING dns2.aurl.co.uk (91.223.16.149) 56(84) bytes of data.
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=1 ttl=50 time=87.9 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=102 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=87.1 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=4 ttl=50 time=84.5 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=86.3 ms
64 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=85.7 ms

Open in new window


But when I ping with a packet larger than 1400 bytes:


 
# ping -s 1500 dns2.aurl.co.uk
PING dns2.aurl.co.uk (91.223.16.149) 1500(1528) bytes of data.
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=2 ttl=50 time=112 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=3 ttl=50 time=110 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=5 ttl=50 time=114 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=6 ttl=50 time=116 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=8 ttl=50 time=109 ms
1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=10 ttl=50 time=116 ms
^C1508 bytes from vvps-481543.dailyvps.co.uk (91.223.16.149): icmp_seq=11 ttl=50 time=113 ms

--- dns2.aurl.co.uk ping statistics ---
11 packets transmitted, 7 received, 36% packet loss, time 10026ms
rtt min/avg/max/mdev = 109.512/113.375/116.457/2.409 ms

Open in new window


So contact your ISP and ask them to fix their DNS subnet and correct the packet fragmentation issue..


Cheers,
K.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 250 total points
ID: 36507439
Unless he's doing DNSSEC (he is not) or IPv6 (he is not) or has some huge ridiculous TXT records, the odds of him having a DNS packet exceeding 1400 bytes is slim to none.

Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36507505
Thanks for the info.

There's nothing fancy with the server.  Hopefully the host will come back and say what the changed.


I had a quick look at zoneedit and the charge for secondary dns.   "Please note that free zones do not include tertiary nameservice or other premium services."
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36507510
Ah ya know I remember zoneedit from long ago but I must admit they could have changed their model since then.

IMO just google "free secondary dns", I just did and there are a TON more than when I looked long ago...
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 36509570
> Aside from that, you are testing ingress and I can't imagine a DNS query coming anywhere close to 1400 bytes.

It is not about packet size approaching 1400 byte. IT is about the DNS servers are placed in an network segment having packet fragmentation issues. 1400 byte packages are just to display there's a problem (fragmented packets can not be assembled later). With these type of packets you wouldn't know at what point you will have an issue when communicating from different networks not just 1400+ byte packets from where

Cheers,
K.
0
 
LVL 2

Author Comment

by:detox1978
ID: 36510683
The host came back to me to say there was a BGP upstream issue.  Apparently someone  was having issues but didn't know.  They said they were able to remove the vendor from their BGP list after my email and have listed in on their outage page.

I guess these things happen.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question