- To: Steve Mohundro <mohundro@eskimo.com>
- Subject: Re: DNS troubles
- From: Eskimo North Support <support@eskimo.com>
- Date: Wed, 28 Jun 2000 11:22:21 -0700 (PDT)
- cc: outages-list@eskimo.com
- In-Reply-To: <Pine.SUN.3.96.1000628103724.8086A-100000@eskimo.com>
- Newsgroups: lobby
- Resent-Date: Wed, 28 Jun 2000 11:22:47 -0700 (PDT)
- Resent-From: outages-list@eskimo.com
- Resent-Message-ID: <"v3utV1.0.yf2.i9aMv"@mx2>
- Resent-Sender: outages-list-request@eskimo.com
- Prev by Date: Eskinews Outage
- Next by Date: Eskinews Outage 6/29 3:30pm
- Prev by thread: Eskinews Outage 6/29 3:30pm
- Next by thread: Eskinews Outage
- Index(es):
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DNS troubles
On Wed, 28 Jun 2000, Steve Mohundro wrote:
> Eric, all,
>
> This should be my final note on the subject, because a friend online
> suggested a solution that worked: I have a C:\Windows\Hosts file that has
> bad entries for these sites. I backed it up and deleted it, and
> everything works. Whew, no reinstall.
>
> -- Steve
Steve, This is Robert Dinse <nanook@eskimo.com>. I'm going to CC
this to the outages list and lobby because no doubt this problem affected
other customers as well, and also because there is a puzzling aspect of
this that I do not understand.
I'm glad you found that problem and resolved it. As it happens this
wasn't a totally wasted exercise because I also found a problem with an
access list I put in place to stop denial of service attacks.
One of the name servers is on a machine that listens to multiple IP
addresses. The denial of service attack was not aimed at the IP address
used for the name server, so I blocked UDP to the address being attacked,
not expecting it to affect DNS since it wasn't the address the name server
listens to.
What I did not properly anticipate is that, when that name server has
to query an upstream server to resolve a request, it does so from the base
IP of the box, and so the responses from the upstream server come back to
that IP, which is the one I had blocked.
The interesting thing is that, for reasons I don't understand at all,
this only seemed to break domains for which both of the name servers
listed were secondaries (non-authoritative). I have no logical
explaination for this at all. When I tested this I had used ftp.uu.net,
and that worked fine, but starwars.com fails completely. Taking that
access rule out makes starwars.com work. About the only thing I can think
of is perhaps the domains that listed authoritative servers just happened
to also be in cache.
At any rate, pulling that access list entry out made it properly
resolve starwars.com now.
Eskimo North Support | Voice Numbers - (206)812-0051 or 800-246-6874
support@eskimo.com | Voice help available 9am to 11pm Mon-Fri
PO Box 55816 | and 12pm - 8pm Saturday and Sunday
Seattle, WA 98155 | Fax us at - (206)812-0054