on my continuing semi-newb problem series, I have a nasty thing going on (I fear). my server is a dual opteron 8gb 600gb scsi DAM nice fast server. TOP shows 99+ idle at all times. there is very little load on it as far as i can tell. BUT - I'm seeing weird DNS responses and need some assistance - even willing to pay anyone who wants to log in and help me out. ([email protected]). what I'm seeing is rather odd behaviour. If I do something that needs DNS resolution (my nameserver on the server is current centos 5.1 named) - say I pull up a webpage. the first time or two I pull up an address (only some of them alas) - the browser times out. 'server not responding' etc. type messages. then I refresh again and it pops up! so obviously named is not responding fast enough (or at all)? the first 2 requests. this is not fully repeatable but I think its also why some of my customers tell me they cant send or retrive mail (most are just fine). they send me screenshots of errors like 'cant find mail server' etc. now if they try the send/receive again they will eventually get it through but its obviously something I need to resolve. any suggestions? anythign to look at??? the nameserver is ns5.cdbsystems.com if anyone wants to run tests on it and your help will be MOST appreciated (and even rewarded) thanks cdb.
ok problem ns4 is offline im not going to say the IP but when i try it nothing loaded maybe thats your problem
NS4 problem true, NS4 is down (and probably will stay down) but I would have thought everything would have expired from NS4 by now and NS5 would have replaced everything... when I restarted named on NS5 I upped all serial numbers so I would have thought all caches would have replaced ns4 info by ns5 by now... cdb.
DNS issues I've redirected ns4 to the same ip as ns5 I'll see if that takes care of the odd delays. thanks cdb.
DNS issues could you all do traceroutes to ns5.cdbsystems.com? I've been told by one customer he's seeing bad latencies but I'm not seeing anything rude. would appreciate it cdb.
more weirdness - continuing DNS issue????? I just was doing some traceroutes to one of my domains and: E:\Documents and Settings\cdb>ping mail.weblawdog.com Pinging mail.weblawdog.com [71.163.161.26] with 32 bytes of data: Reply from 71.163.161.26: bytes=32 time=17ms TTL=247 Reply from 71.163.161.26: bytes=32 time=15ms TTL=247 Ping statistics for 71.163.161.26: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 15ms, Maximum = 17ms, Average = 16ms Control-C ^C ------------a bit later cdb: E:\Documents and Settings\cdb>tracert mail.weblawdog.com Unable to resolve target system name mail.weblawdog.com. ----- few secs later E:\Documents and Settings\cdb>tracert mail.weblawdog.com Tracing route to admin.weblawdog.com [71.163.161.26] over a maximum of 30 hops: 1 * * * Request timed out. 2 9 ms 7 ms 6 ms 10.7.168.1 3 7 ms 7 ms 7 ms ip72-219-223-97.dc.dc.cox.net [72.219.223.97] 4 7 ms 7 ms 15 ms mrfddsrj01-ge110.rd.dc.cox.net [68.100.0.161] 5 11 ms 18 ms 8 ms ashbbbrj01-ae0.0.r2.as.cox.net [68.1.0.220] 6 41 ms 10 ms 11 ms so-7-3-0-0.BB-RTR1.RES.verizon-gni.net [130.81.1 0.89] 7 11 ms 11 ms 9 ms P15-0.LCR-05.WASHDC.verizon-gni.net [130.81.28.1 45] 8 14 ms 11 ms 11 ms L1.VFTTP-29.WASHDC.verizon-gni.net [130.81.243.1 29] 9 25 ms 14 ms 14 ms mail.weblawdog.com [71.163.161.26] Trace complete. any ideas what is going on????? cdb.
[zcworld@zcworld ~]$ dig @ns5.cdbsystems.com cdbsystem.com ; <<>> DiG 9.5.0b2 <<>> @ns5.cdbsystems.com cdbsystem.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45116 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cdbsystem.com. IN A ;; AUTHORITY SECTION: . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. ;; Query time: 320 msec ;; SERVER: 71.163.161.26#53(71.163.161.26) ;; WHEN: Sat May 31 17:50:26 2008 ;; MSG SIZE rcvd: 242 [zcworld@zcworld ~]$ dig @ns5.cdbsystems.com www.cdbsystem.com ; <<>> DiG 9.5.0b2 <<>> @ns5.cdbsystems.com www.cdbsystem.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43094 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.cdbsystem.com. IN A ;; AUTHORITY SECTION: . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS L.ROOT-SERVERS.NET. ;; Query time: 314 msec ;; SERVER: 71.163.161.26#53(71.163.161.26) ;; WHEN: Sat May 31 17:50:46 2008 ;; MSG SIZE rcvd: 246 [zcworld@zcworld ~]$ the DNS / NS server : 71.163.161.26 goes to the web site
have you try doing an clean rebuild of your DNS and take it offline if you can like for 30 hrs to clean out any old cache of your DNS ... and than reload ... or try another DNS server for an short time to see if its fix the problem ... also tell them to check there DNS server list they are using make they got an iffy DNS server in there list they are on .....
not sure whats wrong zcworld I see your printout but you are digging www.cdbsystem.com not www.cdbsystemS.com I think what you got was what would be expected! cdb.
ops ... was trying to do 30 things at once ... must of missed the s when i did copy n paste shows both NS servers to the same IP and the www to the IP on your DNS server and normal DNS servers ..... so its looks like its all working fine here and the sites goes to the right place
odd dns problems continue I repointed ns4 to ns5 since ns4 is currently down. ns5 is my shiny new centos 5.1 perfect server as per falko's excellent directions. problem is that when I do this from a cmd> prompt at home: E:\Documents and Settings\cdb>ping mail.weblawdog.com Ping request could not find host mail.weblawdog.com. Please check the name and t ry again. E:\Documents and Settings\cdb>ping mail.weblawdog.com Pinging admin.weblawdog.com [71.163.161.26] with 32 bytes of data: Reply from 71.163.161.26: bytes=32 time=15ms TTL=247 Reply from 71.163.161.26: bytes=32 time=129ms TTL=247 Reply from 71.163.161.26: bytes=32 time=16ms TTL=247 Reply from 71.163.161.26: bytes=32 time=17ms TTL=247 Ping statistics for 71.163.161.26: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 15ms, Maximum = 129ms, Average = 44ms these were done 1 sec apart. wtf is going on???? I dont understand how ping doesnt know the host and next ping does? cdb.
worked first time for me pinging the mail.weblawdog.com address maybe its being updated in DNS servers but i use openDNS as my default DNS server really ... not sure .... maybe its your ISP DNS servers are taking there time on doing an DNS update thats all ?
odd DNS problems continue! I'm seeing it pretty repeatedly at this point: from my windows xp laptop cmd prompt: first ping to www.snipemaster.com comes back 'could not find host www.snipemaster.com' second ping immediately aftwards replies just fine with 13ms-16ms times. all replying properly from 71.163.161.26. what on EARTH could be going on?????? cdb.
ok simples its your end copy the IP for the DNS servers of your ISP from your router and paste it into your LAN/WLAN DNS server list on your windows box apply flush DNS / repair connection and try again same problem try openDNS DNS servers as default DNS to use thats all i can think of .... hope it may some cents ....
odd DNS problem.... I'm running BIND9 on my server (has have been doing forever). however, I've looked at my wifes notebook and its behaving same way as mine - first ping (or even 2) comes back unknown host then next ping responds properly. maybe I should dump named? but why would it be causing problems?? cdb.
its not your server or its BIND change your DNS Network Connections - >Local Area Connection -> properties TCP/Ip -> properties \ Use The Following DNS server addresses 208.67.222.222 208.67.220.220 OpenDNS Server IP try them see if thats fix the problem
thanks zc but does that SOLVE anything? I'll try openDNS - but my question still remains - I cant very well tell others to switch to openDNS can I if they cant ping my sites reliably? how do I find out what the problem really IS? arent there any free sites that will stress a server and report any problems? my server has a static ip (192.168.2.50) and its behind a xincom firewall passing all port 53 requests (as well as port 80 port 110 port 25 etc) to the static ip. maybe the firewall is malfunctioning? (in which case openDNS may or maynot seem to 'fix' things when they are not fixed) anyway thanks for the suggestion. but if it works, then something is wrong with Cox's DNS, and I cant do anything about that can I? cdb.
no errors, some warnings that site tells me my SOA retry value is too high to be 'ok' but hardly would that be an issue (its 14400 and they recomment 9600). isnt there a site that will stress-test you? send 10000 requests and see if they all pass? also, I had to dump cyrus sasl - apparently the 64bit version is buggy (it kept segfaulting). switching to dovecot sasl seems to have cured the problem. since dovecot comes with it implemented why did you recommend cyrus anway? might want to change your perfect server to just use dovecots sasl. cdb.
