Help with a DNS anomaly ?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Help with a DNS anomaly ?
Help with a DNS anomaly ?
02-10-2010 2:49 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
However today I discovered an oddity that I would like to understand, and resolve, so I can ensure future reliability of my network.
My network has various Windows PC's, and some Ubuntu desktops, they are ALL configured to use the same said DNS server, and I have never (in two years) had any problems with any other website,
but if I try to browse http://www.kegs.org.uk/, then the Ubuntu PC's ALWAYS work fine and display the webpage, but all the Windows PC's report "DNS error occurred. Server cannot be found"
If I change a Windows PC's DNS settings to say the Google DNS (8.8.4.4), or other conventional DNS, then the problematic site works fine.
If I reboot my DNS server then occasionally the Windows PC's will work OK for a while, but then get stuck in a failed state.
If I run "> ipconfig /flushdns" in a DOS command window, then sometimes that recovers the problem for a while.
If I do an NSLOOKUP on an Ubuntu PC it says -
Quote > nslookup www.kegs.org.uk
Server: 192.168.?.?
Address: 192.168.?.?#53
Non-authoritative answer:
www.kegs.org.uk ; canonical name = kegshost.org.uk.
kegshost.org.uk canonical name = henry.kegs.essex.sch.uk.
Name: henry.kegs.essex.sch.uk
Address: 94.101.160.194
Whereas an NSLOOKUP on Windows says -
Quote > nslookup www.kegs.org.uk
Server: henry.kegs.essex.sch.uk
Address: 94.101.160.194
Aliases: www.kegs.org.uk, kegshost.org.uk
*** www.kegs.org.uk can't find nslookup: No response from server
So even in the failed state, Windows can retrieve the correct IP address from the DNS server.
I have also tried both Firefox and Internet Explorer browsers.
So far all four Windows PC's fail, and three Ubuntu PC's work !
And as I said earlier, it is only the website http://www.kegs.org.uk that shows this problem, any other site continues to work without any problems.
Any ideas ?
Re: Help with a DNS anomaly ?
02-10-2010 8:12 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
$ host www.kegs.org.uk 212.159.6.9
Using domain server:
Name: 212.159.6.9
Address: 212.159.6.9#53
Aliases:
Host www.kegs.org.uk not found: 3(NXDOMAIN)
$ host www.kegs.org.uk 8.8.4.4
Using domain server:
Name: 8.8.4.4
Address: 8.8.4.4#53
Aliases:
www.kegs.org.uk is an alias for kegshost.org.uk.
kegshost.org.uk is an alias for henry.kegs.essex.sch.uk.
henry.kegs.essex.sch.uk has address 94.101.160.194
Re: Help with a DNS anomaly ?
02-10-2010 10:38 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Help with a DNS anomaly ?
02-10-2010 10:57 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Well to me that looks like your windows PC was using 94.101.160.194 (aka henry.kegs.essex.sch.uk) as its DNS, whereas the linux machines were using a DNS on your local network.
Quote from: purleigh Whereas an NSLOOKUP on Windows says -
Quote > nslookup www.kegs.org.uk
Server: henry.kegs.essex.sch.uk
Address: 94.101.160.194
Aliases: www.kegs.org.uk, kegshost.org.uk
*** www.kegs.org.uk can't find nslookup: No response from server
Re: Help with a DNS anomaly ?
02-10-2010 11:35 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
In the short periods when Windows does resolve this correctly it does this instead -
Quote > nslookup www.kegs.org.uk
Server: "the_name_of_my_DNS_server"
Address: 192.168.?.? (the IP of my DNS server)
Non-authoritative answer:
Name: henry.kegs.essex.sch.uk
Address: 94.101.160.194
Aliases: www.kegs.org.uk, ; kegshost.org.uk
It does look like, in either working or failed mode, Windows can get the IP address correctly from my DNS server.
BUT in the failed state, it looks like Windows is trying to do another DNS lookup using the address that the local DNS server has already provided ! ? !
I have also just removed all references to the PlusNet DNS servers from my own DNS servers 'resolv.conf' file, and Windows lookups now appear to be fine (in the short time that I have tried !).
So -
1) The Plusnet DNS not resolving seems to trigger the problem.
2) Can't yet explain why it is that if I start my DNS first (with Plusnet IPs), then boot Windows (in failed state), then start an Ubuntu PC, that Ubuntu works but Windows doesn't.
3) Windows might be trying to do a recursive lookup ?
Re: Help with a DNS anomaly ?
02-10-2010 11:42 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Help with a DNS anomaly ?
02-10-2010 12:28 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
but that does not explain the difference between Windows and Ubuntu lookups, when both are getting the correct target IP address from my local DNS server !
Re: Help with a DNS anomaly ?
02-10-2010 12:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Given the open nature of Linux it wouldn't surprise me that someone 'fixed' the DNS lookup on Linux so that it worked with lame DNS.
Re: Help with a DNS anomaly ?
02-10-2010 2:50 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Although the plusnet DNS server returns NXDOMAIN for www.kegs.org.uk, it also returns the first alias kegshost.org.uk (try the "dig" command), if you query that you get NXDOMAIN again and the second alias henry.kegs.essex.sch.uk, and if you look that up you get the IP address. I guess something on Ubuntu is doing that automatically for you.
Re: Help with a DNS anomaly ?
02-10-2010 3:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote --all-servers
By default, when dnsmasq has more than one upstream server available, it will send queries to just one server. Setting this flag forces dnsmasq to send all queries to all avail‐
able servers. The reply from the server which answers first will be returned to the original requestor.
Which might explain the apparent randomness I am seeing, as the fastest responding DNS might change over time !
I also use the "--no-negcache" setting, so 'dnsmasq' does only caches good results, but it does not seem to have helped in this instance.
Quote --no-negcache
Disable negative caching. Negative caching allows dnsmasq to remember "no such domain" answers from upstream nameservers and answer identical queries without forwarding them
again.
What I need is to find a 'dnsmasq' setting that ignores the fastest responding DNS replies when like in this instance the PlusNet DNS returns NXDOMAIN, and therefore check the other subsequent DNS replies for a positive result (such as those from Google and OpenDNS) - and only after all responses have failed then give up.
Re: Help with a DNS anomaly ?
03-10-2010 12:03 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: purleigh What I need is to find a 'dnsmasq' setting that ignores the fastest responding DNS replies [...]
No, the DNS for kegs.org.uk needs fixing. When only one zone causes problems that zone needs fixing, not everyone else's resolvers (incl. yours).
Incidentally, don't use nslookup for troubleshooting - it's use has been depracated as it can give some very misleading results, particularly given that it often mistinterprets what it finds (i.e. it doesn't give you the true response). Try 'dig' instead.
Mathew
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page