I seem to be having some issues with my domain controller when trying to resolve hostnames using dns. It does seem to work but it always takes a couple of attempts, even if its a hostname i have already resolved. I have been noticing it with webpages and downloads.
Here is a nslookup test i did
C:\Users\chris.townsend>nslookup abc.com
Server: dc.example.com
Address: 192.168.101.20
DNS request timed out.
timeout was 2 seconds.
*** Request to dc.example.com timed-out
C:\Users\chris.townsend>nslookup abc.com
Server: dc.example.com
Address: 192.168.101.20
Non-authoritative answer:
Name: abc.com
Address: 199.181.132.250
Some sites it works first time and some it takes a couple more. I cant seem to figure it out and its the same on all the systems in our office. Restarting and /dnsflush dont seem to make any diffence either.
Can anyone suggest anything?
just incase anyone else has this same issue : this is what we found out it was - we use a watch guard router and it seemed to be proxies causing this issue
Related
I have a strange DNS error when attempting to access the domain rrrr.com. I have called to my ISP technical support, but they said they would call back and have not.
The domain is not accessible, but all the records and servers are correct.
nslookup rrrrr.com 167.206.10.179
Server: 167.206.10.179
Address: 167.206.10.179#53
** server can't find rrrrr.com: SERVFAIL
Where 167.206.10.178 and 167.206.10.179 are my ISP DNS servers.
Using OpenDNS:
nslookup rrrrr.com
Server: 208.67.222.222
Address: 208.67.222.222#53
Non-authoritative answer:
Name: rrrrrr.com
Address: 54.88.87.161
Is there any way that I can debug this? It has been going on several days.
The question is not resolved absolutely, but the problem appears to be with the GoDaddy DNS Servers. The problem appeared to be continuously growing and their technical support denied that anything was wrong - "appears to be a localized issue with some ISPs".
So I added for now backup DNS with Namecheap.com
Also useful is this post:
http://rscott.org/dns/GoDaddy_Selective_DNS_Blackouts.htm
Note: this problem is independent of wire/wireless, iPad (with Google DNS)/Linux/Windows
I can't access several sites including stackoverlow (cdn.sstatic.net), aws.amazon.com (d36cz9buwru1tt.cloudfront.net), heroku, github etc for 3 days from Turkey with ISP Superonline.
When I try to enter aws.amazon.com, browser downloads html and some images properly but can't download some of them, those hosted on d36cz9buwru1tt.cloudfront.net or subdomains like that.
Chrome says several images from this subdomain are pending. So the web page loading never finishes.
I can't access http://d36cz9buwru1tt.cloudfront.net, it keeps loading for a while (30 sec to minutes). But when I use proxy over Amsterdam, it loads immediately.
Without proxy, I can get its IP with ping:
64 bytes from server-54-240-162-83.fra6.r.cloudfront.net (54.240.162.83): icmp_req=1 ttl=53 time=58.2 ms
While writing these, the previous URL became available after several hours and now github.com can't be accessed due to css files on its CDN: https://github.global.ssl.fastly.net/assets/github2-f227c0e7c55002ba0645fc8d3761d00bce36e248.css
$ wget https://github.global.ssl.fastly.net/assets/github2-f227c0e7c55002ba0645fc8d3761d00bce36e248.css
--2013-11-19 21:39:32-- https://github.global.ssl.fastly.net/assets/github2-f227c0e7c55002ba0645fc8d3761d00bce36e248.css
Resolving github.global.ssl.fastly.net (github.global.ssl.fastly.net)... 185.31.17.184, 185.31.17.185
Connecting to github.global.ssl.fastly.net (github.global.ssl.fastly.net)|185.31.17.184|:443... connected.
...
...
waits but no response.
What could be the cause of this problem? My ISP did not help.
UPDATE: Changing my IP has solved the problem. Seems like someone using that IP before me got banned by Cloudfront.
I also had the exact same problem, Changing the DNS solved the issue. For me Coursera wasn't opening, neither 9GAG.
Changed my default DNS server provided by my ISP to the one given by google i.e.
8.8.8.8 and 8.8.4.4
I hope this solves your issue as well.
It seems there is a lot of problems with some ISPs and DNS resolution on CloudFront. See this https://forums.aws.amazon.com/thread.jspa?messageID=263168
Have you tried to change your DNS?
I also have the exactly same problem; same situation as you.
I think we really experience exactly the same. (but for me happen just today)
I first noticed problem on cloudfront then fastly then I can connect to cloudfront but fastly.
To answer your question I have a possible speculation about the root of the problem.
However, if this speculation is true the issue can't be solved on our end.
I think it's because of LSN (or NAT444, CGN) that installed in ISP network.
(ISP don't want customers to notice this change.)
To check if this speculation is plausible please check your modem/router
if the IP address received from ISP is in this block 100.64.0.0/10
then that should explain the phenomenon.
My ISP recently deploy LSN short before this problem arise.
I think IP address pool in LSN is too small (poorly deploy by ISP) so too many users share the same IP address.
this cause CDN networks to think they got DOS attack from particular IP address.
then CDN networks will temporary block (or null route) the LSN IP address.
some note: I'm sure this is not about the DNS because fastly deploy some trick called "round robin DNS" to use with "client retry" and I tried connect more than one IP address from fastly and also check that the values (All A records received) are correct.
To workaround the issue you can setup SOCKS proxy on a VPS and write PAC script to redirect some traffic thru the proxy.
I have a primary and secondary domain controller that we use as our DNS servers. Users are getting mixed results with accessing websites. Some work fine, others are giving an error:
Network Access Message: The website cannot be found
Explanation: An IP address for the website you requested could not be found.
As a result, it was not possible to access the site.
For example, mcmaster.com will not work. If I run nslookup from the primary DC:
C:\Users\Administrator>nslookup mcmaster.com
Server: dc.mydomain.local
Address: 10.1.1.35
Non-authoritative answer:
Name: mcmaster.com
Address: 209.64.25.230
All looks well, but when I run nslookup with www. prepended to the address:
C:\Users\Administrator>nslookup www.mcmaster.com
Server: dc.mydomain.local
Address: 10.1.1.35
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to dc.mydomain.local timed-out
Running nslookup www.mcmaster.com from the DC gives a different error:
*** backupdc.mydomain.local can't find www.mcmaster.com: Server failed
I think that mcmaster.com resolves to www.mcmaster.com, which results in the user not being able to access the site. Any ideas how I can troubleshoot this?
I ran an nslookup from my system at work and got the following response:
Server: WHATEVER
Address: xxx.xxx.xxx.xxx
Non-authoritative answer:
Name: mcmaster.com
Address: 209.64.25.230
Server: whatever
Address: xxx.xxx.xxx.xxx
Non-authoritative answer:
Name: a1843.b.akamai.net
Addresses: 23.66.232.17
23.66.232.26
Aliases: www.mcmaster.com
www.mcmaster.com.edgesuite.net
My initial thought was whoever owns DNS for Mcmaster simply didn't have www as a valid response. I know I forward requests to www.whateverdomainirun.com to whateverdomainirun.com, but, seeing different DNS for the two surprised me.
When I navigate to http://mcmaster.com I get forwarded to the www. When I run a tracert on mcmaster.com it fails with Destination net unreachable. It looks to me like this company has put their site in Akamai's hands and either that's recent so your local DNS servers haven't updated and you could try flushing the cache and doing it again, or, in some way you're blocking requests to Akamai for some reason on your firewall.
Best and quick guess for you and it may be wildly wrong :).
This is not a C# question. This has to do more with our servers. Basically we've been noticing that another DNS address is resolving to our server's address, example.
Our DNS: www.bob.com
The other mysterious DNS that resolves to our IP: thing.blah8.com
This is actually a rather serious issue because some how this random DNS is being picked up by google and people are reaching our website through this address. So anyone have any ideas where this second DNS address is coming from? Anyone seen this strange behavior before? I'm guessing it might be the name of the box of our webhost.
Any hints or tips of where to look would be great. As a note, we've already checked our DNS server and there is no obvious clue as to where that address is coming from.
You can try contacting their technical domain contact (get it through a WHOIS request) and let them know their DNS is wrong. There's nothing you could forcefully do to stop them, outside of catching this hostname request with your web server and serving those visitors a different page. Some might say traffic is traffic, but I assume you don't agree. :)
It doesn't have anything to do with your servers, it's the remote sites DNS zone that is configured with your IP address. You couldn't make that happen.
It takes 9 seconds for a my domain oratorius.com to be resolved, if I use the nslookup command I have to set the timeout to 9 seconds, otherwise I get a timeout. Users have problems getting to my site. My domain host'er says:
The delay is not occurring on our end, you have CNAME records directed to
oratorius.cloudapp.net which is where the delays seem to be coming from. You
need to contact the DNS administrators for this hostname to find out what
the problem us.
Are anyone else having the same issue with Azure? How should I start troubleshooting?
Here is some proof:
C:\Windows\system32>nslookup oratorius.com
Server: ad3.example.no
Address: 10.1.1.10
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Request to ad3.example.no timed-out
C:\Windows\system32>nslookup
> set timeout=9
> oratorius.com
Server: ad3.example.no
Address: 10.1.1.10
Non-authoritative answer:
Name: oratorius.cloudapp.net
Address: 65.52.66.8
Aliases: oratorius.com
But you can't have a CNAME record for oratorius.com (CNAME records can only exist for subdomains, like www.oratorius.com), right?
You should be able to directly check the DNS resolution time on oratorius.cloudapp.net, right? When I ping www.oratorius.com or oratorius.cloudapp.net, both seem to resolve at about the same speed.
(I can't get nslookup to look anything up...)
See http://dnsazure.com, this is a paid service for naked domains on Windows Azure.