DNS & network news

Monthly Archive: March 2016

How does DNS fool geoblocking?

I thought I knew how DNS works; my computer sends a request to resolve a URL to my DNS server, which bubbles up the chain of DNS servers until it gets an answer. Then my computer uses the returned ip address to go straight to the server I was looking for. So how does that server (aka Netflix) seem to know which DNS server I used to resolve their address, and thus which country I’m supposedly in? Does my resolved request include that info? Or does my proxy DNS resolve to a different ip address than my local DNS would? Or is it something else?

submitted by /u/woodycanuck
[link] [comments]

Powered by WPeMatico

Quick question: will changing only the MX records on Host B allow for email to flow normal from Host A?

I believe I’m overthinking this situation so I thought reddit might be able to help.

I have a client who is switching from Host A to Host B.

Host A has given me the proper MX records to access their mail exchanger, and I have input them into Host B’s DNS, so the only thing that will be pointing to Host A is the email, everything else will be on Host B.

Will this config keep the client’s email up when changing the nameservers over to Host B?

Note: I am using cPanel/WHM on Host B’s side, and Host A is using Microsoft stuff that I dont have access to.

Thank you in advance.

submitted by /u/ChapDaddy65
[link] [comments]

Powered by WPeMatico

SERVFAIL Error Only From Specific User

I currently have a managed VPS from GoDaddy that has plagued me with DNS issues for quite some time. I thought that I had everything squared away but just received an email from a client stating that a specific user cannot email them. They are using Google Hosted Mail with their website on GoDaddy with my nameservers.

The specific message is:

Technical details of temporary failure: DNS Error: 74304959 DNS type 'mx' lookup of htmicro.com responded with code SERVFAIL 

Not sure where to begin troubleshooting to fix. The main domain for the server is jadedot.net.

submitted by /u/plumwd
[link] [comments]

Powered by WPeMatico

DNS being hijacked, what's going on here

Background in case it makes any difference – I use a company that offers a secondary DNS service where I look after the zone files for various domains and they perform a scheduled zone transfer to pick up any changes and then propagate the zone to DNS.

The actual secondary DNS service is not the problem here, what alerted me was one of my customers complaining that they couldn’t connect to the VPN and website from remote locations occasionally. If they tried again in say half an hour, it would often work.

I got them to ping the VPN server and web server DNS names when they were experiencing problems and found that they were incorrect. Examining DNS at http://dnscheck.pingdom.com/ gave some scary results:

Begin testing zone mydomain.com with version 1.3.0.

Delegation

Begin testing delegation for mydomain.com.

Name servers listed at parent: ns0.isp.com,ns1.isp.com,ns2.isp.com

Name servers listed at child: ns7.rookdns.com,ns8.rookdns.com

Superfluous name server listed at parent: ns0.isp.com

Superfluous name server listed at parent: ns1.isp.com

Superfluous name server listed at parent: ns2.isp.com

Total parent/child glue mismatch.

Additional name server listed at child: ns7.rookdns.com

Additional name server listed at child: ns8.rookdns.com

No IPv6 name servers found.

Nameserver

Done testing delegation for mydomain.com.

Begin testing name server ns7.rookdns.com.

Begin testing host ns7.rookdns.com.

Begin testing address 141.8.224.93.

Could not find reverse address for 141.8.224.93 (93.224.8.141.in-addr.arpa.).

Done testing address 141.8.224.93.

Done testing host ns7.rookdns.com.

Name server ns7.rookdns.com (141.8.224.93) answers queries over UDP.

DNS lookup error (unknown error or no error).

Name server ns7.rookdns.com (141.8.224.93) does not answer queries over TCP.

Name server ns7.rookdns.com (141.8.224.93) is not recursive.

Name server ns7.rookdns.com (141.8.224.93) authoritative for mydomain.com.

Name server ns7.rookdns.com (141.8.224.93) not checked for zone transfer of mydomain.com.

Name server ns7.rookdns.com (141.8.224.93) not checked for legacy name server ID.

Done testing name server ns7.rookdns.com.

Begin testing name server ns8.rookdns.com.

Begin testing host ns8.rookdns.com.

Begin testing address 141.8.224.150.

Could not find reverse address for 141.8.224.150 (150.224.8.141.in-addr.arpa.).

Done testing address 141.8.224.150.

Done testing host ns8.rookdns.com.

Name server ns8.rookdns.com (141.8.224.150) answers queries over UDP.

DNS lookup error (unknown error or no error).

Name server ns8.rookdns.com (141.8.224.150) does not answer queries over TCP.

Name server ns8.rookdns.com (141.8.224.150) is not recursive.

Name server ns8.rookdns.com (141.8.224.150) authoritative for mydomain.com.

Name server ns8.rookdns.com (141.8.224.150) not checked for zone transfer of mydomain.com.

Name server ns8.rookdns.com (141.8.224.150) not checked for legacy name server ID.

Done testing name server ns8.rookdns.com.

Consistency

Begin testing zone consistency for mydomain.com.

SOA at address 141.8.224.93 has serial 2011101001.

SOA at address x.x.x.x has serial 2010011139.

SOA at address 141.8.224.150 has serial 2011101001.

SOA at address x.x.x.y has serial 2010011139.

2 different serials found.

2 different SOA records found.

Done testing zone consistency for mydomain.com.

SOA

Begin testing SOA parameters for mydomain.com.

Found SOA record for mydomain.com.

Begin testing host ns7.rookdns.com.

Begin testing address 141.8.224.93.

Could not find reverse address for 141.8.224.93 (93.224.8.141.in-addr.arpa.).

Done testing address 141.8.224.93.

Done testing host ns7.rookdns.com.

SOA MNAME for mydomain.com valid (ns7.rookdns.com).

SOA MNAME for mydomain.com (ns7.rookdns.com) listed as NS.

SOA MNAME for mydomain.com (ns7.rookdns.com) is authoritative.

Begin testing email address rmgdns111@gmail.com.

Mail exchangers for rmgdns111@gmail.com found gmail-smtp-in.l.google.com,alt1.gmail-smtp-in.l.google.com,alt2.gmail-smtp- in.l.google.com,alt3.gmail-smtp-in.l.google.com,alt4.gmail-smtp-in.l.google.com.

Begin testing host gmail-smtp-in.l.google.com.

Begin testing address 173.194.202.27.

Done testing address 173.194.202.27.

Begin testing address 2607:f8b0:400e:c00:0:0:0:1b.

Done testing address 2607:f8b0:400e:c00:0:0:0:1b.

Done testing host gmail-smtp-in.l.google.com.

Begin testing mail server gmail-smtp-in.l.google.com (173.194.202.27) with rmgdns111@gmail.com.

SMTP banner: mx.google.com ESMTP u25si3875261pfa.228 – gsmtp

SMTP testing of gmail-smtp-in.l.google.com (173.194.202.27) with rmgdns111@gmail.com succeeded without errors.

Done testing mail server gmail-smtp-in.l.google.com (173.194.202.27) with rmgdns111@gmail.com.

Begin testing host alt1.gmail-smtp-in.l.google.com.

Begin testing address 74.125.142.26.

Done testing address 74.125.142.26.

Begin testing address 2607:f8b0:4001:c03:0:0:0:1a.

Done testing address 2607:f8b0:4001:c03:0:0:0:1a.

Done testing host alt1.gmail-smtp-in.l.google.com.

Begin testing host alt2.gmail-smtp-in.l.google.com.

Begin testing address 64.233.185.26.

Done testing address 64.233.185.26.

Begin testing address 2607:f8b0:4002:c09:0:0:0:1a.

Done testing address 2607:f8b0:4002:c09:0:0:0:1a.

Done testing host alt2.gmail-smtp-in.l.google.com.

Begin testing host alt3.gmail-smtp-in.l.google.com.

Begin testing address 173.194.207.27.

Done testing address 173.194.207.27.

Begin testing address 2607:f8b0:400d:c09:0:0:0:1a.

Done testing address 2607:f8b0:400d:c09:0:0:0:1a.

Done testing host alt3.gmail-smtp-in.l.google.com.

Begin testing host alt4.gmail-smtp-in.l.google.com.

Begin testing address 74.125.141.27.

Done testing address 74.125.141.27.

Begin testing address 2607:f8b0:400c:c06:0:0:0:1a.

Done testing address 2607:f8b0:400c:c06:0:0:0:1a.

Done testing host alt4.gmail-smtp-in.l.google.com.

Delivery over IPv4 to rmgdns111@gmail.com ok.

Delivery over IPv6 to rmgdns111@gmail.com could not be done.

Done testing email address rmgdns111@gmail.com.

Successful attempt to deliver email for SOA RNAME of mydomain.com (rmgdns111.gmail.com) using rmgdns111@gmail.com.

SOA TTL for mydomain.com too small (300) – recommended >= 3600.

SOA refresh for mydomain.com too small (3600) – recommended >= 14400.

SOA retry for mydomain.com too small (900) – recommended >= 3600.

SOA expire for mydomain.com OK (604800) – recommended >= 604800.

SOA minimum for mydomain.com OK (86400) – recommended between 300 and 86400.

Done testing SOA parameters for mydomain.com.

Connectivity

Begin testing connectivity for mydomain.com.

Name server 141.8.224.93 announced by: 40034

Name server 141.8.224.150 announced by: 40034

Zone announced by ASN: 40034

Zone announced by only one ASN (1).

Zone announced by IPv6 ASN:

Zone announced by only one IPv6 ASN (0).

Done testing connectivity for mydomain.com.

DNSSEC

Begin testing DNSSEC for mydomain.com.

Did not find DS record for mydomain.com at parent.

DNS lookup error (unknown error or no error).

DNS lookup error (unknown error or no error).

Servers for mydomain.com have consistent extra processing status.

Did not find DNSKEY record for mydomain.com at child.

No DNSKEY(s) found at child, other tests skipped.

Done testing DNSSEC for mydomain.com.

Test completed for zone mydomain.com.

The references to ns7.rookdns.com,ns8.rookdns.com are completely incorrect. Can someone explain what is happening here and how it can be resolved? TIA

Edit: formatting

submitted by /u/czuk
[link] [comments]

Powered by WPeMatico

Looking for scalling DNS solution… cloud or not

Hello all,

first time posting in dns so if i’m clearly in the wrong section for this type of question don’t hesitate to tell me.

Sysadmin here within a intermidiate sized web infrastructure with CDN on top (AK to not name it).

Since a big part of our DNS request are handled first by our CDN we only have two external servers handling (linux+bind) the rest of the external dns requests for about 50 other domains… nothing big.

We also have a bunch of infoblox boxes to handle everything inside.

We are looking for secure and scalable solution that would be capable of handling:

  • A +500% increase as far as trafic dns requests
  • A +200% increase as far as attacks against the servers
  • Easy management solution (Console/API’s/CLI)
  • A HA multi site solution

Now we could buy a few more infoblox and call it a day but management is trying to push cloud based solution namly route53 from Amazon.

Anybody running a route53 with 50-100 domains on it and could just quickly say if they are satisfied with the solution? Performance and management wise? Either way we are investing alot in AWS as far as team and automation so that would just be another brick to add to the foundation.

Any other solutions that i could investigate and pitched to management?

Thanks for the help!

Eric

submitted by /u/BertCarr
[link] [comments]

Powered by WPeMatico