Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: Reaper82 on September 26, 2006, 05:08:56 PM
-
Hi,
I've been having intermittent issues with a large range of random sites and have narrowed the issue down to DNS caching. I completely rebuilt the server but the issue wasn't solved, this is how I managed to stumble across it in the logs.
What I want to know is, what are the DNS servers that SME 7.0 uses? Are they the ones obtained from my ISP on login or are they different? Is this the issue and if so how can I change the default DNS? I have part of the log, and can provide the whole log if needed. What I noticed was the sites would work, then fail minutes later, and work again after numerous tries. I only posted this because I have a site I cannot access at home but I can SSH/RDP into work and it works there (also running 7.0).
What I'm interested in is whether my ISP is responsible, or if I'm able to do anything to resolve this. As you can probably understand it has been a frustrating week.
Here is part of the log output (it's dated last week but has been on and off for about 10 days). I can make any logs available on request.
http://www.users.on.net/~reaper82/dnscache.log
-
I had the same problem, only it was mail which alerted me to the problem.
My Scenario; my sme server "SME2", in server-only mode, qmail queueing outgoing mail due to problems finding the mx servers for the recipients of mail.
Confirmation;
dig @sme2 gmail.com mx
"DNS request timed out"
tail /var/log/dnscache.forwarder/current
"servfail gmail.com. input/output error"
tail /var/log/qmail/current
"delivery 342: deferral: CNAME_lookup_failed_temporarily._(#4.4.3)/"
Solution; Go through the Server Console and "Configure this Server" - i had 10.1.1.1 as an additional DNS server (my ADSL router) so i took this out.
Hope this helps someone
:)
-
Not the same problem but thanks for replying.
SME is in Server and Gateway mode.
The issue is intermittent, as the sites work one minute and won't resolv the next. I want to find out where the issue lies, which I believe is with the ISP but I can't say with a certainty.
I don't have any additional DSN servers set, I have checked it all (and have installed the server fresh) and found nothing out of the ordinary except for this.
I would appreciate any help, even if it is just to point me in the right direction as to who is responsible.
Thanks,
Reaper
-
server lag, double post. Sorry.
-
Reaper82
> what are the DNS servers that SME 7.0 uses?
sme server uses its own DNS server/resolver and you are strongly advised to use the default setup which should use the sme as DNS server by default. This does lookup external root DNS servers and performs as good as your ISP's DNS servers.
You should configure all your workstations to use the sme as DNS server, if network cards are automatically configured by your workstations then this should happen automatically. If not you need to configure manually.
On your workstation check with
ipconfig /all
Ethernet adapter Local Area Connection:
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.2.xx
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 192.168.2.1
Primary WINS Server . . . . . . . : 192.168.2.1
The DNS server IP is usually the same as your sme server local IP.
Check server manager Review Configuration for your DNS server IP
All the above assumes you have not configured a different external DNS server during sme setup ie in the admin console Configure this server screens.
see
http://forums.contribs.org/index.php?topic=32243.0
-
Reaper82
Check these:
/etc/init.d/tinydns status
/service/tinydns: run (pid 2576) 71738 seconds, normally down
/etc/init.d/dnscache status
/service/dnscache: run (pid 2418) 71764 seconds, normally down
rpm -q e-smith-tinydns
e-smith-tinydns-1.0.0-02
rpm -q e-smith-dnscache
e-smith-dnscache-1.0.0-03
rpm -q djbdns
djbdns-1.05-02
config show tinydns
tinydns=service
UDPPorts=53
access=localhost
status=enabled
config show dnscache
dnscache=service
TCPPort=53
UDPPort=53
access=private
status=enabled
-
/service/tinydns: run (pid 2815) 20526 seconds, normally down
/service/dnscache: run (pid 3733) 20360 seconds, normally down
e-smith-tinydns-1.0.0-02
e-smith-dnscache-1.0.0-03
djbdns-1.05-02
tinydns=service
UDPPorts=53
access=localhost
status=enabled
dnscache=service
Forwarder=
Forwarder2=
TCPPort=53
UDPPort=53
access=private
status=enabled
Don't know why mine has blank forwarders in there. I haven't changed anything from the defaults, and it is a fresh install (well was 2 weeks ago). It is only occasionally, which can mean it works for days then just stops resolving that site. If my work connection (Same SME version) is using the same DNS as my connection then I can't understand why some sites would work from there and not here (they are on different ISPs). I have a site that hasn't worked for a couple of weeks, but was working before that just fine. Coincidentally I can no longer access my work connection from here, while I was able to last week and the week before that. I use SSH between the two for RDP.
I have static IP set on my lan, but gateway and DNS are set to the server IP.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon Gigabit Ethernet 10/100/1000Base-T Adapter, Copper RJ-45
Physical Address. . . . . . . . . : <removed>
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Primary WINS Server . . . . . . . : 192.168.0.1
-
Reaper82
Have you checked all your cables and connections etc, eg LAN, WAN, phone line etc. Even swap cables around to see if the problem "moves".
> dnscache=service
> Forwarder=
> Forwarder2=
> Don't know why mine has blank forwarders in there.
That's the Corporate DNS server settings, blank is OK.
The other settings look OK.
> If my work connection is using the same DNS as my connection then I > can't understand why some sites would work from there and not here
> (they are on different ISPs).
What do you mean by "using the same DNS". How is it that your work and home are using the same DNS if you didn't set anything related to that ?
-
Have you checked all your cables and connections etc, eg LAN, WAN, phone line etc. Even swap cables around to see if the problem "moves".
I've replaced the server (whole PC), both cables and even changed both nics (with same result so changed them back, the test ones were 1/10mbit). I have used 2 different modems, both bridged (Netgear DG632 and Bipac 711CE). I've tried replacing everything, except the HDD that SME is installed on (it is a 30gb Maxtor and all HDD tests come up clean)
What do you mean by "using the same DNS". How is it that your work and home are using the same DNS if you didn't set anything related to that ?
Well I figured they would be using identical named.root lists and resolving from the same root servers though I may have misunderstood what you said earlier.
-
Reaper82
>..they would be using identical named.root lists and resolving from the same root servers
OK you mean "same DNS" generically speaking.
All I could suggest now is to check your workstations to see if the browsers are configured to use your server proxy port, usually auto detect is OK, as long as there are no other bypass settings in there.
Also Refresh the browser cache
in IE Ctrl F5
in Firefox Ctrl R (I think)
as you may still be reading old (bad) pages that are in the browsers cached memory.
You might also look at flushing the squid cache in your sme server.
Again you could just be reading old (bad) pages that are in the servers cache
Search for the commands to use or install this contrib
http://www.vanhees.cc/index.php?name=CmodsDownload&file=index&req=viewsdownload&sid=62
Failing that, someone else will need to suggest what to do, or you could contact your ISP to see if they have any answers.
-
It isn't a matter of viewing old pages, as that wouldn't get I/O serverfail messages with dnscache. I get the same for jbhifi.com.au and www.jbhifi.com.au, as well as my work http://computer-rescue.com.au/ which was working up until last week.
While trying to retrieve the URL: http://jbhifi.com.au/
The following error was encountered:
Unable to determine IP address from host name for jbhifi.com.au
The dnsserver returned:
No DNS records
This means that:
The cache was not able to resolve the hostname presented in the URL.
Check if the address is correct.
Your cache administrator is admin@reaper.homelinux.org.
Generated Thu, 05 Oct 2006 07:20:14 GMT by server.reaper.homelinux.org (squid/2.5.STABLE6)
I've installed that squid manager, I had an older version so it updated nicely. But the problem remains *sigh*
Thanks for your help, I guess I'll have to talk to my ISPs engineers to see whether there is a problem. Some others have noticed DNS issues with the ISP (a small number) but SME isn't supposed to be using my ISPs DNS if it is using the servers in the root list.
-
Reaper82
I tried htp://jbhifi.com.au
and get
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: http://jbhifi.com.au/
The following error was encountered:
Unable to determine IP address from host name for jbhifi.com.au
The dnsserver returned:
No DNS records
This means that:
The cache was not able to resolve the hostname presented in the URL.
Check if the address is correct.
I tried www.jbhifi.com.au
and get
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: http://www.jbhifi.com.au/
The following error was encountered:
Unable to determine IP address from host name for www.jbhifi.com.au
The dnsserver returned:
Server Failure: The name server was unable to process this query.
This means that:
The cache was not able to resolve the hostname presented in the URL.
Check if the address is correct.
I tried http://computer-rescue.com.au
and get
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: http://computer-rescue.com.au/
The following error was encountered:
Unable to determine IP address from host name for computer-rescue.com.au
The dnsserver returned:
Server Failure: The name server was unable to process this query.
This means that:
The cache was not able to resolve the hostname presented in the URL.
Check if the address is correct.
I think your problem is external & is with the DNS records for those sites and/or the DNS host servers & nameservers.
see
http://www.dnsreport.com/tools/dnsreport.ch?domain=jbhifi.com.au
http://www.dnsreport.com/tools/dnsreport.ch?domain=www.jbhifi.com.au
http://www.dnsreport.com/tools/dnsreport.ch?domain=computer-rescue.com.au
-
Well I just checked our Custom DNS account (for our work domain) with dyndns.org and it seems to have lapsed (30th September) so I'll renew that tomorrow. The zone is listed inactive as a result, so that would explain that one. It is still accessible via IP address.
I have used SSH and RDP to my work PC which is using the same version of SME and no additional contribs and have no trouble opening www.jbhifi.com.au .
I don't understand the inconsistencies. If the site was down I could understand and let it go, but it is driving me mad lol. I guess I'll just have to accept that something is borked and I don't know where to start.
Thanks for your time, I hope it wasn't wasted.
-
Reaper82
> I don't understand the inconsistencies.
Forgive me for possibly being rude here, but are you deliberately trying to be stupid.
There are clearly problems with the DNS configuration for those sites, that's why access is inconsistent.
eg
ERROR: I couldn't find any A records for www.jbhifi.com.au. If you want a website at www.jbhifi.com.au, you will need an A record for www.jbhifi.com.au. If you do not want a website at www.jbhifi.com.au, you can ignore this error.
Read all the links to DNS Reports I posted.
> Thanks for your time, I hope it wasn't wasted.
It's starting to be wasted now if you don't take notice of what those reports are saying.
> I guess I'll just have to accept that something is borked and I don't know where to start.
If you can't see what the problem is when I poke it right under your nose, then you are stupid. Get the DNS for those sites correctly configured.
-
Forgive me for possibly being rude here, but are you deliberately trying to be stupid.
There are clearly problems with the DNS configuration for those sites, that's why access is inconsistent.
I did read the links and that is what drew me to check my work domains configuration, which requires action.
I am still learning these things, and after doing some of my own research on the web I now have a better understanding of how it works. DNS issues are not something I come across often, so it has escaped me until now. There is no need to be rude just because I'm not at the same technical level you are, I'm sure you wouldn't appreciate it.
If you can't see what the problem is when I poke it right under your nose, then you are stupid. Get the DNS for those sites correctly configured.
I'll have my work domain back online tomorrow when I can get into the office.
-
Reaper82
> I did read the links and that is what drew me to check my work
> domains configuration, which requires action.
What about jbhifi.com.au and www.jbhifi.com.au, are they sites you own & host elsewhere or host on your sme server ?
-
I have nothing to do with that site. The only one I host is the computer-rescue.com.au
jbhifi.com.au along with google, whirlpool.net.au and numerous others were a few in a long list of sites I couldn't access starting around 2 weeks ago and lasted about 10 days.
If you check the original log I posted the issue was different then but the symptoms were the same. Google, whirlpool and most of these other sites have been working fine for the last 4-5 days (and would work 1 minute and not the next). This is what I believed was happening now but I was proven wrong. I have never found a reason for the original problem, but it has mostly resolved itself from what I can see.
I've put up the full log from the 19th of September (in the middle of the original problem) which shows the sites working then failing minutes later.
http://www.users.on.net/~reaper82/dnscache%20current
The solution you brought up was for a different and unrelated issue (which thanks to your help I can fix for my site but can't do much for the other).
-
Reaper82
OK it's coincidence then that DNS records for jbhifi sites are broken.
> The solution you brought up was for a different and unrelated issue
> (which I can fix for my site but can't do much for the other).
You could contact jbhifi and let them know, if you really want to get to their web site.
-
I had thought about that but it is low priority. I can just as easily access it from work via RDP/SSH (or even use works proxy if I can be bothered setting up a tunnel).
It was just that I mistakenly thought the issues were related and used it as an example though in hindsight it was an incorrect assumption on my part.
-
Similar to what is discussed here, I have a problem accessing sun.com where the DNS times out and does not return an IP address. So far this is the only site where I noticed this problem. Everything else seems to resolve OK.
@40000000452c47ee38acd3c4 servfail www.sun.com. input/output error
@40000000452c47ee38acef1c sent 40 29
@40000000452c47ef37998b1c servfail www.sun.com. input/output error
@40000000452c47ef3799a674 sent 41 29
@40000000452c47f038cab434 servfail www.sun.com. input/output error
@40000000452c47f038cad374 sent 42 29
@40000000452c47f238c96ffc servfail www.sun.com. input/output error
@40000000452c47f238c99324 sent 43 29
@40000000452c47f638d6e934 servfail www.sun.com. input/output error
@40000000452c47f638d70874 sent 44 29
However when I use http://www.the-cloak.com/anonymous-surfing-home.html and type in www.sun.com it brings up the page, so the site is up and running but from my server the DNS does not resolve anything.
I am not sure this is an SME7 problem, but in looking for the issue I did notice that /etc/dnsroots.global seems to be out of date with the current root servers when compared to:
dnsip `dnsqr ns . | awk '/answer:/ { print $5; }' |sort`
However, updating /etc/dnsroots.global with that updated list (and restarting the service) does not fix the problem. Neither is it fixed when I replace the contents of /var/service/dnscache/root/servers/@ with the list of root servers.
Anybody any ideas?
(Alternatively does anybody know where I can download the Java SDK for my SME server?)
-
(Alternatively does anybody know where I can download the Java SDK for my SME server?)
Java Thread. (http://forums.contribs.org/index.php?topic=34053.msg146286#msg146286)
-
thf
> www.sun.com
Works fine for me using updated sme7
There are some minor irregularities see
http://www.dnsreport.com/tools/dnsreport.ch?domain=www.sun.com
Have you pointed your server at a different DNS server or is your sme the DNS server ? See Review Configuration panel in server manager.
-
RayMitchell,
No, this is a box standard SME7 server will all the available updates. No external DNS or things like that. The server is the DNS server for the local network. PC's are all auto configured with DHCP.
As far as I know it is only sun.com that does not respond
and it is the same from web browsers or the server command line:
-bash-3.00$ dnsip ns1.sun.com
192.18.128.11
-bash-3.00$ dnsip sun.com
dnsip: fatal: unable to find IP address for sun.com: timed out
Regards, Marco
-
thf
I get
dnsip ns1.sun.com
192.18.128.11
dnsip ns.sun.com
192.9.9.3
dnsip sun.com
72.5.124.61
dnsip www.sun.com
72.5.124.61
-
RayMitchell,
That is interesting as I get a timeout on ns.sun.com as well as sun.com.a dn www.sun.com.
-bash-3.00$ dnsip ns.sun.com
dnsip: fatal: unable to find IP address for ns.sun.com: timed out
Marco
-
Just an interesting twist in this saga. In the server manager "Domains" section, I just modified the Corporate DNS settings to use my ISP DNS servers and voila the www.sun.com site appears!
Not sure what to think of this now. Could this be a SME7 DNS bug?
Marco
-
I've put up the full log from the 19th of September (in the middle of the original problem) which shows the sites working then failing minutes later.
http://www.users.on.net/~reaper82/dnscache%20current
You'd need to look at the dnscache.forwarder logs to get any idea of what is going wrong.
-
Could this be a SME7 DNS bug?
Sure, anything which doesn't work correctly could be an SME bug.
-
I looked at the dnscache.forwarded log but I am not sure what I am looking at. Here is a snippet from what I believe are transactions just prior to the Corporate DNS reconfiguration followed by mathing errors a while later.
@40000000452d7d200ed4edac query 2515 7f000002:1552:6a74 1 java.sun.com.
@40000000452d7d200ed510d4 cached ns sun.com. ns1.sun.com.
@40000000452d7d200ed51c8c cached ns sun.com. ns2.sun.com.
@40000000452d7d200ed52844 cached ns sun.com. ns7.sun.com.
@40000000452d7d200ed533fc cached ns sun.com. ns8.sun.com.
@40000000452d7d200ed5439c cached 1 ns1.sun.com.
@40000000452d7d200ed54b6c cached 1 ns2.sun.com.
@40000000452d7d200ed55724 cached 1 ns7.sun.com.
@40000000452d7d200ed562dc cached 1 ns8.sun.com.
@40000000452d7d200ed5cc54 tx 0 1 java.sun.com. sun.com. c0122b0c c0126305 c012800b c0122a0c
@40000000452d7d23100357a4 query 2516 7f000002:aaae:b12f 1 java.sun.com.
@40000000452d7d23100376e4 cached ns sun.com. ns1.sun.com.
@40000000452d7d231003829c cached ns sun.com. ns2.sun.com.
@40000000452d7d2310038e54 cached ns sun.com. ns7.sun.com.
@40000000452d7d2310039df4 cached ns sun.com. ns8.sun.com.
@40000000452d7d231003a9ac cached 1 ns1.sun.com.
@40000000452d7d231003b564 cached 1 ns2.sun.com.
@40000000452d7d231003bd34 cached 1 ns7.sun.com.
@40000000452d7d231003c8ec cached 1 ns8.sun.com.
@40000000452d7d2310043264 tx 0 1 java.sun.com. sun.com. c0126305 c0122a0c c0122b0c c012800b
@40000000452d7d240ee30af4 query 2517 7f000002:47bd:9cbb 1 java.sun.com.
@40000000452d7d240ee3840c cached ns sun.com. ns1.sun.com.
@40000000452d7d240ee38fc4 cached ns sun.com. ns2.sun.com.
@40000000452d7d240ee39f64 cached ns sun.com. ns7.sun.com.
@40000000452d7d240ee3ab1c cached ns sun.com. ns8.sun.com.
@40000000452d7d240ee3b6d4 cached 1 ns1.sun.com.
@40000000452d7d240ee3c28c cached 1 ns2.sun.com.
@40000000452d7d240ee3ce44 cached 1 ns7.sun.com.
@40000000452d7d240ee3d614 cached 1 ns8.sun.com.
@40000000452d7d240ee3e1cc tx 0 1 java.sun.com. sun.com. c0122b0c c0122a0c c0126305 c012800b
Many other entries removed, but I think the the above and below are the matching transaction numbers.
@40000000452d7e102211d31c sent 2515 30
@40000000452d7e13234fd544 servfail java.sun.com. input/output error
@40000000452d7e13234ff484 sent 2516 30
@40000000452d7e14221f5fdc servfail java.sun.com. input/output error
@40000000452d7e14221f7f1c sent 2517 30
The above errors are the last failures just before what I suspect is the point where I reconfigured the Corporate DNS and I assume the cache was restarted.
@40000000452d7e153a5e19bc starting
And right after this the query to java.sun.com where it is going right.
@40000000452d7e2c1588795c query 1 7f000002:906c:1752 1 java.sun.com.
@40000000452d7e2c15889c84 tx 0 1 java.sun.com. . c0e7cb84 c0e7cb03
@40000000452d7e2c166cda34 rr c0e7cb84 18142 1 ns1.sun.com. c012800b
@40000000452d7e2c166cf58c rr c0e7cb84 18142 1 ns2.sun.com. c0126305
@40000000452d7e2c166d0144 rr c0e7cb84 18142 1 ns7.sun.com. c0122a0c
@40000000452d7e2c166d10e4 rr c0e7cb84 18142 1 ns8.sun.com. c0122b0c
@40000000452d7e2c166d1c9c rr c0e7cb84 692 1 java.sun.com. 48057c37
@40000000452d7e2c166d2c3c rr c0e7cb84 18041 ns sun.com. ns2.sun.com.
@40000000452d7e2c166d37f4 rr c0e7cb84 18041 ns sun.com. ns7.sun.com.
@40000000452d7e2c166d4794 rr c0e7cb84 18041 ns sun.com. ns8.sun.com.
@40000000452d7e2c166de3d4 rr c0e7cb84 18041 ns sun.com. ns1.sun.com.
@40000000452d7e2c166df374 stats 1 279 1 0
@40000000452d7e2c166dff2c sent 1 46
@40000000452d7e31313bb8bc query 2 7f000002:afe5:4841 1 developers.sun.com.
@40000000452d7e31313bd414 tx 0 1 developers.sun.com. . c0e7cb03 c0e7cb84
@40000000452d7e313220830c rr c0e7cb03 125228 1 ns1.sun.com. c012800b
@40000000452d7e3132209e64 rr c0e7cb03 125228 1 ns2.sun.com. c0126305
@40000000452d7e313220ae04 rr c0e7cb03 125228 1 ns7.sun.com. c0122a0c
@40000000452d7e313220bda4 rr c0e7cb03 125228 1 ns8.sun.com. c0122b0c
@40000000452d7e313220c95c rr c0e7cb03 8921 1 developers.sun.com. 48057c41
@40000000452d7e313220d8fc rr c0e7cb03 26246 ns sun.com. ns1.sun.com.
@40000000452d7e313220e4b4 rr c0e7cb03 26246 ns sun.com. ns2.sun.com.
@40000000452d7e313220f454 rr c0e7cb03 26246 ns sun.com. ns7.sun.com.
@40000000452d7e3132219864 rr c0e7cb03 26246 ns sun.com. ns8.sun.com.
@40000000452d7e313221a804 stats 2 564 1 0
@40000000452d7e313221b3bc sent 2 52
The differnee seems to be that in the bad case right after the query statement there is a bunch of cached statements (repeated for each query) and only after that a tx statement, while in the good case we don't see these cached statements and the tx is right after the query and followed by a whole bunch of rr statements.
Please note that is just my observations. I have no idea what these lines means.
Any ideas?
-
Here is a snippet from what I believe are transactions just prior to the Corporate DNS reconfiguration ...
Looks perfectly normal.
@40000000452d7e102211d31c sent 2515 30
@40000000452d7e13234fd544 servfail java.sun.com. input/output error
@40000000452d7e13234ff484 sent 2516 30
@40000000452d7e14221f5fdc servfail java.sun.com. input/output error
@40000000452d7e14221f7f1c sent 2517 30
The above errors are the last failures just before what I suspect is the point where I reconfigured the Corporate DNS and I assume the cache was restarted.
There is not enough information in the log there to determine what is happening.
If you suspect anything is wrong with the SME server software you should report it via the Bug Tracker. This forum isn't an appropriate place to try to diagnose problems.
-
Hi Reaper82:
I too am having this problem.
-bash-3.00$ dig mail.stormfront.com.au ANY
; <<>> DiG 9.2.4 <<>> mail.stormfront.com.au ANY
;; global options: printcmd
;; connection timed out; no servers could be reached
Another smilarity I notice is that both you and I are on internode for an ISP.
Im looking down that road at present.
-
That is interesting, because I am on Internode too!
Without Corporate DNS configured I get:
dig mail.stormfront.com.au ANY
; <<>> DiG 9.2.4 <<>> mail.stormfront.com.au ANY
;; global options: printcmd
;; connection timed out; no servers could be reached
and:
dig www.sun.com ANY
; <<>> DiG 9.2.4 <<>> www.sun.com ANY
;; global options: printcmd
;; connection timed out; no servers could be reached
With Corporate DNS configured to the Internode DNS's (192.231.203.132 & 192.231.203.3) I get:
dig mail.stormfront.com.au ANY
; <<>> DiG 9.2.4 <<>> mail.stormfront.com.au ANY
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28223
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail.stormfront.com.au. IN ANY
;; ANSWER SECTION:
mail.stormfront.com.au. 68797 IN CNAME mail1.quadrahosting.com.au.
;; Query time: 50 msec
;; SERVER: 10.1.0.1#53(10.1.0.1)
;; WHEN: Sun Jan 21 17:43:56 2007
;; MSG SIZE rcvd: 74
and:
dig www.sun.com ANY
; <<>> DiG 9.2.4 <<>> www.sun.com ANY
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37481
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;www.sun.com. IN ANY
;; ANSWER SECTION:
www.sun.com. 740 IN A 72.5.124.61
;; Query time: 64 msec
;; SERVER: 10.1.0.1#53(10.1.0.1)
;; WHEN: Sun Jan 21 17:41:51 2007
;; MSG SIZE rcvd: 45
So why does SME DNS fail on these queries on Internode as the ISP?
Marco
-
That is interesting, because I am on Internode too!
Without Corporate DNS configured I get:
dig mail.stormfront.com.au ANY
; <<>> DiG 9.2.4 <<>> mail.stormfront.com.au ANY
;; global options: printcmd
;; connection timed out; no servers could be reached
and:
dig www.sun.com ANY
; <<>> DiG 9.2.4 <<>> www.sun.com ANY
;; global options: printcmd
;; connection timed out; no servers could be reached
So what is this situation with Internode?
So why does SME DNS fail on these queries on Internode as the ISP?
Marco
I tried removing the new filtering that internode has, they make no mention of blocking DNS ports but it has clearly made a difference.
Turn off port filtering, wait 90 minutes, ower cycle modem to force a new login and its all come good.
I'm not saying this is a fix for a few weeks yet as the problem is definately intermittent, and power cycling the modem gives me a new IP obviously. I will have a chat with internode support tho, and possible learn to post on whirlpool.
Rob.
-
Mhm, tried turning of Internode filtering, but does not seem to make a difference for me. e.g. after filterering turned off, 90min minimum wait, modem reset, new IP I get with the Corportate DNS still pointing to Internode:
dig sun.com ALL
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61787
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;sun.com. IN A
;; ANSWER SECTION:
sun.com. 900 IN A 72.5.124.61
;; Query time: 294 msec
;; SERVER: 10.1.0.1#53(10.1.0.1)
;; WHEN: Mon Jan 22 14:49:50 2007
;; MSG SIZE rcvd: 41
; <<>> DiG 9.2.4 <<>> sun.com ALL
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12343
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ALL. IN A
;; Query time: 83 msec
;; SERVER: 10.1.0.1#53(10.1.0.1)
;; WHEN: Mon Jan 22 14:49:51 2007
;; MSG SIZE rcvd: 21
Then after I remove the Corporate DNS entries: I get:
dig sun.com ALL
;; connection timed out; no servers could be reached
; <<>> DiG 9.2.4 <<>> sun.com ALL
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58847
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ALL. IN A
;; Query time: 30 msec
;; SERVER: 10.1.0.1#53(10.1.0.1)
;; WHEN: Mon Jan 22 14:54:57 2007
;; MSG SIZE rcvd: 21
So I am not sure Internode filtering is the culprit.
Is there a requirement to have DNS related ports open in my ADSL router/gateway? I currently have only TCP ports 25, 80, 443 and 1723 open which I thought to be the absolute minimum.
Marco
-
If you suspect anything is wrong with the SME server software you should report it via the Bug Tracker. This forum isn't an appropriate place to try to diagnose problems.
This remains true.
I don't understand why there is any "discussion" here. It should "just work". If it doesn't, there might be a bug, and the only place to diagnose problems (and track them to closure) is in the Bug Tracker.
-
Ok, I have added this to the bug tracker.
-
I don't understand why there is any "discussion" here. It should "just work". If it doesn't, there might be a bug, and the only place to diagnose problems (and track them to closure) is in the Bug Tracker.
Thats true Charlie, but at this stage I don't think its a bug as such, it is clearly working for others, at this stage I am more inclined to think it is an ISP issue, until someone else pops up with the problem who is NOT an internode customer.
Cheers,
Rob.
-
I am more inclined to think it is an ISP issue
However, if you did take it to the bug tracker then...
a. A resolution of what node *maybe* doing to cause the problems could be made.
b. SMEServer could be made 'node friendly'.
c. Documentation/FAQ could be updated to reflect possible issues.
At worst the bug is marked INVALID and case closed.
-
I am having the same problem whereby most internet sites work well and my email is good but a select few websites just don't wan't to play ball. It must be noted that they were working fine until yesterday. I am going to try and enter my ISP settings in the Corporate Domain and see what happens. I do believe though that it is NOT an SME server problem. Definately an underhanded ISP trick to drive us up the wall.
-
One of the websites came right after changing the corporate DNS settings but the other is still not working.
While trying to retrieve the URL: isp4u.co.za:443
The following error was encountered:
* Connection Failed
The system returned:
(110) Connection timed out
The remote host or network may be down. Please try the request again.
Your cache administrator is admin@3blokes.net.
I have phoned the company who hosts the site and the ISP and both can access it. WHat now?
Is there a way to change the MTU settings? This is very important as my ISP requires it to be 1352. Although I must say I have been running fine for over 3 months now without any problems.
-
I am having the same problem whereby most internet sites work well and my email is good but a select few websites just don't wan't to play ball. It must be noted that they were working fine until yesterday.
The DNS root name servers were all under DDoS attack yesterday.
http://www.ripe.net/news/global-root-server.html
-
Thanks 4 that. It is rather interesting. My stuff is all up and running now that I have put the DNS settings of the ISP into the Corporate Domain area.
Is there any word on how to set the MTU settings? Or how to check it?
-
ifconfig
-
Thanks :)