On Fri, Sep 30, 2011, Janusz Skonieczny <janusz.skoniec...@gmail.com> wrote: > What I meant to ask was, what have caused those servers to cache a negative > result. > The app.dziennik.edu.pl domain was a CNAME to ghs.google.com from the start, > and it is set-up for a couple of months now. My other domain that have the > same issues www.bravelabs.pl have been setup and untouched for at least 10+ > months. > Where is the fault? Is it mine? How can I make sure this will go away and > never come back?
If I understand correctly, the problem arises when some clients can't get the IP address of app.dziennik.edu.pl and thus can't find the site. It looks like one of your name servers, ns12.az.pl (217.153.158.180), is flaky and sometimes does not send a timely response for DNS requests. It experiences ping packet loss around 18% from my location (Almaty, Kazakhstan). Theoretically, that shouldn't cause any harm because your other name servers seem to work well, but who knows. Another problem (probably irrelevant) that I discovered is that in your DNS registrar settings a wrong IP address appears for ns12.az.pl. See whois dziennik.edu.pl. The server at 89.171.29.77 does not respond to DNS queries about your dziennik.edu.pl zone at all. The ultimate way to troubleshoot this problem is to get remote access to a user's machine where the problem reproducibly occurs and to debug it from there. What local DNS resolvers does the machine use? Does the same problem occur with other sites CNAMEd to ghs.google.com? Do your name servers see any requests from the local resolvers? Do they see any requests when the problem with your site occurs? If you cannot view full access logs or packet traces on your name servers, it can be hard to answer some of these questions. It might help to know what is the local resolvers' cache policy and whether they comply with server-supplied TTL and negative TTL or ignore your settings and cache for a fixed period of time (like 24 or 48 hours). What does the resolver do when a request to a name server times out? Does it try other name servers responsible for the same zone? (For instance, if a request to ns12.az.pl times out, does it try to contact ns10.az.pl or ns11.az.pl?) When a request times out, does it cache the negative result and for how long? Once you determine where exactly the problem occurs, you will be on your way to fix it. Some things that might go wrong: 1. A client's DNS resolver doesn't always get the proper response from your name server when it asks it for the IP address of app.dziennik.edu.pl. 2. A client's DNS resolver doesn't always get the proper IP address of ghs.google.com when it asks Google name servers for it. 3. Some client-side firewall or anti-virus software interferes with the DNS request. If you want quick advice, remove the ns12 nameserver from *both* your DNS config *and* your DNS registrar settings. Verify your changes using dig (or nslookup) and whois and wait for a day or two for all possibly involved caches to update. Then see if the problem goes away. Hope this helps. Please let me know what you find out, I'm interested to hear. -- Alexander -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.