Matthew Crocker <[EMAIL PROTECTED]> writes: >> I just tested it from a Verizon DSL host and it worked. >> >> You might want to consider reading RFC 2182 though, particularly the >> part about geographically diverse nameservers. > > Yeah, yeah, that is overrated. If my site goes dark and my DNS goes > down it doesn't really matter as the bandwidth and the web server > will also be down. Having a live DNS server in another part of the > country won't help if the access routers handling the traffic for the > T1 to the school is also down. > > Geographically diverse name servers sounds great in theory but for > this application it won't gain any redundancy.
I wonder what that application could be... Single server with two addresses? Two servers behind a failing firewall? Well, if you don't care then why should we? There's definitely something seriously wrong with your configuration, and it is related to the two colocated servers. I sometimes get the result below. Works once, and then it fails because of answers from the wrong address: [EMAIL PROTECTED]:~$ dig www.mtrsd.k12.ma.us @dns-auth1.crocker.com ; <<>> DiG 9.2.4 <<>> www.mtrsd.k12.ma.us @dns-auth1.crocker.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34405 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.mtrsd.k12.ma.us. IN A ;; ANSWER SECTION: www.mtrsd.k12.ma.us. 604800 IN A 159.250.29.161 ;; AUTHORITY SECTION: mtrsd.k12.ma.us. 604800 IN NS dns-auth2.crocker.com. mtrsd.k12.ma.us. 604800 IN NS dns-auth1.crocker.com. ;; ADDITIONAL SECTION: dns-auth2.crocker.com. 600 IN A 204.97.12.57 dns-auth1.crocker.com. 600 IN A 204.97.12.58 ;; Query time: 279 msec ;; SERVER: 204.97.12.58#53(dns-auth1.crocker.com) ;; WHEN: Thu Sep 29 21:11:17 2005 ;; MSG SIZE rcvd: 144 [EMAIL PROTECTED]:~$ dig www.mtrsd.k12.ma.us @dns-auth2.crocker.com ; <<>> DiG 9.2.4 <<>> www.mtrsd.k12.ma.us @dns-auth2.crocker.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44398 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;www.mtrsd.k12.ma.us. IN A ;; ANSWER SECTION: www.mtrsd.k12.ma.us. 604800 IN A 159.250.29.161 ;; AUTHORITY SECTION: mtrsd.k12.ma.us. 604800 IN NS dns-auth2.crocker.com. mtrsd.k12.ma.us. 604800 IN NS dns-auth1.crocker.com. ;; ADDITIONAL SECTION: dns-auth2.crocker.com. 600 IN A 204.97.12.57 dns-auth1.crocker.com. 600 IN A 204.97.12.58 ;; Query time: 255 msec ;; SERVER: 204.97.12.57#53(dns-auth2.crocker.com) ;; WHEN: Thu Sep 29 21:11:21 2005 ;; MSG SIZE rcvd: 144 [EMAIL PROTECTED]:~$ dig www.mtrsd.k12.ma.us @dns-auth1.crocker.com ;; reply from unexpected source: 204.97.12.57#53, expected 204.97.12.58#53 ;; reply from unexpected source: 204.97.12.57#53, expected 204.97.12.58#53 ; <<>> DiG 9.2.4 <<>> www.mtrsd.k12.ma.us @dns-auth1.crocker.com ;; global options: printcmd ;; connection timed out; no servers could be reached After a while the session seems to time out and things will work again. Once, before the same shit happens again. Bjørn