On Thu, Sep 18, 2014 at 6:24 AM, Rich Shepard <rshep...@appl-ecosys.com> wrote: > On Wed, 17 Sep 2014, Jim Garrison wrote: > >> One possibility is that the *remote* web server has reverse DNS validation >> turned on, and your external IP, for some reason, does not have a PTR >> record. Can you send me (in a private email) your external IP address? You >> can easily determine this by going to http://whatismyip.com. > > Jim, > > Easily found with whois, host, and dig on the domain name. However, since > you made me see what I overlooked before, the IP address for this domain is > static; it points to the server hosting my web site at my ISP. It's only the > mail. IP address that is dynamic since mail comes directly here. > >> Almost all ISPs provide PTR records for their dynamically assigned pool >> addresses. For example, my (obfuscated) IP is aa.bb.cc.dd and if I do a >> "dig -x" on it I get: > > This morning a message from the GRASS coordinator said that the web server > had hardware issues that slowed response times. Why my location should seem > to be the only one consistently affected will probably never be known. > > No PTR record returned by dig, only the SOA: > > $ dig 216.99.193.149 > > ; <<>> DiG 9.9.5-P1 <<>> 216.99.193.149 > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57347 > ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 512 > ;; QUESTION SECTION: > ;216.99.193.149. IN A > > ;; AUTHORITY SECTION: > . 1777 IN SOA a.root-servers.net. > nstld.verisign-grs.com. 2014091800 1800 900 604800 86400 > > ;; Query time: 38 msec > ;; SERVER: 8.8.8.8#53(8.8.8.8) > ;; WHEN: Thu Sep 18 06:18:42 PDT 2014 > ;; MSG SIZE rcvd: 118 > >> If your ISP has not provided a PTR record for your address, then it's the >> SERVER that could be timing out on DNS resolution trying to figure out who >> you are (for blacklisting, for instance). It's pretty rare nowadays to >> configure a web server to do PTR lookup (email servers yes, web servers >> no) but it would cause exactly the behavior you are seeing. > > Perhaps that's it. >
To my eye this dig result fits Jim's explanation perfectly. The webserver is doing a reverse DNS lookup for some reason. Maybe for blacklisting or maybe just for logging. This article describes how you can accidentally configure Apache to do this by putting in an Allow from localhost directive. http://blog.endpoint.com/2013/09/apache-accidental-dns-hostname-lookups.html This problem could resolve itself because your IP address is so dynamic. It might randomly change to an IP address that has a PTR record and then suddenly you will be able to load the website normally. Bill _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
