Re: DNS .US outage
On Thu, 7 Jul 2005, Michael Painter wrote: In case other Win users aren't aware: http://www.samspade.org/ssw/features.html Do be aware that the WHOIS functionality is out of date - it doesn't know to search whois.publicinterestregistry.org for .ORG domains, for example. The source code is available, and I have a copy and am planning to create an updated package based on SS (no, it won't be the next version of SS), but it won't be finished for a while (I've *barely* just started working on it). Other than that, it's a great piece of software. -- JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED Coming to you from Southern California's High Desert, where the temperatures are as high as the gas prices! / 888.480.4NET (4638) Life's like an hourglass glued to the table --Anna Nalick, Breathe
Re: DNS .US outage
- Original Message - From: Randy Bush [EMAIL PROTECTED] Sent: Wednesday, July 06, 2005 7:19 PM Subject: RE: DNS .US outage i believe even windoze has dig at the command line, though i don't know in what directory it lies. randy In case other Win users aren't aware: http://www.samspade.org/ssw/features.html --Michael
Re: DNS .US outage
On Wed, 6 Jul 2005, Rodney Joffe wrote: On 7/6/05 10:00 PM, Church, Chuck [EMAIL PROTECTED] wrote: Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. When I checked networksolutions' whois for neosystems.us and state.ny.us , both returned: We are unable to process your request at this time. Please try again later. Figured something was up. You meant this in passing only, right? You clearly did not intend to correlate an issue with .us DNS with whois data for .us, right? also, with the helping-out of PCH and neustar I believe these TLD boxen are actually anycast around quite some bit... though I could be mistaken about that since the hotel in boston (ATT) sees the same path as the office in ashburn (UUNET) ...
RE: DNS .US outage
On Wed, 2005-07-06 at 19:19 -1000, Randy Bush wrote: Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. i believe even windoze has dig at the command line, though i don't know in what directory it lies. The web directory: http://www.isc.org/index.pl?/sw/bind/bind9.php or the ftp directory: ftp://ftp.isc.org/isc/bind/contrib/ntbind-9.3.1/BIND9.3.1.zip What is also very useful are the following two websites, so people can click around a bit and get nice pictures making everything crystalclear for them: DNSDoctor (which even supports IPv6 :) http://demo.dnsdoctor.org/ And of course DNS report: http://www.dnsreport.com/ Greets, Jeroen signature.asc Description: This is a digitally signed message part
RE: DNS .US outage
At 7:19 PM -1000 2005-07-06, Randy Bush wrote: Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. i believe even windoze has dig at the command line, though i don't know in what directory it lies. That's assuming you have installed BIND for Windows, which most people probably have not done. They do have ping, nslookup, and a few other command-line tools, but then very few people using Windows seem to know how to use the command-line, or even know how to start it up. Good guess, though. -- Brad Knowles, [EMAIL PROTECTED] Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin (1706-1790), reply of the Pennsylvania Assembly to the Governor, November 11, 1755 SAGE member since 1995. See http://www.sage.org/ for more info.
RE: DNS .US outage
Thanks for your help, guys. Didn't know dig existed for windows. Several ISPs (charter.net, alter.net) are choking on .us queries right now, but ATT's name server is working ok for me. Here's one failing on .us, but .com works fine: C:\temp\dnstoolsdig @24.197.96.16 com NS ; DiG 9.3.1 @24.197.96.16 com NS ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 1940 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;com. IN NS ;; ANSWER SECTION: com.172800 IN NS d.gtld-servers.net. com.172800 IN NS e.gtld-servers.net. com.172800 IN NS f.gtld-servers.net. com.172800 IN NS g.gtld-servers.net. com.172800 IN NS h.gtld-servers.net. com.172800 IN NS i.gtld-servers.net. com.172800 IN NS j.gtld-servers.net. com.172800 IN NS k.gtld-servers.net. com.172800 IN NS l.gtld-servers.net. com.172800 IN NS m.gtld-servers.net. com.172800 IN NS a.gtld-servers.net. com.172800 IN NS b.gtld-servers.net. com.172800 IN NS c.gtld-servers.net. ;; Query time: 4046 msec ;; SERVER: 24.197.96.16#53(24.197.96.16) ;; WHEN: Thu Jul 07 08:20:35 2005 ;; MSG SIZE rcvd: 245 C:\temp\dnstoolsdig @24.197.96.16 us NS ; DiG 9.3.1 @24.197.96.16 us NS ; (1 server found) ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: SERVFAIL, id: 1682 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;us.IN NS ;; Query time: 31 msec ;; SERVER: 24.197.96.16#53(24.197.96.16) ;; WHEN: Thu Jul 07 08:20:50 2005 ;; MSG SIZE rcvd: 20 Is it possible that one of the authoritative servers for .us is unreachable/down at the moment, at least from name server 24.197.96.16's point of view? 198.6.1.2 gives similar results. Thanks again, Chuck Church Lead Design Engineer CCIE #8776, MCNE, MCSE Netco Government Services - Design Implementation 1210 N. Parker Rd. Greenville, SC 29609 Home office: 864-335-9473 Cell: 703-819-3495 [EMAIL PROTECTED] PGP key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x4371A48D -Original Message- From: Jeroen Massar [mailto:[EMAIL PROTECTED] Sent: Thursday, July 07, 2005 4:10 AM To: Randy Bush Cc: Church, Chuck; nanog@merit.edu Subject: RE: DNS .US outage On Wed, 2005-07-06 at 19:19 -1000, Randy Bush wrote: Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. i believe even windoze has dig at the command line, though i don't know in what directory it lies. The web directory: http://www.isc.org/index.pl?/sw/bind/bind9.php or the ftp directory: ftp://ftp.isc.org/isc/bind/contrib/ntbind-9.3.1/BIND9.3.1.zip What is also very useful are the following two websites, so people can click around a bit and get nice pictures making everything crystalclear for them: DNSDoctor (which even supports IPv6 :) http://demo.dnsdoctor.org/ And of course DNS report: http://www.dnsreport.com/ Greets, Jeroen
Re: DNS .US outage
On Thu, Jul 07, 2005 at 07:25:20AM -0500, Church, Chuck [EMAIL PROTECTED] wrote a message of 109 lines which said: Is it possible that one of the authoritative servers for .us is unreachable/down at the moment, at least from name server 24.197.96.16's point of view? It is perfectly possible. Unfortunately, all three nameservers of .us are behind the same AS and, unfortunately, they are all in the same /16. Checking the filters is a first step. PS: tracert exists on MS-Windows and c.gtld.biz replies to it.
RE: DNS .US outage
On Thu, 7 Jul 2005, Church, Chuck wrote: Thanks for your help, guys. Didn't know dig existed for windows. Several ISPs (charter.net, alter.net) are choking on .us queries right the alter.net cache's you are using arent' guaranteed to work... especially for non-customers :) but... in general they do work, sometimes slowly as all manner of people use them regardless of their 'customer' status to alternet :( Is it possible that one of the authoritative servers for .us is unreachable/down at the moment, at least from name server 24.197.96.16's point of view? 198.6.1.2 gives similar results. I'm not seeing these problems though (though that problem might have been transient too) ; DiG 8.4 us ns @cache02.ns.uu.net ; (1 server found) ;; res options: init recurs defnam dnsrch no-nibble2 ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 9205 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 3 ;; QUERY SECTION: ;; us, type = NS, class = IN ;; ANSWER SECTION: us. 6D IN NSc.gtld.biz. us. 6D IN NSa.gtld.biz. us. 6D IN NSb.gtld.biz. ;; ADDITIONAL SECTION: a.gtld.biz. 5d20h12m3s IN A 209.173.53.162 b.gtld.biz. 5d20h12m3s IN A 209.173.57.162 c.gtld.biz. 5d20h12m3s IN A 209.173.60.65 ;; Total query time: 144 msec
Re: DNS .US outage
On Wed, Jul 06, 2005 at 11:27:39PM -0500, Church, Chuck wrote: Anyone else having issues with .US right now (~12AM EST)? NSlookup, etc show various .us destinations as unknown domains... Not for my site, at least: ; DiG 9.2.1 +trace microsys.us ;; global options: printcmd . 323510 IN NS F.ROOT-SERVERS.NET. . 323510 IN NS G.ROOT-SERVERS.NET. . 323510 IN NS H.ROOT-SERVERS.NET. . 323510 IN NS I.ROOT-SERVERS.NET. . 323510 IN NS J.ROOT-SERVERS.NET. . 323510 IN NS K.ROOT-SERVERS.NET. . 323510 IN NS L.ROOT-SERVERS.NET. . 323510 IN NS M.ROOT-SERVERS.NET. . 323510 IN NS A.ROOT-SERVERS.NET. . 323510 IN NS B.ROOT-SERVERS.NET. . 323510 IN NS C.ROOT-SERVERS.NET. . 323510 IN NS D.ROOT-SERVERS.NET. . 323510 IN NS E.ROOT-SERVERS.NET. ;; Received 244 bytes from 127.0.0.1#53(127.0.0.1) in 33 ms us. 172800 IN NS A.GTLD.BIZ. us. 172800 IN NS B.GTLD.BIZ. us. 172800 IN NS C.GTLD.BIZ. ;; Received 133 bytes from 192.5.5.241#53(F.ROOT-SERVERS.NET) in 87 ms microsys.us.7200IN NS NS2.DOMAINDISCOVER.COM. microsys.us.7200IN NS NS1.DOMAINDISCOVER.COM. ;; Received 83 bytes from 209.173.53.162#53(A.GTLD.BIZ) in 40 ms microsys.us.28800 IN SOA ns1.domaindiscover.com. hostmaster.tierra.net. 3723050 86400 1800 604800 28800 ;; Received 108 bytes from 216.104.163.3#53(NS2.DOMAINDISCOVER.COM) in 98 ms 'dig +trace', incidentally, for those of you who haven't tripped over it yet, is *very* cool. I'm trying to figure out a way to shoehorn the output into something I can Nagios... Cheers, -- jra -- Jay R. Ashworth[EMAIL PROTECTED] Designer+-Internetworking--+--+ RFC 2100 Ashworth Associates | Best Practices Wiki | |'87 e24 St Petersburg FL USAhttp://bestpractices.wikicities.com+1 727 647 1274 If you can read this... thank a system administrator. Or two. --me
Re: DNS .US outage
On Thu, Jul 07, 2005 at 10:10:03AM +0200, Jeroen Massar wrote: DNSDoctor (which even supports IPv6 :) http://demo.dnsdoctor.org/ avoid loosing all connectivity sigh Cheers, -- jra -- Jay R. Ashworth[EMAIL PROTECTED] Designer Baylink RFC 2100 Ashworth AssociatesThe Things I Think'87 e24 St Petersburg FL USA http://baylink.pitas.com +1 727 647 1274 If you can read this... thank a system administrator. Or two. --me
Re: DNS .US outage
On 07/07/05, Church, Chuck [EMAIL PROTECTED] wrote: Anyone else having issues with .US right now (~12AM EST)? NSlookup, etc show various .us destinations as unknown domains... nslookup is not the best tool to troubleshoot dns issues works for me though - [EMAIL PROTECTED] 10:02:22 [~]$ dig us NS ; DiG 8.3 us NS ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; us, type = NS, class = IN ;; ANSWER SECTION: us. 1d23h59m46s IN NS A.GTLD.BIZ. us. 1d23h59m46s IN NS B.GTLD.BIZ. us. 1d23h59m46s IN NS C.GTLD.BIZ. ;; Total query time: 3 msec ;; FROM: frodo.hserus.net to SERVER: default -- 127.0.0.1 ;; WHEN: Thu Jul 7 10:02:25 2005 ;; MSG SIZE sent: 20 rcvd: 76 and a random .us domain - [EMAIL PROTECTED] 10:02:25 [~]$ dig help.us ; DiG 8.3 help.us ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; help.us, type = A, class = IN ;; ANSWER SECTION: help.us.58m46s IN A 66.98.178.79 ;; Total query time: 2 msec ;; FROM: frodo.hserus.net to SERVER: default -- 127.0.0.1 ;; WHEN: Thu Jul 7 10:03:30 2005 ;; MSG SIZE sent: 25 rcvd: 41 -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: DNS .US outage
Doc-2.2.3: doc -p -w us Doc-2.2.3: Starting test of us. parent is . Doc-2.2.3: Test date - Wed Jul 6 18:42:03 HST 2005 Note: Skipping parent domain testing Found 3 NS and 3 glue records for us. @a.root-servers.net. (non-AUTH) Using NSlist from parent domain server a.root-servers.net. NS list summary for us. from parent (.) servers == a.gtld.biz. b.gtld.biz. c.gtld.biz. soa @a.gtld.biz. for us. serial: 2002445162 soa @b.gtld.biz. for us. serial: 2002445163 soa @c.gtld.biz. for us. serial: 2002445163 WARN: Found 2 unique SOA serial #'s for us. Authoritative domain (us.) servers agree on NS for us. NS list from us. authoritative servers matches list from === first parent (.) nameserver queried Checking 0 potential addresses for hosts at us. == Summary: WARNINGS issued for us. (count: 1) Done testing us. Wed Jul 6 18:42:08 HST 2005 [ lotso detail deleted ]
RE: DNS .US outage
Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. When I checked networksolutions' whois for neosystems.us and state.ny.us , both returned: We are unable to process your request at this time. Please try again later. Figured something was up. But when I tried nslookup with a server on yet a 4th ISP just now, it worked ok. Thanks again. Chuck -Original Message- From: Suresh Ramasubramanian [mailto:[EMAIL PROTECTED] Sent: Thursday, July 07, 2005 12:34 AM To: Church, Chuck Cc: nanog@merit.edu Subject: Re: DNS .US outage On 07/07/05, Church, Chuck [EMAIL PROTECTED] wrote: Anyone else having issues with .US right now (~12AM EST)? NSlookup, etc show various .us destinations as unknown domains... nslookup is not the best tool to troubleshoot dns issues works for me though - [EMAIL PROTECTED] 10:02:22 [~]$ dig us NS ; DiG 8.3 us NS ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; us, type = NS, class = IN ;; ANSWER SECTION: us. 1d23h59m46s IN NS A.GTLD.BIZ. us. 1d23h59m46s IN NS B.GTLD.BIZ. us. 1d23h59m46s IN NS C.GTLD.BIZ. ;; Total query time: 3 msec ;; FROM: frodo.hserus.net to SERVER: default -- 127.0.0.1 ;; WHEN: Thu Jul 7 10:02:25 2005 ;; MSG SIZE sent: 20 rcvd: 76 and a random .us domain - [EMAIL PROTECTED] 10:02:25 [~]$ dig help.us ; DiG 8.3 help.us ;; res options: init recurs defnam dnsrch ;; got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUERY SECTION: ;; help.us, type = A, class = IN ;; ANSWER SECTION: help.us.58m46s IN A 66.98.178.79 ;; Total query time: 2 msec ;; FROM: frodo.hserus.net to SERVER: default -- 127.0.0.1 ;; WHEN: Thu Jul 7 10:03:30 2005 ;; MSG SIZE sent: 25 rcvd: 41 -- Suresh Ramasubramanian ([EMAIL PROTECTED])
RE: DNS .US outage
Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. i believe even windoze has dig at the command line, though i don't know in what directory it lies. randy
Re: DNS .US outage
Er. On 7/6/05 10:00 PM, Church, Chuck [EMAIL PROTECTED] wrote: Thanks. Didn't have any *NIX boxes laying around to 'dig' any deeper. When I checked networksolutions' whois for neosystems.us and state.ny.us , both returned: We are unable to process your request at this time. Please try again later. Figured something was up. You meant this in passing only, right? You clearly did not intend to correlate an issue with .us DNS with whois data for .us, right?