Date: Mon, 15 Dec 2014 16:02:56 -0200 From: Marcelo Gondim <gondim@bsdinfo.com.br> To: freebsd-net@freebsd.org Subject: Re: DNS resolution problem Message-ID: <548F2250.3010507@bsdinfo.com.br> In-Reply-To: <CAN6yY1tt-mr5pCLQ8p-S207jC_DB0vQ13Q6j8vovTxupSnJ1zQ@mail.gmail.com> References: <548C3072.10303@bsdinfo.com.br> <CAN6yY1tt-mr5pCLQ8p-S207jC_DB0vQ13Q6j8vovTxupSnJ1zQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Kevin, On 13/12/2014 23:44, Kevin Oberman wrote: > On Sat, Dec 13, 2014 at 4:26 AM, Marcelo Gondim <gondim@bsdinfo.com.br> > wrote: > >> Dear, >> >> I'm having trouble resolving domain name freebsd.org. The portsnap server >> works correctly but the pkg audit -F does not work and can not even access >> the site according to the following tests: >> >> # host ec2-sa-east-1.portsnap.freebsd.org >> ec2-sa-east-1.portsnap.freebsd.org has address 177.71.188.240 >> >> # host vuxml.freebsd.org >> Host vuxml.freebsd.org not found: 3(NXDOMAIN) >> >> # host -a freebsd.org >> Trying "freebsd.org" >> Trying "freebsd.org.intnet.com.br" >> Host freebsd.org not found: 3(NXDOMAIN) >> Received 86 bytes from ::1#53 in 0 ms >> >> # host www.freebsd.org >> ;; connection timed out; no servers could be reached >> >> Only the first address I'm having name resolution (ec2-sa-east-1.portsnap. >> freebsd.org). >> >> My block IP: 186.193.48.0/20 >> >> One could check for any restrictions on our IP block? >> >> I think a bit of DNS debugging is in order. > I could resolve all of the nodes you listed, but there are some potential > issues I see. First, when looking up hostname with host(1), always > terminate the name: >> host -a freebsd.org. > Trying "freebsd.org" > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24171 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;freebsd.org. IN TYPE255 > > ;; ANSWER SECTION: > freebsd.org. 534 IN AAAA 2001:1900:2254:206a::50:0 > freebsd.org. 534 IN MX 10 mx1.freebsd.org. > freebsd.org. 534 IN A 8.8.178.110 > > But "ANY" queries are fuzzy things at best as the first resolver you hit > will just return whatever is cached and not try getting an authoritative > response. > > www.freebsd.org and vuxml.freebsd.org are CNAME entries pointing to the > same place, 8.8.178.110. This is in FreeBSD's own address space from Yahoo > nd is probably in the mail FreeBSD cluster. I was a bit surprised to find > that is is an Amazon AWS address, so the portsnap files are actually coming > from a totally different place. > > DNS is provided by ISC-SNS. 72.52.71.1, 38.103.2.1 and 63.243.194.1. Try > pinging these. Since BIND, the second oldest and most popular DNS server is > written and supported by ISA, I would think that it is well run. Try > pinging and tracing to these addresses. All of them are in very dispersed > locations on different provider backbones. (Cogent, Hurricane Electric, and > ISC, itself. You might try directing queries to each system to see if one > fails when other succeed. Use "dig @servr-addr host". Other tests: # ping -c 5 NS1.ISC-SNS.NET PING ns1.isc-sns.net (72.52.71.1): 56 data bytes 64 bytes from 72.52.71.1: icmp_seq=0 ttl=56 time=144.327 ms 64 bytes from 72.52.71.1: icmp_seq=1 ttl=56 time=145.445 ms 64 bytes from 72.52.71.1: icmp_seq=2 ttl=56 time=144.999 ms 64 bytes from 72.52.71.1: icmp_seq=3 ttl=56 time=146.775 ms 64 bytes from 72.52.71.1: icmp_seq=4 ttl=56 time=145.207 ms --- ns1.isc-sns.net ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 144.327/145.351/146.775/0.804 ms # ping -c 5 NS2.ISC-SNS.COM PING ns2.isc-sns.com (38.103.2.1): 56 data bytes 64 bytes from 38.103.2.1: icmp_seq=0 ttl=54 time=133.839 ms 64 bytes from 38.103.2.1: icmp_seq=1 ttl=54 time=133.831 ms 64 bytes from 38.103.2.1: icmp_seq=2 ttl=54 time=133.972 ms 64 bytes from 38.103.2.1: icmp_seq=3 ttl=54 time=133.957 ms 64 bytes from 38.103.2.1: icmp_seq=4 ttl=54 time=133.851 ms --- ns2.isc-sns.com ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 133.831/133.890/133.972/0.061 ms # ping -c 5 NS3.ISC-SNS.INFO PING ns3.isc-sns.info (63.243.194.1): 56 data bytes 64 bytes from 63.243.194.1: icmp_seq=0 ttl=59 time=185.755 ms 64 bytes from 63.243.194.1: icmp_seq=1 ttl=59 time=185.790 ms 64 bytes from 63.243.194.1: icmp_seq=2 ttl=59 time=185.866 ms 64 bytes from 63.243.194.1: icmp_seq=3 ttl=59 time=185.931 ms 64 bytes from 63.243.194.1: icmp_seq=4 ttl=59 time=185.988 ms --- ns3.isc-sns.info ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 185.755/185.866/185.988/0.086 ms # host -a freebsd.org 72.52.71.1 Trying "freebsd.org" ;; Truncated, retrying in TCP mode. Using domain server: Name: 72.52.71.1 Address: 72.52.71.1#53 Aliases: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15306 ;; flags: qr aa rd; QUERY: 1, ANSWER: 20, AUTHORITY: 0, ADDITIONAL: 7 ;; QUESTION SECTION: ;freebsd.org. IN TYPE255 ;; ANSWER SECTION: freebsd.org. 3600 IN SOA ns0.freebsd.org. hostmaster.freebsd.org. 2014121517 3600 900 604800 600 freebsd.org. 3600 IN RRSIG SOA 8 2 3600 20141229134836 20141215162412 22689 freebsd.org. Li3FZ22mk+j4FbIRp7rQD/QS/m3UCFvMDqdUfdLBOPEpOiCTLue+5xFhtr6mLwJ6mYzbsATM3rHN/O+B1VF3VzytnOOYh0QvoqpjxwGcUWNAkAlOCFDrqaS5wp9PfWOBJ+1q+xbkgC/iwBmasqb06G1WpcvpRq9kYoZUum8RxAGuTQIYNhoDxUjU5r6yiTvWy3sCmpu02F846BcJ6+LBKhsd8OuOJYplYhjFOfszl8uQmUtyCxCDm9udsWHbNyVMPU/DeVPKSlBS5md1l07GcG2QDepH4ChxQZnejmhaXgi/6+680v7Ufgh51xb5QiU2Xg7ATwplvor2VwJphSwMAw== freebsd.org. 3600 IN RRSIG DNSKEY 8 2 3600 20141228141417 20141214022412 32659 freebsd.org. Cf1nX8IQROLxXzL9WTDJVRdHuGN344DnIzKrshoG9sbYkP/DTDMMt9mpDCUUz0HK0FgxhHw45oepm6+KMbydzZDWhK2+G/LPgyK5nzsxnaJc9EgHpg6OKCQw7HHDirfe8lr0es0Ab4mPicqMKg31r7272SEKJ6HGoezzW5wtokTJpegAGQhW+b8ZvpBqRcj3jYIU9HvBOJtn/ZNrXMg2mUP/tbkxDcBy7ssMNmy0s0GKu6Daqq1VSK0BKvEIPc/sUC+mKkUo259FkI2Lnfml3vsw+aV0behgp/VpoxRfotcNjFNJGhYGF0B0iwTQIdBnfMWlNXsQBnoQ8b7W+OLiRw== freebsd.org. 0 IN RRSIG NSEC3PARAM 8 2 0 20141219185954 20141206012400 22689 freebsd.org. ViAARy2wfDAUXV7AEzQFbge0hCJSU1/vusbRoWkaM1EVkOQbaCiSQ1PDanZmR4yQncdo2M3d4gJtIHgvZ5xzeo0/2AhlSVw/GAtWjJkqI/8rJZ2ZPtoXy6SJBcNAcGKTx74EjFN/TIxDIEXKNss2BNz3y57olnknvqgVpNjGu8jzc59aDww4+cgh9v7zuMG1YAncCnHwTIaxtsXN/K0jjKx9CtkVwJLJCRd4bthKyrPkBNMZ3cDOX27MlQFC7461WsPkNxsxFYfUWO4g8f41UUYzPX2c59tKm+qJB7s56KLihZIuBjTZnROyTkvFFcdG3ii9dzFqbEN8PMwJIS7bzw== freebsd.org. 600 IN RRSIG NS 8 2 600 20141221172508 20141207182403 22689 freebsd.org. ny0XoD9xYbSX5nHbDnl5iCIofSBlkwB8dPjeUcmKfyylrpiPVDkXfl+xfacqJj7DRvf5gF8fLhe0lwTu3cLeVXGf9L3UfD5N5sd61SxLLXy8gDHtjCQWS5/VYE4rIn6/leoqRD5YVPGJ1OWRBHSnVIjdib/R7XLLz6v8CMT4l+P42tDf7z56hjc3BNplcD/KjFfrEmoBlRIwvs9XaR3i+Qvl/0uKnGgeaXVvRMgCthC4J4oZKsBt0hpAhwy3ocOOGhp1uLV+/sBUd4ZMi0HG0G+OZbelVt01LE/7Kp5+4TA7i5Ubla8/kEcx7iKjqimnTb+0GF7+WrZbVe3MrTi9Jg== freebsd.org. 600 IN RRSIG TXT 8 2 600 20141221200324 20141207122402 22689 freebsd.org. uf81IQ/nUDeVhLtUw/g4ILoW3Pq1rl9ub8p4MBkuGxhpmZSpm1phmJ47xuDkEg137SwqdP/mIx/EIRZ1Oah5Hx1e0278qJSX1M9DMwscCjXl3uPTqgYfL/M9k15U3OJ3i9yI4Stsp6ORG3Rj4bYYYz3mzlSNV64ZOnkW9JfPu/GjEq21EXgF9SEABJr21dwEUeCpmng15MHpmpTIJIwkgdH4DC7Dh/glQ6yMDEcf6I4x63hmj4CWpChs18W94esshEfZVTeiKV7xFPvgrnsbrO660Jvua7XR3R4mqr9sqv2mXKJICNobBNx/IyAxw9vw5dE7ohFptPEH7DUDN/h4jw== freebsd.org. 600 IN RRSIG MX 8 2 600 20141222062628 20141208062403 22689 freebsd.org. exRPLUyRmbRbxQEYu989+agnNMIjXl7PsfPGW8xaoq2Dv0/GbOGnAPlSALg3MBPz8R+pL3MWiaexyi/1qxUF6n0tItn7hQhUla4jri7rMFzMUcvePPr6t5sF/MWkIC+15O5QlIUx/Bi0zUnUFPSXCKH3MWr0oqGNzzc3jSqsUlqBhQmZq3KCrSE62Tp3VDthFhZUSY29EAmmwnAlTxQR9ZX3eVEM5oJ5UrhFkBcMhv4jVtSN+OncYx4PQWHNk4DR9vY3FCVl48XqJ9ivln9vHOOCqfzl5oaSXeE6rnbHwEKpOZX65l24nPuNtKVPajYEAroK4xMqCdkPW4Ov0tw3zA== freebsd.org. 600 IN RRSIG A 8 2 600 20141221151124 20141207232403 22689 freebsd.org. VPOX9ep1tYDF7dFaY37zXAMHwd+ySWAeSAMa45btmNzCD/F1pkUi9wH57LPE3jtqeHF4coKfZCvzBED5KWfyYMDZsWOaTNA2Hxh4h+WRr4qK1FxeilvIDLYs1/ynGCcaAfTM8T7OwAueWx/x78bshaw8mkI8Pp38SpkHa0sL5T4/L9NP8NOUOP5I6zv2xFtqkcQBSWZLFElGHn3JBo3ZyGa9lUsjnNfNWwNCLcDbXG7aQCW88v+mxbnIq2lHogqOsYXQHnatpK7qV27c2XNB9ZuGmWq6zLFUFOXH1pDLf0ftIg70Evy+88RomIFLo9e9qNYI9WJk7Z51gL7ygA/YSg== freebsd.org. 600 IN RRSIG AAAA 8 2 600 20141222031959 20141208092403 22689 freebsd.org. U88G56Mlmb6l4xv+G+IdvLAQQ8g5quIvKVjBSTcC5QdO52C/kUGcoo2rE+phXqXK7j7vgcfEuSI2qP3FDCG2K1VUn19+oCHA/LVzx4sNGsVlqXDfieE7c48vVYeukalh7cCXQ53dGo/4Tpps3i/4IUtw7Wi/NjykJoi8PbzgqR7mrkcKD83l18XR0JNILvj1EQwuTZYIICcd+yfs2WU5IjXIv5ik3hVkxQA5GkJse+EfAvBuJRPkZ8yknRM93tRw95gBc6ntB9+3pqZ9QNPKRUl5i7HoBbkSlAr3iGJiBAOXAX4V3PGNG+tXHqbEVPn1DzsXojJSFUJGaXHA9VFSpw== freebsd.org. 3600 IN DNSKEY 256 3 8 AwEAAc48eD98O70LmwN5RQ5i1vaP9BURkyvOiVNbztyVOCbPsZMIxDVZULFGLeEKmUR9UbutNoizdVi+XDGXgbfvQTZczkCUJNvBCxVglssyxnMMDjxf4p6TfuTTAW7EK6BDGVGkU3yBbfFYRYDeRep3g2CHH5/juU6MGMDElYYAhULICw3QRJjzMJFezvV0D1Mql53otXJ2J0BVhNBbF/1HSYRhVrFCSnpo1OORbNEuCudBr5WDBsZ3TdFehf74fYQP8XZEKqwirUvGcrlvDCPncPFtoLj3BWNvecsAwBrRbVzwTMVZHV95SXSq5VzjiXsf4U/UMQ5xOE5t4370msqPScM= freebsd.org. 3600 IN DNSKEY 257 3 8 AwEAAd1zS5J5X1kQqoufYTOGrPaUnlgBxllrFE1rGLJ3qDWEEETjszjal7IeJMmn/VhC6a2txXeob5is1/8Z6KWxpAhqIiw+l9JmD9sD/dOI9Yyk/AIyhSPguqV9+zBkfrp9I0BUuwxO/Rs+VgnqwQquyDGWRFQTtckPkptHKMTt44F8VyGcg+WVHOAXAsdGAC2SK1MVbSnMnRvZjYRHS3qc8at/h7soSib9TGNG9i+UD2mZyefcUUxsSll7TvUURA1dW13UP3U4/JlUM0qwA8Lk7pho/Or61Sci+yiqKijAdHu+dY3yGESkZ2rm4PBYYbm44ftefYXX5Hd5w20MXe5Lym8= freebsd.org. 3600 IN DNSKEY 256 3 8 AwEAAdCGUpcdxSMYspciWP5aJa3f0Lr5oW1BkSnSGe4TO4+HVy8f+40q7uHtpaI7MMl5+2HAtjxgaZIVGBM3zqiCvW3KXjv+TRKLIBJTxStYu9ped0JWCqAXfYIhD5Tw2uvNKU0CLTJP9PQuEz8K5Yd7Zsy6N49/zAbovyhL5Ciax+BPcA8FTZ6io+m1Gw43+i2UOAs5yAeWsjaYsCwV4Ye7FdPwuQ5z/MMszr9XwBzFJdlQyJFpyAPNcdAiplnSWAg7oo8t221+sRsY/ZMOgi4WeIZAPM71Fq0LEi+GUxgjUdYs7MtehsmyRgZjum3AJyJfaf2gZRQH5Dw0aIR/G1lUwEc= freebsd.org. 0 IN NSEC3PARAM 1 0 100 10238ec3108d6756 freebsd.org. 600 IN NS ns3.isc-sns.info. freebsd.org. 600 IN NS ns2.isc-sns.com. freebsd.org. 600 IN NS ns1.isc-sns.net. freebsd.org. 600 IN TXT "v=spf1 redirect=_spf.freebsd.org" freebsd.org. 600 IN MX 10 mx1.freebsd.org. freebsd.org. 600 IN A 8.8.178.110 freebsd.org. 600 IN AAAA 2001:1900:2254:206a::50:0 ;; ADDITIONAL SECTION: ns1.isc-sns.net. 3600 IN A 72.52.71.1 ns1.isc-sns.net. 3600 IN AAAA 2001:470:1a::1 ns2.isc-sns.com. 3600 IN A 38.103.2.1 ns3.isc-sns.info. 3600 IN A 63.243.194.1 ns3.isc-sns.info. 3600 IN AAAA 2001:5a0:10::1 mx1.freebsd.org. 600 IN A 8.8.178.115 mx1.freebsd.org. 600 IN AAAA 2001:1900:2254:206a::19:1 Received 3670 bytes from 72.52.71.1#53 in 298 ms
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?548F2250.3010507>