Complete.Org: Mailing Lists: Archives: discussion: April 2000:
[aclug-L] Re: DNS TEST Long post ...sorry
Home

[aclug-L] Re: DNS TEST Long post ...sorry

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: DNS TEST Long post ...sorry
From: Steven Saner <ssaner@xxxxxxxxxxxxxxx>
Date: Tue, 25 Apr 2000 17:55:27 -0500
Reply-to: discussion@xxxxxxxxx

Okay, well, first I assumed that you were using a Unix machine of some
kind, which was a bad assumption, I'm sorry. If you need to do DNS
troubleshooting, you really need the dig client. There is such a thing
for NT (and maybe it would work for other 32bit Windows). You can get
it at:
        http://www.software.com/products/bindnt.html
From what I understand, just unpack the archive and find the dig.exe
program.

The first thing to do is find who is doing authoritative DNS. The
whois database will tell you that, but it is informational only. If
the owner of the domain forgot to pay their bill, the whois database
will still list the authoritative servers, but they will no longer be
in the root servers. So use dig to ask a root server who is doing DNS
for the domain:

dig @f.root-servers.net infobeat.com ns
....
infobeat.com.           2D IN NS        NS01.EXACTIS.com.
infobeat.com.           2D IN NS        NS00.EXACTIS.com.
....

Now ask both of those servers for the IP address (A record) of the
host www.infobeat.com

dig @ns01.exactis.com www.infobeat.com a
...
www.infobeat.com.       15M IN A        192.147.174.116
www.infobeat.com.       15M IN A        192.147.174.78
www.infobeat.com.       15M IN A        192.147.174.96
...

dig @ns00.exactis.com www.infobeat.com a
...
www.infobeat.com.       15M IN A        192.147.174.116
www.infobeat.com.       15M IN A        192.147.174.78
www.infobeat.com.       15M IN A        192.147.174.96
...

Okay, this is good. They both respond and they both return the same
thing (don't worry if the results are in a different order if you try
it).

This indicates to me that things are *probably* okay on the DNS
servers that host this domain.

Now you can query each of SWBI's DNS servers to see what they say

dig @161.147.174.1 www.infobeat.com a

That is, if the IP addresses are 161.147.174.1-8 as you say. I don't
think, however, that those are the DNS server IPs. They are owned by
somebody in Italy :-) But basically you can try to dig each of the DNS
servers and see if they give you reasonable results.

Now it is possible that infobeat.com was doing something with their
name server configuration and for a period of time they had something
configured wrong. If during that time, someone in SWBI land tried to
go there, one of SWBI's DNS servers may have had trouble getting the
info from the authoritative servers. It then may have cached that, so
even though the authoritative servers are up and running now, the SWBI
server will respond incorrectly until the cached info expires.





On Tue, Apr 25, 2000 at 04:39:08PM -0500, David Carmichael wrote:
> OK Steve how does one do this... "...You need to first make sure that all of
> the authoritative DNS servers are responding with the correct
> information...."
> 
> This is all the info that I can find via the web at this time... and it
> seems that the 'FIX' that SWBI did a few hours ago did not stick because I
> am nolonger able to reach the site again!!
> 
> WHOIS Query Result for INFOBEAT.COM
> The Data in Network Solutions' WHOIS database is provided by Network
> Solutions for information purposes, and to assist persons in obtaining
> information about or related to a domain name registration record.
> Network Solutions does not guarantee its accuracy.  By submitting a
> WHOIS query, you agree that you will use this Data only for lawful
> purposes and that, under no circumstances will you use this Data to:
> (1) allow, enable, or otherwise support the transmission of mass
> unsolicited, commercial advertising or solicitations via e-mail
> (spam); or  (2) enable high volume, automated, electronic processes
> that apply to Network Solutions (or its systems).  Network Solutions
> reserves the right to modify these terms at any time.  By submitting
> this query, you agree to abide by this policy.
> 
> Registrant:
> Mercury Mail (INFOBEAT-DOM)
>    707 17th Street Suite 2850
>    Denver, CO 80202
> 
>    Domain Name: INFOBEAT.COM
> 
>    Administrative Contact:
>       Online, MIS  (OM98-ORG)  mis_online@xxxxxxxxxxxxx
>       SONY Music Entertainment, Inc.
>       550 Madison Avenue
>       New York, NY 10022
>       US
>       212-833-7305
>       Fax- - - - (212) 833-6636
>    Technical Contact, Zone Contact:
>       Exactis.com Operations  (IO11-ORG)  operations@xxxxxxxxxxx
>       Exactis.com, Inc
>       707 17th Street
>       Denver, CO 80202
>       US
>       303 675 2300
>       Fax- 303.675.2399
>    Billing Contact:
>       Moss, Pam  (PM3951)  pam_moss@xxxxxxxxxxxxx
>       Sony Music
>       550 Madison Avenue
>       New York, NY 10022
>       212-833-8112 (FAX) 212-833-7690
> 
>    Record last updated on 15-Jul-1999.
>    Record expires on 26-Jun-2000.
>    Record created on 25-Jun-1997.
>    Database last updated on 23-Apr-2000 20:01:21 EDT.
> 
>    Domain servers in listed order:
> 
>    NS00.EXACTIS.COM  192.147.174.25
>    NS01.EXACTIS.COM  192.147.174.26
> 
> IP Information
> infobeat.com [web site]
> IP: 192.147.174.96 (more info)
> IP: 192.147.174.116 (more info)
> IP: 192.147.174.78 (more info)
> www.infobeat.com [web site]
> IP: 192.147.174.96 (more info)
> IP: 192.147.174.116 (more info)
> IP: 192.147.174.78 (more info)
> 
> 
> Here is what I am getting from DOS
>      Microsoft(R) Windows 98
>         (C)Copyright Microsoft Corp 1981-1999.
>      C:\WINDOWS>tracert infobeat.com
>      Unable to resolve target system name infobeat.com.
>      C:\WINDOWS>
> 
>   Microsoft(R) Windows 98
>   (C)Copyright Microsoft Corp 1981-1999.
>   C:\WINDOWS>tracert 192.147.174.78
>   1     1 ms     1 ms     1 ms  DAVID [192.168.0.1]
>   2    67 ms    63 ms    67 ms  adsl-216-63-203-254.dsl.wchtks.swbell.net
> [216.63.203.254]
>   3    63 ms    63 ms    62 ms  edge1-fa1-0.wchtks.swbell.net [151.164.70.1]
>   4    68 ms    61 ms    66 ms  sl-gw4-kc-12-0.sprintlink.net
> [144.232.131.49]
>   5    66 ms    66 ms    67 ms  sl-bb10-kc-0-3.sprintlink.net [144.232.2.53]
>   6    74 ms    75 ms    78 ms  sl-bb10-fw-10-0.sprintlink.net
> [144.232.9.254]
>   7    75 ms    74 ms    77 ms  sl-exodus-8-0-0.sprintlink.net
> [144.232.11.126]
>   8    80 ms    77 ms    79 ms  sl-verio-2-0-0.sprintlink.net
> [144.232.194.6]
>   9    90 ms    90 ms    91 ms  p1-1-0-0.r00.kscymo01.us.bb.verio.net
> [129.250.2.218]
>  10   102 ms   103 ms   102 ms  p1-1-0-1.r01.aurrco01.us.bb.verio.net
> [129.250.2.77]
>  11   104 ms    98 ms   102 ms  p1-1-0-0.r00.aurrco01.us.bb.verio.net
> [129.250.3.61]
>  12   105 ms   101 ms   103 ms  fa-2-1-0.a01.dnvrco01.us.ra.verio.net
> [129.250.30.225]
>  13   103 ms   110 ms   106 ms  infobeatgw.verioco.com [209.107.33.134]
>  14   103 ms   113 ms   104 ms  192.147.174.78
> Trace complete.
> 
> Using the trace site that Matt suggested I get the following:
> http://beacon.webtv.net/cgi-bin/nph-traceroute.cgi?host=www.infobeat.com
> 
> Traceroute to www.infobeat.com
> Running /usr/local/bin/traceroute www.infobeat.com
> traceroute to www.infobeat.com (192.147.174.116)
>      30 hops max, 38 byte packets
> 1 209.240.195.30 (209.240.195.30)
>       4 ms 2 ms 2 ms
> 2 nexus-router-1.bryant.webtv.net (209.240.192.62)
>       3 ms 1 ms 1 ms
> 3 PAIX2Bryant-2.paix.webtv.net (209.240.192.230)
>       2 ms 2 ms 2 ms
> 4 POS4-0-0.GW5.PAO1.ALTER.NET (157.130.196.121)
>       2 ms 2 ms 3 ms
> 5 139.ATM3-0.XR2.PAO1.ALTER.NET (146.188.148.238)
>       2 ms 2 ms 2 ms
> 6 288.ATM7-0.XR2.SJC1.ALTER.NET (146.188.147.14)
>       3 ms 4 ms 4 ms
> 7 192.ATM4-0.BR2.SJC1.ALTER.NET (152.63.51.177)
>       4 ms 4 ms 15 ms
> 8 137.39.91.30 (137.39.91.30)
>       5 ms 4 ms 4 ms
> 9 sjc0.sjc2.verio.net (129.250.3.78)
>       4 ms (ttl=246!) 4 ms (ttl=246!) 4 ms (ttl=246!)
> 10 p4-0-1-0.r00.scrmca01.us.bb.verio.net (129.250.3.34)
>       23 ms (ttl=241!) 25 ms (ttl=241!) 22 ms (ttl=241!)
> 11 p1-1-0-1.r00.aurrco01.us.bb.verio.net (129.250.3.218)
>       52 ms (ttl=241!) 52 ms (ttl=241!) 52 ms (ttl=241!)
> 12 fa-2-1-0.a01.dnvrco01.us.ra.verio.net (129.250.30.225)
>       52 ms (ttl=241!) 52 ms (ttl=241!) 53 ms (ttl=241!)
> 13 infobeatgw.verioco.com (209.107.33.134)
>       62 ms (ttl=240!) 62 ms (ttl=240!) 62 ms (ttl=240!)
> 14 www4.lodo.exactis.com (192.147.174.111)
>       70 ms (ttl=239!) * 62 ms (ttl=239!)
> Traceroute complete.
> ----------------------------------------------------------------------------
> ----
> 
> ----------------------------------------------------------------------------
> ----
> http://trace.tele.dk/cgi-bin/nph-traceroute?TARGETHOST=infobeat.com
> 
> Result of traceroute towards IP-address infobeat.com
> traceroute to infobeat.com (192.147.174.78): 1-30 hops, 38 byte packets
>  1  feth8-1-0.100M.sltnxt1.ip.tele.dk (193.162.146.42)  33.9 ms  220 ms
> 28.7 ms
>  2  atm4-0-73.60M.kd4nxg1.ip.tele.dk (195.249.2.21)  5.61 ms (ttl=253!)
> 0.174 ms (ttl=253!)  5.82 ms (ttl=253!)
>  3  pos0-0-0.155M.kd4nxi2.ip.tele.dk (195.249.11.242)  0.317 ms  3.46 ms
> 6.75 ms
>  4  ser5-1-1.45M.NewYorknxi1.ip.tele.dk (195.41.143.194)  90.3 ms  87.4 ms
> 92.0 ms
>  5  hs-core6-hssi5-0-0.WestOrange.cw.net (166.49.67.73)  93.9 ms  89.6 ms
> 95.1 ms
>  6  core3.WestOrange.cw.net (204.70.4.1)  88.6 ms  96.4 ms  89.8 ms
>  7  verio-internet.WestOrange.cw.net (204.70.1.10)  105 ms  107 ms  99.9 ms
>  8  d3-3-0.r01.phlapa01.us.bb.verio.net (129.250.3.114)  113 ms (ttl=242!)
> 117 ms (ttl=242!)  138 ms (ttl=242!)
>  9  p4-6-0-0.r01.nycmny01.us.bb.verio.net (129.250.3.126)  128 ms (ttl=242!)
> 126 ms (ttl=242!)  134 ms (ttl=242!)
> 10  p1-0-0-2.r01.scrmca01.us.bb.verio.net (129.250.3.202)  187 ms (ttl=240!)
> 174 ms (ttl=240!)  195 ms (ttl=240!)
> 11  p4-1-1-0.r00.scrmca01.us.bb.verio.net (129.250.3.17)  176 ms (ttl=239!)
> 189 ms (ttl=239!)  176 ms (ttl=239!)
> 12  p1-1-0-1.r00.aurrco01.us.bb.verio.net (129.250.3.218)  189 ms (ttl=240!)
> 184 ms (ttl=240!)  187 ms (ttl=240!)
> 13  fa-2-1-0.a01.dnvrco01.us.ra.verio.net (129.250.30.225)  187 ms
> (ttl=240!)  188 ms (ttl=240!)  201 ms (ttl=240!)
> 14  infobeatgw.verioco.com (209.107.33.134)  183 ms (ttl=239!)  188 ms
> (ttl=239!)  190ms (ttl=239!)
> 15  www1.lodo.exactis.com (192.147.174.64)  188 ms (ttl=238!)  *  195 ms
> (ttl=238!)
> Traceroute finished
> 
> 
> ----- Original Message -----
> From: "Steven Saner" <ssaner@xxxxxxxxxxxxxxx>
> To: <discussion@xxxxxxxxx>
> Sent: Tuesday, April 25, 2000 3:45 PM
> Subject: [aclug-L] Re: DNS TEST
> 
> 
> > Okay, so you are using traceroute to do a DNS lookup, fine, but I
> > would prefer to use the host command (bind 8.x).
> >
> > Nonetheless, just because one or more of SWBI DNS servers are not
> > giving you the correct information, does not mean that it is the fault
> > of SWBI's DNS server. You need to first make sure that all of the
> > authoritative DNS servers are responding with the correct
> > information. If one of them is not, and SWBI's server happens to ask
> > that one, it is going to give you wrong information.
> 
> 
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi

-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]