nanog mailing list archives

FW: DNS .US outage

From: "Church, Chuck" <cchurch () netcogov com>
Date: Mon, 11 Jul 2005 08:11:40 -0500


Guess I wasn't going crazy.  Forwarded to me by a read-only lister.
Might be worth trying if prob still exists for anyone. 


Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch () netcogov com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D


-----Original Message-----
From: Mark Moseley [mailto:moseleymark () gmail com] 
Sent: Friday, July 08, 2005 7:17 PM
To: Church, Chuck
Subject: Re: DNS .US outage

Hi. I don't have 'write' access to the nanog group so I'm writing you
directly.

I saw the exact same behaviour. After some banging-head-against-wall
at 3am, I noticed that if I turned *off* "query-source * port 53" in
Bind (i.e. it was using port 53 as the source port for queries to make
firewalling easier), it magically started working again. Don't know if
you're using Bind or Windows DNS, but all I could tell is that when
Bind was configured to query *from* port 53, I couldn't get the .us
TLDs to answer me, but when using a random ephemeral port (of named's
choice), it worked just fine. I don't know if they are (or were,
haven't check since then) blocking queries with a source port of 53,
but whatever the case it worked for some reason. If this works for
you, please feel free to re-post to nanog (unless of course, the
outage has gone away and they've fixed their stuff over at the .us TLD
servers).

One thing to note is that when you use dig or nslookup or whatever,
it'll also be using some ephemeral port, so it'll work, even when the
lookups from source port 53 wouldn't. Again, I haven't checked since
that night to see if that's gone away, so it might be a moot point
now.


On 7/6/05, Church, Chuck <cchurch () netcogov com> wrote:

 
Anyone else having issues with .US right now  (~12AM EST)?  NSlookup,

etc

show various .us destinations as unknown domains...  
  

Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch () netcogov com
PGP key:
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D

Current thread:

RE: DNS .US outage, (continued)
- - - RE: DNS .US outage Jeroen Massar (Jul 07)
    - Message not available
    - Re: DNS .US outage Jay R. Ashworth (Jul 07)
    - RE: DNS .US outage Brad Knowles (Jul 07)
    - Re: DNS .US outage Michael Painter (Jul 07)
    - Re: DNS .US outage Steven J. Sobol (Jul 09)
  - Re: DNS .US outage Rodney Joffe (Jul 06)
    - Re: DNS .US outage Christopher L. Morrow (Jul 07)
- RE: DNS .US outage Church, Chuck (Jul 07)
  - Re: DNS .US outage Stephane Bortzmeyer (Jul 07)
  - RE: DNS .US outage Christopher L. Morrow (Jul 07)
- FW: DNS .US outage Church, Chuck (Jul 11)
  - Re: FW: DNS .US outage Suresh Ramasubramanian (Jul 11)