North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

FW: DNS .US outage

  • From: Church, Chuck
  • Date: Mon Jul 11 09:13:04 2005

Guess I wasn't going crazy.  Forwarded to me by a read-only lister.
Might be worth trying if prob still exists for anyone. 


Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
[email protected]
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D


-----Original Message-----
From: Mark Moseley [mailto:[email protected]] 
Sent: Friday, July 08, 2005 7:17 PM
To: Church, Chuck
Subject: Re: DNS .US outage

Hi. I don't have 'write' access to the nanog group so I'm writing you
directly.

I saw the exact same behaviour. After some banging-head-against-wall
at 3am, I noticed that if I turned *off* "query-source * port 53" in
Bind (i.e. it was using port 53 as the source port for queries to make
firewalling easier), it magically started working again. Don't know if
you're using Bind or Windows DNS, but all I could tell is that when
Bind was configured to query *from* port 53, I couldn't get the .us
TLDs to answer me, but when using a random ephemeral port (of named's
choice), it worked just fine. I don't know if they are (or were,
haven't check since then) blocking queries with a source port of 53,
but whatever the case it worked for some reason. If this works for
you, please feel free to re-post to nanog (unless of course, the
outage has gone away and they've fixed their stuff over at the .us TLD
servers).

One thing to note is that when you use dig or nslookup or whatever,
it'll also be using some ephemeral port, so it'll work, even when the
lookups from source port 53 wouldn't. Again, I haven't checked since
that night to see if that's gone away, so it might be a moot point
now.


On 7/6/05, Church, Chuck <[email protected]> wrote:
>  
> Anyone else having issues with .US right now  (~12AM EST)?  NSlookup,
etc
> show various .us destinations as unknown domains...  
>   
> 
> Chuck Church
> Lead Design Engineer
> CCIE #8776, MCNE, MCSE
> Netco Government Services - Design & Implementation Team
> 1210 N. Parker Rd.
> Greenville, SC 29609
> Home office: 864-335-9473
> Cell: 703-819-3495
> [email protected]
> PGP key:
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
>