DNS Resolver returns SERVFAIL for a valid domain
-
No, but I should!
Thanks, my problem is certainly accesing the NS ns1.servotic.net (or any other of the NS) from that location. If I ssh to another server in a different network I can query it without problems.
Thanks for the help.
-
ns1.servotic.net 82.223.244.165
ns2.servotic.net 195.190.78.1
ns3.servotic.net 195.21.32.43
ns4.servotic.net 192.83.254.181You can not reach any of those? Where does your trace die, later on or right away just into your isp network?
-
@johnpoz later. I can trace the exit and it dies at hop 10 to 15. If I query the server directly for the name I get no response, but if I do it from another network it works.
-
for all 4 of those IPs?
-
@johnpoz Yes :-S
The same result for the 4 IPs:
-
The DNS request are ignored.
-
Ping works
-
Traceroute dies what looks like close to the destination
see and example below
7 145.254.2.179 (145.254.2.179) 9.291 ms 9.670 ms 145.254.2.195 (145.254.2.195) 9.125 ms 8 decix.bb-a.fra3.fra.de.oneandone.net (80.81.192.123) 10.427 ms 10.224 ms 9.675 ms 9 ae-10-0.bb-a.bap.rhr.de.oneandone.net (212.227.120.147) 15.933 ms 17.048 ms 15.870 ms 10 ae-1-0.bb-a.bv.crb.fr.oneandone.net (212.227.120.41) 23.707 ms 23.173 ms 23.215 ms 11 irb-66.bb-a.mad2.mad.es.oneandone.net (212.227.120.17) 40.407 ms 42.199 ms 40.061 ms 12 lpwro09.xe-1-0-0.arsys.es (82.223.200.41) 43.407 ms 43.624 ms 43.807 ms 13 * * * 14 82.223.244.165 (82.223.244.165) 44.600 ms 44.419 ms 44.244 ms 15 * * * 16 * * * 17 * * *
-
-
But you can ping them? Well if you can ping them, its not a connectivity thing.. But they don't answer your query???
-
@johnpoz yes, nothing. Like if they dropped the request.
-
Odd... both udp and tcp queries? Even for their own SOA?
Or just that one record?
; <<>> DiG 9.12.3-P1 <<>> @ns2.servotic.net servotic.net SOA ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21175 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;servotic.net. IN SOA ;; ANSWER SECTION: servotic.net. 300 IN SOA ns1.servotic.net. hostmaster.servotic.com. 2018111730 10800 900 604800 86400 ;; AUTHORITY SECTION: servotic.net. 300 IN NS ns2.servotic.net. servotic.net. 300 IN NS ns4.servotic.net. servotic.net. 300 IN NS ns3.servotic.net. servotic.net. 300 IN NS ns1.servotic.net. ;; ADDITIONAL SECTION: ns1.servotic.net. 300 IN A 82.223.244.165 ns2.servotic.net. 300 IN A 195.190.78.1 ns3.servotic.net. 300 IN A 195.21.32.43 ns4.servotic.net. 300 IN A 192.83.254.181 ;; Query time: 29 msec ;; SERVER: 195.190.78.1#53(195.190.78.1) ;; WHEN: Tue Mar 26 05:22:53 Central Daylight Time 2019 ;; MSG SIZE rcvd: 236
-
@johnpoz UDP are ignored, TCP looks like reset:
[2.4.4-RELEASE][admin@fw.xxxx.com]/root: dig @82.223.244.165 +tcp caching.ara.edge2befaster.com ;; communications error to 82.223.244.165#53: connection reset
and the dump:
[2.4.4-RELEASE][admin@fw.xxxx.com]/root: tcpdump -n port 53 -i igb0 -Xs0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on igb0, link-type EN10MB (Ethernet), capture size 262144 bytes 11:46:47.177332 IP 192.168.0.139.27293 > 82.223.244.165.53: Flags [S], seq 1933958727, win 65228, options [mss 1460,nop,wscale 7,sackOK,TS val 265315576 ecr 0], length 0 0x0000: 4500 003c 0000 4000 4006 3204 c0a8 008b E..<..@.@.2..... 0x0010: 52df f4a5 6a9d 0035 7345 de47 0000 0000 R...j..5sE.G.... 0x0020: a002 fecc 08e7 0000 0204 05b4 0103 0307 ................ 0x0030: 0402 080a 0fd0 64f8 0000 0000 ......d..... 11:46:47.221421 IP 82.223.244.165.53 > 192.168.0.139.27293: Flags [S.], seq 2916622363, ack 1933958728, win 14480, options [mss 1452,sackOK,TS val 3687093890 ecr 265315576,nop,wscale 6], length 0 0x0000: 4500 003c 0000 4000 3506 3d04 52df f4a5 E..<..@.5.=.R... 0x0010: c0a8 008b 0035 6a9d add8 201b 7345 de48 .....5j.....sE.H 0x0020: a012 3890 954c 0000 0204 05ac 0402 080a ..8..L.......... 0x0030: dbc4 9682 0fd0 64f8 0103 0306 ......d..... 11:46:47.221573 IP 192.168.0.139.27293 > 82.223.244.165.53: Flags [.], ack 1, win 510, options [nop,nop,TS val 265315620 ecr 3687093890], length 0 0x0000: 4500 0034 0000 4000 4006 320c c0a8 008b E..4..@.@.2..... 0x0010: 52df f4a5 6a9d 0035 7345 de48 add8 201c R...j..5sE.H.... 0x0020: 8010 01fe 08df 0000 0101 080a 0fd0 6524 ..............e$ 0x0030: dbc4 9682 .... 11:46:47.221918 IP 192.168.0.139.27293 > 82.223.244.165.53: Flags [P.], seq 1:73, ack 1, win 510, options [nop,nop,TS val 265315621 ecr 3687093890], length 725072+ [1au] A? caching.ara.edge2befaster.com. (70) 0x0000: 4500 007c 0000 4000 4006 31c4 c0a8 008b E..|..@.@.1..... 0x0010: 52df f4a5 6a9d 0035 7345 de48 add8 201c R...j..5sE.H.... 0x0020: 8018 01fe 0927 0000 0101 080a 0fd0 6525 .....'........e% 0x0030: dbc4 9682 0046 13d0 0120 0001 0000 0000 .....F.......... 0x0040: 0001 0763 6163 6869 6e67 0361 7261 0d65 ...caching.ara.e 0x0050: 6467 6532 6265 6661 7374 6572 0363 6f6d dge2befaster.com 0x0060: 0000 0100 0100 0029 1000 0000 0000 000c .......)........ 0x0070: 000a 0008 9236 b8b5 1cf1 5c23 .....6....\# 11:46:47.266090 IP 82.223.244.165.53 > 192.168.0.139.27293: Flags [.], ack 73, win 227, options [nop,nop,TS val 3687093901 ecr 265315621], length 0 0x0000: 4500 0034 b691 4000 3506 867a 52df f4a5 E..4..@.5..zR... 0x0010: c0a8 008b 0035 6a9d add8 201c 7345 de90 .....5j.....sE.. 0x0020: 8010 00e3 fb3c 0000 0101 080a dbc4 968d .....<.......... 0x0030: 0fd0 6525 ..e% 11:46:47.266333 IP 82.223.244.165.53 > 192.168.0.139.27293: Flags [R.], seq 1, ack 73, win 227, options [nop,nop,TS val 3687093901 ecr 265315621], length 0 0x0000: 4500 0034 b692 4000 3506 8679 52df f4a5 E..4..@.5..yR... 0x0010: c0a8 008b 0035 6a9d add8 201c 7345 de90 .....5j.....sE.. 0x0020: 8014 00e3 fb38 0000 0101 080a dbc4 968d .....8.......... 0x0030: 0fd0 6525 ..e% ^C 6 packets captured
same result regardless of the record
-
Hmmmm, since firewalls don't normally send RST, nor would they normally answer a s with sa if they are blocking I have to assume your moving up the stack and something decided not to answer your query, and closed the session with R..
Possible ACL on their NS(s)...