06 Feb

airtel.in – bad DNS setup

 

Few days back I mentioned how reverse DNS setup of Airtel was incorrect. Sad to say it has not been fixed yet.

In meanwhile I was looking at domain name – airtel.in the main domain which runs website for Bharti Airtel’s Indian operations. I am little surprised to find that DNS server of airtel.in are failing randomly!

 

Problem:

airtel.in uses 4 DNS servers from Mantra Online – a small ISP which Bharti took over years back. Here are the DNS servers used by domain name:

aaadel.mantraonline.com.
dnsbom.mantraonline.com.
dnsdel.mantraonline.com.
dnsblr.mantraonline.com.

 

Now interesting part here is that out of these 4, only 1 behaves normally.

DNS server – dnsblr.mantraonline.com. seems working fine but rest all are rejecting queries “randomly” which is interesting. I have mostly seen DNS servers being up or down. This is probably first case when I can see DNS servers failing in random fashion.

Let’s query rest 3 DNS servers one by one:

anurag@laptop:~$ dig @aaadel.mantraonline.com airtel.in ns

; <<>> DiG 9.7.1-P2 <<>> @aaadel.mantraonline.com airtel.in ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 63903
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;airtel.in. IN NS

;; Query time: 81 msec
;; SERVER: 202.56.230.6#53(202.56.230.6)
;; WHEN: Mon Feb 6 01:25:20 2012
;; MSG SIZE rcvd: 27

 

 

In another 5 random tries, here’s what I get:

anurag@laptop:~$ dig @aaadel.mantraonline.com airtel.in ns

; <<>> DiG 9.7.1-P2 <<>> @aaadel.mantraonline.com airtel.in ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2044
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 4
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;airtel.in. IN NS

;; ANSWER SECTION:
airtel.in. 86400 IN NS dnsblr.mantraonline.com.
airtel.in. 86400 IN NS dnsdel.mantraonline.com.
airtel.in. 86400 IN NS aaadel.mantraonline.com.
airtel.in. 86400 IN NS dnsbom.mantraonline.com.

;; ADDITIONAL SECTION:
aaadel.mantraonline.com. 86400 IN A 202.56.230.6
dnsblr.mantraonline.com. 86400 IN A 202.56.250.5
dnsbom.mantraonline.com. 86400 IN A 202.56.240.5
dnsdel.mantraonline.com. 86400 IN A 202.56.230.5

;; Query time: 87 msec
;; SERVER: 202.56.230.6#53(202.56.230.6)
;; WHEN: Mon Feb 6 01:26:05 2012
;; MSG SIZE rcvd: 191

 

This time it worked. Pretty crazy. Same applies on other 2 DNS servers too:

anurag@laptop:~$ dig @dnsbom.mantraonline.com airtel.in ns

; <<>> DiG 9.7.1-P2 <<>> @dnsbom.mantraonline.com airtel.in ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 29601
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;airtel.in. IN NS

;; Query time: 82 msec
;; SERVER: 202.56.240.5#53(202.56.240.5)
;; WHEN: Mon Feb 6 01:28:21 2012
;; MSG SIZE rcvd: 27

 

anurag@laptop:~$ dig @dnsdel.mantraonline.com airtel.in ns

; <<>> DiG 9.7.1-P2 <<>> @dnsdel.mantraonline.com airtel.in ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 34334
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;airtel.in. IN NS

;; Query time: 86 msec
;; SERVER: 202.56.230.5#53(202.56.230.5)
;; WHEN: Mon Feb 6 01:27:42 2012
;; MSG SIZE rcvd: 27

 

Pretty crazy case. Something is wrong at DNS servers itself – not sure what’s logic of rejecting queries randomly. But anyways – http://www.airtel.in will always open since 1/4 DNS server seems working normal. If that’s the case then Airtel still won’t be loosing much of traffic but unfortunately case is further complex.

 

Another problem…

Remember that 4 DNS servers mentioned here are the ones which are NS records at “airtel.in” zone at delegated servers. In other terms these are just servers which host and have NS entries for the zone but root nameservers of in-registry hold only 2 DNS servers in total which host zone. A quick whois check reveals that airtel.in is using:

Name Server:AAADEL.MANTRAONLINE.COM
Name Server:DNSDEL.MANTRAONLINE.COM

and thus missing the only server which gives consistent results. Incoming traffic never hits other 2 DNS servers which are just mentioned in NS.

Poor & bad DNS setup!

With hope that you hit right server this month rather then dead servers before reaching the working one, time for me to say Good night! 🙂

Leave a Reply