Dns

One of my friend told me on error coming for http://www.musicindiaonline.com/ which was showing error that website is blocked as per DoT orders. I just checked it now and for now domain is not resolving at all! Quick analysis to see how site is blocked.  

anurag@laptop:$ dig musicindiaonline.com a ; «» DiG 9.8.1-P1 «» musicindiaonline.com a ;; global options: +cmd ;; Got answer: ;; -»HEADER«- opcode: QUERY, status: NOERROR, id: 23431 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;musicindiaonline.com. IN A ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Nov 3 02:31:58 2012 ;; MSG SIZE rcvd: 38 anurag@laptop:$

Boring exam days, anyways time for a quick blog post to keep taste in life. :)

One of my good friend informed me about eNom DNS servers failing randomly. He gave clothdiaperrevival.com as sample domain name for testing.

Quick Check from my home connection:

anurag@laptop ~ $ dig clothdiaperrevival.com a @dns1.name-services.com +short  
216.239.32.21  
216.239.34.21  
216.239.36.21  
216.239.38.21

anurag@laptop ~ $ dig clothdiaperrevival.com a @dns2.name-services.com +short  
216.239.36.21  
216.239.32.21  
216.239.38.21  
216.239.34.21

anurag@laptop ~ $ dig clothdiaperrevival.com a @dns3.name-services.com +short  
216.239.38.21  
216.239.34.21  
216.239.32.21  
216.239.36.21

anurag@laptop ~ $ dig clothdiaperrevival.com a @dns4.name-services.com +short  
216.239.32.21  
216.239.38.21  
216.239.34.21  
216.239.36.21

anurag@laptop ~ $ dig clothdiaperrevival.com a @dns5.name-services.com +short  
216.239.32.21  
216.239.34.21  
216.239.36.21  
216.239.38.21

Next, checking from my EU located server:

anurag@server7:~$ dig clothdiaperrevival.com a @dns1.name-services.com +short  
216.239.32.21  
216.239.34.21  
216.239.36.21  
216.239.38.21

anurag@server7:~$ dig clothdiaperrevival.com a @dns2.name-services.com +short

anurag@server7:~$ dig clothdiaperrevival.com a @dns3.name-services.com +short  
216.239.36.21  
216.239.38.21  
216.239.32.21  
216.239.34.21

anurag@server7:~$ dig clothdiaperrevival.com a @dns4.name-services.com +short  
216.239.32.21  
216.239.38.21  
216.239.36.21  
216.239.34.21

anurag@server7:~$ dig clothdiaperrevival.com a @dns5.name-services.com +short  
216.239.32.21  
216.239.34.21  
216.239.36.21  
216.239.38.21

dns2.name-services.com is failing when reached my EU based server.

In last few days, I have been pushing discussion on APNIC & NANOG mailing lists about poor DNS infrastructure in India.

Thought to put a quick blog post on the issue.

So what’s exactly wrong?

To understand what’s wrong, let’s understand how DNS works at core level. DNS relies on a hierarchy model with . (dot) on top which is Root and TLD i.e Top Level Domains below Root, which further  follow 2nd level domains which are popularly domain names we use. So e.g mail.google.com is actually like

 

Few days back I mentioned how reverse DNS setup of Airtel was incorrect. Sad to say it has not been fixed yet. In meanwhile I was looking at domain name - airtel.in the main domain which runs website for Bharti Airtel’s Indian operations. I am little surprised to find that DNS server of airtel.in are failing randomly!  

Problem:

airtel.in uses 4 DNS servers from Mantra Online - a small ISP which Bharti took over years back. Here are the DNS servers used by domain name: aaadel.mantraonline.com. dnsbom.mantraonline.com. dnsdel.mantraonline.com. dnsblr.mantraonline.com.   Now interesting part here is that out of these 4, only 1 behaves normally. DNS server - dnsblr.mantraonline.com. seems working fine but rest all are rejecting queries “randomly” which is interesting. I have mostly seen DNS servers being up or down. This is probably first case when I can see DNS servers failing in random fashion.

This is a very popular mistake admins make - it’s missing . i.e dot in the end of hostname. This causes serious problems (and lot of frustration!).

E.g taking example of popular Google’s cname record ghs.google.com. As we know if one would like to use mail.domain.com., he has to point the CNAME record to “ghs.google.com”. Now here if one misses dot in the end of ghs.google.com. - it will give a real value like: