DNS - Does not keep site info for NASA.gov 2

[garbow2007]

Last fall our DNS server started to fail. It was on a small pc running XP. I replaced the box with a new system, running 2003.
I believe I copied the data and input the dns info as instructed from a Microsoft support document. It seems to be running okay, except we have problems with the

http://www.nasa.gov

site. Out of the blue we can't access the site? If I reboot the dns box, which is on our internal network we can gain access to the nasa site. I can't see anything wrong with the system. Anybody have any ideas or tests I could run to resolve this issue?

 

[Noway2]

First, try doing an nslookup, which will query the DNS server. You should be able to do both a forward lookup by name nasa.gov. and a reverse lookup by ip address. This will confirm whether or not the DNS is able to resolve the site.

Second, try to see if you can ping the site, both by IP address and by name.

Third, try a traceroute (tracert on Windows) to the site. This may show you where the blockage is.

P.S.
A point of interest, I just did an nslookup on it and got interesting results. nasa.gov does not resolve BUT

http://WWW.nasa.gov

does. Apparently

http://www.nasa.gov

is a CNAME. Here is what my nslookup shows:

Non-authoritative answer:

http://www.nasa.gov

canonical name =

http://www.nasa.gov.speedera.net.

http://www.nasa.gov.speedera.net

canonical name =

http://www.nasa.gov.edgesuite.net.

http://www.nasa.gov.edgesuite.net

canonical name = a1718.x.akamai.net.
Name: a1718.x.akamai.net
Address: 97.65.135.136
Name: a1718.x.akamai.net
Address: 97.65.135.171

 

[elgrandeperro]

http://www.nasa.gov

seems to be a akamai site, meaning it runs with short ttls.

First, store away the ip addresses of the nasa nameservers.

They seem to be 192.116.4.181, 185 & 189 right now.

When the problem occurs:

nslookup

http://www.nasa.gov.

IPOFYOURDNSSERVERHERE
and
nslookup

http://www.nasa.gov.

192.116.4.181

If they are different, you might have a caching problem.
You then need to look at the cache to see what might be happening. If clearing the dns server's cache clears the problem, I would suspect it might be some registry entry that subverts the TTL.

If you don't get a response from the NASA servers then you might have a routing problem to the nasa DNS servers. With the low TTL, the record will expire within 5 minutes, so any outage or strangeness longer than 5 minutes might affect the name resolution.

Store away a traceroute to the DNS servers and compare when you have the outage.

 

[garbow2007]

I am sorry, I just reposted my question about the dns issue. I never saw the replies to my earlier post. My fault!

I did the nslookup

http://www.nasa.gov

10.160.2.15 (our internal dns box)
results are:

Can't find server name for address 10.160.2.15:Non-existent domain
server : unknown
address: 10.160.2.15

Non-authoritive answer:
name: a1718.191.191.135, 207,191,191,134
Aliases

http://www.nasa.gov,

http://www.nasa.gov.speedera.net

http://www.nasa.gov.edesuite.net

Now I should note, we are not an AD shop, we use Windows servers for our dns, and webserver, predominately we are an NDS shop. We have one internal DNS server which all our clients check with.
Also, the

http://www.nasa.gov

site IS working today, but it went down Monday after running fine for two weeks.

 

[garbow2007]

A follow-up:
I did nslookup

http://www.nasa.gov

192.116.4.181
DNS request times out
timout was 2 seconds
Can't find server name for address 192.116.4.181: Time out
Server : Unknown
Address: 192.116.4.181
DNS request time out
timeout was 2 seconds
Request to unknown timed-out

Does this indicate anything?

 

[elgrandeperro]

First, you don't have reverses configured for your own dns servers. So it is spending time trying to reverse the
name to display in the nslookup output.

Use interactive mode, setting the timeout bigger than 2.

nslookup - 192.116.4.181
> set debug
> set timeout=5
>

http://www.nasa.gov

Is your internet connection alive all the time or is it by usage?

Set up a continuous ping to say 4.2.2.1

While that is running, try the nslookup.

 

[garbow2007]

I will see about making those changes. I am not all that familiar with the Windows 2003 server and/or DNS server. I kind of inherited the box, then the darn thing went down.

Please parden my asking so many questions.

Do I change the timeouts on the dns box or my local workstation?

Our internet connection is alive 24/7.


I sure apprecite the help!

 

[garbow2007]

Results of the suggested test: NOTE: while I was doing the continuous ping of 4.2.2.1 and ran the nslookup occasionally, but not real often it could not reach 4.2.2.1

Here are the results:

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\>nslookup
*** Can't find server name for address 10.160.2.15: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 10.160.2.15

> nslookup 192.116.4.181
Server: [192.116.4.181]
Address: 192.116.4.181

DNS request timed out.
timeout was 2 seconds.
*** Request to 192.116.4.181 timed-out
> set debug
> set timeout=5
>

http://www.nasa.gov

Server: UnKnown
Address: 10.160.2.15

------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 5, authority records = 0, additional = 0

QUESTIONS:

http://www.nasa.gov,

type = A, class = IN
ANSWERS:
->

http://www.nasa.gov

canonical name =

http://www.nasa.gov.speedera.net

ttl = 30 (30 secs)
->

http://www.nasa.gov.speedera.net

canonical name =

http://www.nasa.gov.edgesuite.net

ttl = 120 (2 mins)
->

http://www.nasa.gov.edgesuite.net

canonical name = a1718.x.akamai.net
ttl = 5676 (1 hour 34 mins 36 secs)
-> a1718.x.akamai.net
internet address = 207.191.191.134
ttl = 20 (20 secs)
-> a1718.x.akamai.net
internet address = 207.191.191.135
ttl = 20 (20 secs)

------------
Non-authoritative answer:
Name: a1718.x.akamai.net
Addresses: 207.191.191.134, 207.191.191.135
Aliases:

http://www.nasa.gov,

http://www.nasa.gov.speedera.net

http://www.nasa.gov.edgesuite.net

>
C:\>

I am not sure of the significance of the results?

 

[elgrandeperro]

If the ping dropped, then you don't have a clean network connection. It should only drop the first few if any.

When I said continous, I meant like
ping -t 4.2.2.1

Right, not typing it again and again.

I think you are dropping packets. Changing the default timeout and # of tries will probably solve the DNS problem
albeit slow you down.

What type of connection do you have on the internet?

 

[garbow2007]

I did issue the ping -t command when I did the nslookup.

We have a 45 meg connection to the internet, right now "average" badnwidth is 28 mb. I am running a sniffer currently.

 

[Noway2]

I am getting the same timeout results when I try this from my own server. Setting the timeout to 5 and retrying gave me the same results posted here. It would appear that there is a slow server somewhere on their end.

I also got a different result when I tried a reverse lookup on 192.116.4.181. This address doesn't seem to be Nasa. It is a university in Palestine which could certainly explain why it takes longer to get a response. Also doing a whois on this IP says that it is registered in the West Bank of Israel. See below:

------------
QUESTIONS:
181.4.116.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
AUTHORITY RECORDS:
-> 4.116.192.in-addr.arpa
origin = ns2.bethlehem.edu
mail addr = pdaoud.bethlehem.edu
serial = 2006110001
refresh = 43200
retry = 7200
expire = 1209600
minimum = 43200
ADDITIONAL RECORDS:
------------

 

[elgrandeperro]

The problem is that

http://www.nasa.gov

is cnamed to speedera, which is cnamed edgesuite, which is cnamed to akamai.

One option might be to forward to opendns or your isp's
dns servers?