From about October/November last year we have been getting the odd call from some of our customers to report that our servers are ‘not found’. So far, each report has been from an Xtra broadband user. When investigating these reports we have found that the servers were fine and DNS lookups from various sources (except Xtra) were as well.
Last night the issue happened to a member of the family so I was able to jump onto their computer using Teamviewer and do some more thorough diagnostics. My results were; Name servers in use: ns1.xtra.co.nz http://ns1.xtra.co.nz/ and ns2.xtra.co.nz http://ns2.xtra.co.nz/ Name servers pingable from PC: Yes Does smtp.godzone.net.nz http://smtp.godzone.net.nz/ resolve: No, times out Do other resources in our DNS resolve: No, time out Do resources in other DNS servers resolve: Yes Are all 4 of our name servers pingable from PC: Yes, 2 in NZ and 2 offshore Use nslookup to query our name servers directly, does smtp.godzone.net.nz http://smtp.godzone.net.nz/ resolve: Yes Use nslookup to query our name servers using 8.8.8.8, does smtp.godzone.net.nz http://smtp.godzone.net.nz/ resolve: Yes To fix the issue on the PC, I manually set the name servers to 8.8.8.8 and 8.8.4.4, all our services were then resolvable and useable. So, whats going on ? How are our servers different ? Well, we are one of the few ISPs that are using DNSSec to sign zones. Is DNSSec broken ? Not according to dnsviz.net http://dnsviz.net/ The problem is also intermittent, I have heard that the two Xtra servers are actually LB VIPs in front of a farm of name servers. With the intermittent nature of the issue I wonder whether one server in the farm might be broken/misconfigured, just a thought. I have tried, without success to contact appropriate people at Xtra to either comment or assist and have failed to get past the level one helpdesk people. Their only response being “Sorry we can’t help you”. I am not saying this is an issue with Xtra’s internal recursive DNS servers but so far I have been unable to replicate the issue and have had no reports from any of our other customers using alternative broadband suppliers. I have run out of ideas now on how to continue to investigate this and just changing to Google’s DNS servers might work but isn’t a great solution. If anyone has any suggestions I’d appreciate hearing from you. Glen. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Glen and Rosanne Eustace, GodZone Internet Services, a division of AGRE Enterprises Ltd., P.O. Box 8020, Palmerston North, New Zealand 4446 Ph: +64 6 357 8168 tel:%2B64%206%20357%208168, Fax: +64 6 357 8165 tel:%2B64%206%20357%208165, Mob: +64 27 542 4015 tel:%2B64%2027%20542%204015 "Specialising in providing low-cost professional Internet Services since 1997"