Client on OS X, Browsers ALL fail DNS Lookup off net Hosts, SMTP+shell OK
Newly evolved problems (network has been good for years, no recent known upgrades, config changes): Clients on MAC OS X, Browsers ALL (FFox, Opera, Safari, Chrome) fail DNS Lookups for non-local web servers, BUT: SMTP mail, POP, IMAP and shell commands (ping, trace route) fully OK AND: www.google.com and a very few .orgs resolve on web browsers. Connected via TWBC: RCWE, 13820 Sunrise Valley Drive, Herndon, Allocations for this OrgID serve Road Runner commercial customers out of the Honolulu, HI, Kansas City, KS, Orange, CA and San Diego, CA RDCs. (Probably Orange Co, CA) No, MAC has no nsswitch.conf .. to there. MAC HACKED ( ) DNS HACKED ( ) ISP FAILED fwdg DNS ( ) OTHER IDEA, START POINT ____ Thnx — VR, Ev / efbatey@gmail.com / +1-805-616-2471
I'm sorry, this is NANOG, not your local helpdesk. HTH, HAND, -- Niels. * efbatey@gmail.com (Everett F Batey II Gi) [Wed 18 Jun 2014, 17:34 CEST]:
Newly evolved problems (network has been good for years, no recent known upgrades, config changes): Clients on MAC OS X, Browsers ALL (FFox, Opera, Safari, Chrome) fail DNS Lookups for non-local web servers, BUT: SMTP mail, POP, IMAP and shell commands (ping, trace route) fully OK AND: www.google.com and a very few .orgs resolve on web browsers. Connected via TWBC: RCWE, 13820 Sunrise Valley Drive, Herndon, Allocations for this OrgID serve Road Runner commercial customers out of the Honolulu, HI, Kansas City, KS, Orange, CA and San Diego, CA RDCs. (Probably Orange Co, CA) No, MAC has no nsswitch.conf .. to there. MAC HACKED ( ) DNS HACKED ( ) ISP FAILED fwdg DNS ( ) OTHER IDEA, START POINT ____ Thnx
— VR, Ev / efbatey@gmail.com / +1-805-616-2471
The Internet is down. Didn't you hear? Nick On 18/06/2014 16:40, Niels Bakker wrote:
I'm sorry, this is NANOG, not your local helpdesk.
HTH, HAND,
-- Niels.
* efbatey@gmail.com (Everett F Batey II Gi) [Wed 18 Jun 2014, 17:34 CEST]:
Newly evolved problems (network has been good for years, no recent known upgrades, config changes): Clients on MAC OS X, Browsers ALL (FFox, Opera, Safari, Chrome) fail DNS Lookups for non-local web servers, BUT: SMTP mail, POP, IMAP and shell commands (ping, trace route) fully OK AND: www.google.com and a very few .orgs resolve on web browsers. Connected via TWBC: RCWE, 13820 Sunrise Valley Drive, Herndon, Allocations for this OrgID serve Road Runner commercial customers out of the Honolulu, HI, Kansas City, KS, Orange, CA and San Diego, CA RDCs. (Probably Orange Co, CA) No, MAC has no nsswitch.conf .. to there. MAC HACKED ( ) DNS HACKED ( ) ISP FAILED fwdg DNS ( ) OTHER IDEA, START POINT ____ Thnx
— VR, Ev / efbatey@gmail.com / +1-805-616-2471
Oh lord... On 6/19/2014 午前 12:42, Nick Hilliard wrote:
The Internet is down. Didn't you hear?
Nick
On 18/06/2014 16:40, Niels Bakker wrote:
I'm sorry, this is NANOG, not your local helpdesk.
HTH, HAND,
-- Niels.
* efbatey@gmail.com (Everett F Batey II Gi) [Wed 18 Jun 2014, 17:34 CEST]:
Newly evolved problems (network has been good for years, no recent known upgrades, config changes): Clients on MAC OS X, Browsers ALL (FFox, Opera, Safari, Chrome) fail DNS Lookups for non-local web servers, BUT: SMTP mail, POP, IMAP and shell commands (ping, trace route) fully OK AND: www.google.com and a very few .orgs resolve on web browsers. Connected via TWBC: RCWE, 13820 Sunrise Valley Drive, Herndon, Allocations for this OrgID serve Road Runner commercial customers out of the Honolulu, HI, Kansas City, KS, Orange, CA and San Diego, CA RDCs. (Probably Orange Co, CA) No, MAC has no nsswitch.conf .. to there. MAC HACKED ( ) DNS HACKED ( ) ISP FAILED fwdg DNS ( ) OTHER IDEA, START POINT ____ Thnx
— VR, Ev / efbatey@gmail.com / +1-805-616-2471
1. It could be that DNS is working fine but port 80/443 is blocked or filtered when you leave the local LAN. New Firewall? Proxy authentication required? 2. The DNS server (cat /etc/resolv.conf) that the Mac hosts are pointed to can resolve internal but cannot reach external DNS hosts due to the upstream blocking DNS due to DNS amplification attacks (or bonehead admin). 3. Your resolver has a static configuration pointed to an upstream DNS server, and it has stopped responding and no backups are available. 4. Your resolver has a static configuration pointed to an upstream DNS server, and the primary DNS upstream server is offline and you aren't waiting 60 seconds for it to fail to the next DNS server. That's my off-the-cuff assessment. On Wed, 18 Jun 2014, Everett F Batey II Gi wrote:
Newly evolved problems (network has been good for years, no recent known upgrades, config changes): Clients on MAC OS X, Browsers ALL (FFox, Opera, Safari, Chrome) fail DNS Lookups for non-local web servers, BUT: SMTP mail, POP, IMAP and shell commands (ping, trace route) fully OK AND: www.google.com and a very few .orgs resolve on web browsers. Connected via TWBC: RCWE, 13820 Sunrise Valley Drive, Herndon, Allocations for this OrgID serve Road Runner commercial customers out of the Honolulu, HI, Kansas City, KS, Orange, CA and San Diego, CA RDCs. (Probably Orange Co, CA) No, MAC has no nsswitch.conf .. to there. MAC HACKED ( ) DNS HACKED ( ) ISP FAILED fwdg DNS ( ) OTHER IDEA, START POINT ____ Thnx
— VR, Ev / efbatey@gmail.com / +1-805-616-2471
--------------------------------------------------------------------------- Peter Beckman Internet Guy beckman@angryox.com http://www.angryox.com/ ---------------------------------------------------------------------------
participants (5)
-
Everett F Batey II Gi -
Nick Hilliard -
Niels Bakker -
Paul S. -
Peter Beckman