Do I or RR need dns clue?
Hi, Mail to RR users is getting refused due to PTR issues. I contacted RR and explained that yea, one of our 2 DNS servers for the IN-ADDR.ARPA is down, but the other is fine. They said that I should either get the DNS server back up (Which of course is already being worked on, was the minute it went down) or delete it from ARIN IN-ADDR.ARPA records. Isn't the whole point of multiple DNS servers that if one is down the other can still answer queries? Or am I missing something here??? Thanks, Tuc/TBOH
On Thu, 16 Aug 2007 10:40:49 EDT, Tuc at T-B-O-H said:
Mail to RR users is getting refused due to PTR issues. I contacted RR and explained that yea, one of our 2 DNS servers for the IN-ADDR.ARPA is down, but the other is fine. They said that I should either get the DNS server back up (Which of course is already being worked on, was the minute it went down) or delete it from ARIN IN-ADDR.ARPA records.
Isn't the whole point of multiple DNS servers that if one is down the other can still answer queries? Or am I missing something here???
Depends exactly what your "down" server is doing. If it's totally not answering, the resolver at RR should silently fall back and try the other one. It gets more interesting if your "down" server is still answering queries, particlylarly if it's giving out "I never heard of it" answers with the authoritative bit set because it's blown out a zone. In that case, the RR resolver is within its rights to assume that your NS knows what it's talking about and believing it.
How much is power as a percent of data centre operating expense? What sort of a range do you see? We are building a high capacity cable to Iceland, which has already become a major aluminum smelting centre due to its cheap geothermal and hydro power, and we've already received inquiries for connectivity to Iceland for data centre opportunities. I assume that expense and ability to scale the power network are the key concerns of the IT community. And for governments, carbon emissions should matter. Roderick S. Beck Director of EMEA Sales Hibernia Atlantic 1, Passage du Chantier, 75012 Paris http://www.hiberniaatlantic.com Wireless: 1-212-444-8829. Landline: 33-1-4346-3209 AOL Messenger: GlobalBandwidth rod.beck@hiberniaatlantic.com rodbeck@erols.com ``Unthinking respect for authority is the greatest enemy of truth.'' Albert Einstein. -----Original Message----- From: owner-nanog@merit.edu on behalf of Valdis.Kletnieks@vt.edu Sent: Thu 8/16/2007 4:25 PM To: Tuc at T-B-O-H Cc: nanog@nanog.org Subject: Re: Do I or RR need dns clue? On Thu, 16 Aug 2007 10:40:49 EDT, Tuc at T-B-O-H said:
Mail to RR users is getting refused due to PTR issues. I contacted RR and explained that yea, one of our 2 DNS servers for the IN-ADDR.ARPA is down, but the other is fine. They said that I should either get the DNS server back up (Which of course is already being worked on, was the minute it went down) or delete it from ARIN IN-ADDR.ARPA records.
Isn't the whole point of multiple DNS servers that if one is down the other can still answer queries? Or am I missing something here???
Depends exactly what your "down" server is doing. If it's totally not answering, the resolver at RR should silently fall back and try the other one. It gets more interesting if your "down" server is still answering queries, particlylarly if it's giving out "I never heard of it" answers with the authoritative bit set because it's blown out a zone. In that case, the RR resolver is within its rights to assume that your NS knows what it's talking about and believing it. This e-mail and any attachments thereto is intended only for use by the addressee(s) named herein and may be proprietary and/or legally privileged. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this email, and any attachments thereto, without the prior written permission of the sender is strictly prohibited. If you receive this e-mail in error, please immediately telephone or e-mail the sender and permanently delete the original copy and any copy of this e-mail, and any printout thereof. All documents, contracts or agreements referred or attached to this e-mail are SUBJECT TO CONTRACT. The contents of an attachment to this e-mail may contain software viruses that could damage your own computer system. While Hibernia Atlantic has taken every reasonable precaution to minimize this risk, we cannot accept liability for any damage that you sustain as a result of software viruses. You should carry out your own virus checks before opening any attachment
On 8/16/07, Rod Beck <Rod.Beck@hiberniaatlantic.com> wrote:
How much is power as a percent of data centre operating expense? What sort of a range do you see?
We are building a high capacity cable to Iceland, which has already become a major aluminum smelting centre due to its cheap geothermal and hydro power, and we've already received inquiries for connectivity to Iceland for data centre opportunities.
I assume that expense and ability to scale the power network are the key concerns of the IT community. And for governments, carbon emissions should matter.
[snip 58 (!) lines of sig, quoted unrelated thread, and legalese] Nobody likes a netiquette pedant. Nevertheless: 1) please don't top post (consider your forum, at least) 2) please trim your sig (and original quoted message(s)) 3) please don't hijack threads - it is confusing and difficult to follow 4) please avoid 10+ lines of totally inane unenforceable legalese appended to the end of every reply (bonus irony points for having 6:1 ratio of sigs+legalese+quotes:new content). thanks, from all of us who read mail on small screens (occasionally over slow wireless connections). -- darkuncle@{gmail.com,darkuncle.net} || 0x5537F527 encrypted email to the latter address please http://darkuncle.net/pubkey.asc for public key
How much is power as a percent of data centre operating expense? What sort of a range do you see?
A serial entrepreneur friend just closed his colo business. He labeled it "reselling electricity, at a loss.." If you have sea water available for cooling, that will further cut your power usage. -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
On Thu, 16 Aug 2007 10:40:49 EDT, Tuc at T-B-O-H said:
Mail to RR users is getting refused due to PTR issues. I contacted RR and explained that yea, one of our 2 DNS servers for the IN-ADDR.ARPA is down, but the other is fine. They said that I should either get the DNS server back up (Which of course is already being worked on, was the minute it went down) or delete it from ARIN IN-ADDR.ARPA records.
Isn't the whole point of multiple DNS servers that if one is down the other can still answer queries? Or am I missing something here???
Depends exactly what your "down" server is doing. If it's totally not answering, the resolver at RR should silently fall back and try the other one.
It gets more interesting if your "down" server is still answering queries, particlylarly if it's giving out "I never heard of it" answers with the authoritative bit set because it's blown out a zone. In that case, the RR resolver is within its rights to assume that your NS knows what it's talking about and believing it.
Hi, Down is there isn't power to it until it gets repaired. So its not answering period. A "nslookup" shows "timed-out". A "dig" shows "connection timed out; no servers could be reached" (When querying ONLY against the down server). So how do I go back to RR, who told me to take it out of my NS records, that DNS is supposed to be silently falling back and trying again? Thanks, Tuc/TBOH
Tuc at T-B-O-H.NET wrote:
Down is there isn't power to it until it gets repaired. So its not answering period. A "nslookup" shows "timed-out". A "dig" shows "connection timed out; no servers could be reached" (When querying ONLY against the down server).
So how do I go back to RR, who told me to take it out of my NS records, that DNS is supposed to be silently falling back and trying again?
The fact that they're rejecting on a 5xx error based on no DNS PTR is a bit harsh. While I'm all for requiring all hosts to have valid PTR records, there are times when transient or problem servers can cause a DNS lookup failure or miss, etc. If anything they should be returning a 4xx to have the remote host"try again later". -- Robert Blayzor INOC rblayzor@inoc.net http://www.inoc.net/~rblayzor/ Earth is 98% full...please delete anyone you can.
Tuc at T-B-O-H.NET wrote:
Down is there isn't power to it until it gets repaired. So its not answering period. A "nslookup" shows "timed-out". A "dig" shows "connection timed out; no servers could be reached" (When querying ONLY against the down server).
So how do I go back to RR, who told me to take it out of my NS records, that DNS is supposed to be silently falling back and trying again?
The fact that they're rejecting on a 5xx error based on no DNS PTR is a bit harsh. While I'm all for requiring all hosts to have valid PTR records, there are times when transient or problem servers can cause a DNS lookup failure or miss, etc. If anything they should be returning a 4xx to have the remote host"try again later".
Robert, Sorry, they aren't giving a hard fail. Its a soft fail, so we'll retry. But after 5 days of retrying, my servers will give up. (And, in the mean time, the mail isn't getting through, so my users are without mail {We store/forward for them} I don't know if the down (hard) server will be back that soon (Its been 2 days as is). But the whole POINT of DNS is I have a 2nd one listed, and they don't seem to care. They are telling me that they want my "primary" one back up and running. Tuc/TBOH
In article <200708170226.l7H2QZSw019129@himinbjorg.tucs-beachin-obx-house.com> you write:
Tuc at T-B-O-H.NET wrote:
Down is there isn't power to it until it gets repaired. So its not answering period. A "nslookup" shows "timed-out". A "dig" shows "connection timed out; no servers could be reached" (When querying ONLY against the down server).
So how do I go back to RR, who told me to take it out of my NS records, that DNS is supposed to be silently falling back and trying again?
The fact that they're rejecting on a 5xx error based on no DNS PTR is a bit harsh. While I'm all for requiring all hosts to have valid PTR records, there are times when transient or problem servers can cause a DNS lookup failure or miss, etc. If anything they should be returning a 4xx to have the remote host"try again later".
Robert,
Sorry, they aren't giving a hard fail. Its a soft fail, so we'll retry. But after 5 days of retrying, my servers will give up. (And, in the mean time, the mail isn't getting through, so my users are without mail {We store/forward for them} I don't know if the down (hard) server will be back that soon (Its been 2 days as is). But the whole POINT of DNS is I have a 2nd one listed, and they don't seem to care. They are telling me that they want my "primary" one back up and running.
Tuc/TBOH
I know this is strange for nanog but if you actually stated the IP addresses of the mail servers we could look to see if there is a problem other than what you think the problem is. You havn't stated it here or on bind-users Mark
In article <200708170226.l7H2QZSw019129@himinbjorg.tucs-beachin-obx-house.com> you write:
Tuc at T-B-O-H.NET wrote:
Down is there isn't power to it until it gets repaired. So its not answering period. A "nslookup" shows "timed-out". A "dig" shows "connection timed out; no servers could be reached" (When querying ONLY against the down server).
So how do I go back to RR, who told me to take it out of my NS records, that DNS is supposed to be silently falling back and trying again?
The fact that they're rejecting on a 5xx error based on no DNS PTR is a bit harsh. While I'm all for requiring all hosts to have valid PTR records, there are times when transient or problem servers can cause a DNS lookup failure or miss, etc. If anything they should be returning a 4xx to have the remote host"try again later".
Robert,
Sorry, they aren't giving a hard fail. Its a soft fail, so we'll retry. But after 5 days of retrying, my servers will give up. (And, in the mean time, the mail isn't getting through, so my users are without mail {We store/forward for them} I don't know if the down (hard) server will be back that soon (Its been 2 days as is). But the whole POINT of DNS is I have a 2nd one listed, and they don't seem to care. They are telling me that they want my "primary" one back up and running.
Tuc/TBOH
I know this is strange for nanog but if you actually stated the IP addresses of the mail servers we could look to see if there is a problem other than what you think the problem is.
You havn't stated it here or on bind-users
Mark
Hi, Just a note to let everyone know its all working again. I was escalated to someone else in RR and intelligent things came out of their mouth and its not an issue anymore. The initial responder at RR needs a clue, and the bind-users said I was doing something "moderately bad" at the same time. I'm working out a tactic to resolve my bent-clue issue. I hope to have that fixed in a week or so. RR is now accepting my mail despite my "bent clue" and one DNS server being down. Tuc/TBOH
On Thu, Aug 16, 2007 at 10:26:35PM -0400, Tuc at T-B-O-H.NET wrote:
Tuc at T-B-O-H.NET wrote:
Down is there isn't power to it until it gets repaired. So its not answering period. A "nslookup" shows "timed-out". A "dig" shows "connection timed out; no servers could be reached" (When querying ONLY against the down server).
So how do I go back to RR, who told me to take it out of my NS records, that DNS is supposed to be silently falling back and trying again?
The fact that they're rejecting on a 5xx error based on no DNS PTR is a bit harsh. While I'm all for requiring all hosts to have valid PTR records, there are times when transient or problem servers can cause a DNS lookup failure or miss, etc. If anything they should be returning a 4xx to have the remote host"try again later".
Sorry, they aren't giving a hard fail. Its a soft fail, so we'll retry. But after 5 days of retrying, my servers will give up. (And, in the mean time, the mail isn't getting through, so my users are without mail {We store/forward for them} I don't know if the down (hard) server will be back that soon (Its been 2 days as is). But the whole POINT of DNS is I have a 2nd one listed, and they don't seem to care. They are telling me that they want my "primary" one back up and running.
Tell them that your primary is up and running and it's only the secondary that's down, and see what they say. If they disagree, ask how they know that the server that's down is the primary... - Matt
participants (9)
-
David Lesher -
Mark Andrews -
Matthew Palmer -
Robert Blayzor -
Rod Beck -
Scott Francis -
Tuc at T-B-O-H -
Tuc at T-B-O-H.NET
-
Valdis.Kletnieks@vt.edu