[fjk].gtld-servers.net bogus for .com
[fjk].gtld-servers.net (which are listed as authoritative for .com) are giving bogus authoritative nxdomain results for all the .com domains I tried. eg. ; <<>> DiG 2.2 <<>> internic.com @f.gtld-servers.net ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10 ;; flags: qr aa rd; Ques: 1, Ans: 0, Auth: 1, Addit: 0 ;; QUESTIONS: ;; internic.com, type = A, class = IN ;; AUTHORITY RECORDS: COM. 86400 SOA A.ROOT-SERVERS.NET. hostmaster.INTERNIC.NET. ( 1998111000 ; serial 1800 ; refresh (30 mins) 900 ; retry (15 mins) 604800 ; expire (7 days) 86400 ) ; minimum (1 day) ;; Total query time: 67 msec ;; FROM: valis.worldgate.com to SERVER: f.gtld-servers.net 207.159.77.18 ;; WHEN: Wed Nov 11 11:17:16 1998 ;; MSG SIZE sent: 30 rcvd: 107 f.root-servers.net is giving non-authoritative "sorry, I don't do that, here are the nameservers for .com" responses. I have sent mail to the InterNIC, but just in case you were wondering why you are seeing what you may be seeing. Symptoms of this problem are being told by your resolver that various domains do not exist once in a while.
Actually it's more than just the [fjk] gtld servers that are broken. The [fjkl].root-servers.net are broken also. This looks like a map somewhere at the Nic got hosed and then transferred to the root servers. Mel On Wed, 11 Nov 1998, Marc Slemko wrote:
[fjk].gtld-servers.net (which are listed as authoritative for .com) are giving bogus authoritative nxdomain results for all the .com domains I tried. eg. [stuff cut]
Melody Lynn Yoon melodyy+KF6RMW@best.com | Graduate - '97 MSF Consultant - Collective Technologies | NRA Member - I do not accept commercial, unsolicited email | kf6rmw@w6yx.#nca.ca.usa.noam - http://www.best.com/~melodyy/spam.policy.html | KF6RMW - Amateur Radio
Okay, here's a temporary solution. Since it looks like it's just .COM that's b0rken, you can make your own nameservers authoritative for .COM until this blows over. Note that this solution is NOT approved by Network Solutions; I didn't ask them first, I'm just trying to keep the Internet working for everybody. If you don't have a recent copy of the .COM zone file lying around for just this type of contingency, you can grab the one I downloaded this morning at: http://www.cybernothing.org/comzone/ The original md5 and pgp signatures are there, too, in case you want to check it. Warning: this is a gigantic zone file, so you're gonna need a machine with a hell of a lot of RAM. If anybody has such a server and enough bandwidth to share it, let us all know! -- J.D. Falk <jdfalk@cp.net> "A name indicates what we seek. Special Agent In Charge (Abuse Issues) An address indicates where it is. Critical Path, Inc. A route indicates how we get there." -- Jon Postel (1943-1998)
Yes.. I'm hearing tons of complaints about this.. and its still broken at this time, [f jkl] root-servers.net are not correctly responding correctly and causing a lot of problems on the Internet as a whole. Many people have sent mail to NetSol about the issue.. but no statments have come from them (that I have seen).. Anyone have any information? -Steve On Wed, Nov 11, 1998 at 10:20:18AM -0800, Marc Slemko wrote:
[fjk].gtld-servers.net (which are listed as authoritative for .com) are giving bogus authoritative nxdomain results for all the .com domains I tried. eg.
; <<>> DiG 2.2 <<>> internic.com @f.gtld-servers.net ; (1 server found) ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10 ;; flags: qr aa rd; Ques: 1, Ans: 0, Auth: 1, Addit: 0 ;; QUESTIONS: ;; internic.com, type = A, class = IN
;; AUTHORITY RECORDS: COM. 86400 SOA A.ROOT-SERVERS.NET. hostmaster.INTERNIC.NET. ( 1998111000 ; serial 1800 ; refresh (30 mins) 900 ; retry (15 mins) 604800 ; expire (7 days) 86400 ) ; minimum (1 day)
;; Total query time: 67 msec ;; FROM: valis.worldgate.com to SERVER: f.gtld-servers.net 207.159.77.18 ;; WHEN: Wed Nov 11 11:17:16 1998 ;; MSG SIZE sent: 30 rcvd: 107
f.root-servers.net is giving non-authoritative "sorry, I don't do that, here are the nameservers for .com" responses.
I have sent mail to the InterNIC, but just in case you were wondering why you are seeing what you may be seeing. Symptoms of this problem are being told by your resolver that various domains do not exist once in a while.
-- Steven O. Noble -- Sr. Backbone Engineer, Exodus Communications (EXDS) -- Work:408.346.2333 -- All my love to the Canadian Mooing Frog.
On Wed, 11 Nov 1998 steve@altrina.exodus.net wrote:
Yes.. I'm hearing tons of complaints about this.. and its still broken at this time, [f jkl] root-servers.net are not correctly responding correctly and causing a lot of problems on the Internet as a whole.
Many people have sent mail to NetSol about the issue.. but no statments have come from them (that I have seen).. Anyone have any information?
I spoke with our support rep at NSI about an hour ago, and was told that he heard someone being yelled at over this(literally,) and it was his understanding that it will be fixed with the next daily update... /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell (800) 299-1288 v CTO (925) 377-1212 v NameSecure (925) 377-1414 f Coming to the ISPF-II? The Forum for ISPs by ISPs http://www.ispf.com \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
Fixed on the next daily update? So when the AOL problem happened, a special update was done, but when several hundred (anyone know how many really) entries are trashed, we all must wait until the next daily update? On Wed, 11 Nov 1998, Patrick Greenwell wrote:
On Wed, 11 Nov 1998 steve@altrina.exodus.net wrote:
Yes.. I'm hearing tons of complaints about this.. and its still broken at this time, [f jkl] root-servers.net are not correctly responding correctly and causing a lot of problems on the Internet as a whole.
Many people have sent mail to NetSol about the issue.. but no statments have come from them (that I have seen).. Anyone have any information?
I spoke with our support rep at NSI about an hour ago, and was told that he heard someone being yelled at over this(literally,) and it was his understanding that it will be fixed with the next daily update...
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell (800) 299-1288 v CTO (925) 377-1212 v NameSecure (925) 377-1414 f Coming to the ISPF-II? The Forum for ISPs by ISPs http://www.ispf.com \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
======================================================================= Michael Lucking Michael@Lucking.COM
On Wed, Nov 11, 1998 at 03:36:53PM -0600, Michael P. Lucking wrote:
On Wed, 11 Nov 1998 steve@altrina.exodus.net wrote:
Yes.. I'm hearing tons of complaints about this.. and its still broken at this time, [f jkl] root-servers.net are not correctly responding correctly and causing a lot of problems on the Internet as a whole.
Many people have sent mail to NetSol about the issue.. but no statments have come from them (that I have seen).. Anyone have any information?
I spoke with our support rep at NSI about an hour ago, and was told that
Exodus has a support representative? Must be nice... :) I'm on the phone with NetSol now. According to my clock it's 7:06 PM EST, so the nameserver updates should be happening now. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
On Wed, 11 Nov 1998, Steven J. Sobol wrote:
Many people have sent mail to NetSol about the issue.. but no statments have come from them (that I have seen).. Anyone have any information?
I spoke with our support rep at NSI about an hour ago, and was told that
Exodus has a support representative? Must be nice... :)
That quote was from me. And yes, we have a support representitive. And yes, it is nice. /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell (800) 299-1288 v CTO (925) 377-1212 v NameSecure (925) 377-1414 f Coming to the ISPF-II? The Forum for ISPs by ISPs http://www.ispf.com \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
Exodus has a support representative? Must be nice... :)
It has been pointed out that Patrick G. said this, not Steve N. from Exodus. My fault... I misread who said what...
I'm on the phone with NetSol now. According to my clock it's 7:06 PM EST, so the nameserver updates should be happening now.
Actually, upon reading Vix's message, I hung up with NetSol, figuring the problem was probably already close to being fixed. At that point I didn't feel like being on hold for another half-hour. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
Just a few clarifications... nothing new, just some explainations of various things. On Wed, 11 Nov 1998, Dean Robb wrote:
At 15:36 11/11/98 -0600, you wrote:
Fixed on the next daily update? So when the AOL problem happened, a special update was done, but when several hundred (anyone know how many really) entries are trashed, we all must wait until the next daily update?
Another Public Relations/Customer Service triumph for NSI/InterNIC. </sarcasm>
I suspect more than just the fjk servers are hosed...last night around midnight I was surfing and had over ten sites disappear between one load and the next. The domain names ran the gamut from "f" to "u". Given the time frames, they likely disappeared as the update propagated. Now, either a whole lot of sites simultaneously had server crashes or....
[fjk] do _not_ serve domain names starting with [fjk]. All servers serve all names. Without knowing more, what you experienced could have had any number of causes. I don't know when people first were aware of this, and I would hope some were aware before I complained ~1000PST and NSI should have been aware right away when it happened, since if they don't have automated checking of each server that has a very high notification priority they are even worse than stupid, so I'm somewhat doubtful it started at midnight. But it is possible. NSI does make it hard for anyone who may notice it to contact them. I can't understand, however, why it took over two hours to bring down all the badly broken servers. Some were corrected within 15 minutes or half an hour after I complained (and who knows how long after the appropriate people were first notified). One wasn't. On Wed, 11 Nov 1998, Michael P. Lucking wrote:
Fixed on the next daily update? So when the AOL problem happened, a special update was done, but when several hundred (anyone know how many really) entries are trashed, we all must wait until the next daily update?
Don't take that too literally. It isn't entries that were trashed AFAIK, but servers. A number (or all) servers appear to have had trouble updating their zone file. So far so good. Simply not being updated won't kill anything. Some lost the zone (on purpose or due to a bug, I don't know) and were acting mostly like a lame delgation. No huge problem. Some lost all (or a very large %) of .com yet were still thinking they were authoritative and returning various false negatives. I know of three that were like that, and have had reports of more. Anyone asking one of those servers would be incorrectly told the domain doesn't exist. This is a VERY bad failure mode. What is the impact? Well, if 3/12 were doing this then ~1/4 of the queries (probably not that evenly distributed, but in that ballpark) would have got false negatives. Now, that is only 1/4 of all queries to the root servers. Domains with a large TTL that were in caches wouldn't be as impacted. Domains with a small TTL (eg. 5 minutes) would be very impacted because they would expire from caches so quicky. A lot of email is particularily badly impacted, because not only does the domain it is being sent to have to resolve, but on many systems the sender's domain has to resolve. Any resolver implementations that do not put a short upper bound on negative caching TTLs would be _VERY_ hard hit by this and could still be having problems unless they were restarted. I have heard that one of MS's products is like this, but that is just a vague rumor. Getting back to your question, "the update being completed" refers to servers being able to transfer the proper zone files and put them in place.
At 17:53 11/11/98 -0800, you wrote:
[fjk] do _not_ serve domain names starting with [fjk]. All servers serve all names. Without knowing more, what you experienced could have had any number of causes.
Ah, thanks for the lesson. This is why I like NANOG even though I'm not a network guru. I learn more about how the 'Net works all the time from here.
I don't know when people first were aware of this, and I would hope some were aware before I complained ~1000PST and NSI should have been aware right away when it happened, since if they don't have automated checking of each server that has a very high notification priority they are even worse than stupid, so I'm somewhat doubtful it started at midnight. But it is possible. NSI does make it hard for anyone who may notice it to contact them.
That would have been around the right time...I had a few domains that were dead when I tried them around 11pm EST and a ton of them that died after midnight Eastern.
false negatives. I know of three that were like that, and have had reports of more. Anyone asking one of those servers would be incorrectly told the domain doesn't exist.
That's exactly what I was seeing. One moment they were there, then when next I tried to get a page, it was gone..."Cannot connect to server". Thanks again for the instruction, O Wise One! Spammers should be investigated by Ken Starr! Dean Robb PC-EASY computer services (757) 495-EASY [3279]
I think they would actually do a emergency update for this. A day is along time to have 3 IMPORTANT nameservers broken :^> On Wed, 11 Nov 1998, Patrick Greenwell wrote:
I spoke with our support rep at NSI about an hour ago, and was told that he heard someone being yelled at over this(literally,) and it was his understanding that it will be fixed with the next daily update...
_ __ _____ __ _________ ______________ /_______ ___ ____ /______ John Gonzalez/Net.Engineer __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [---------------------------------------------[system info]-----------] 4:00pm up 31 days, 19:29, 4 users, load average: 0.10, 0.26, 0.23
participants (9)
-
Dean Robb
-
J.D. Falk
-
John Gonzalez/netMDC admin
-
Marc Slemko
-
Melody Yoon - KF6RMW
-
Michael P. Lucking
-
Patrick Greenwell
-
steveļ¼ altrina.exodus.net
-
Steven J. Sobol