1

Today, we suddenly started having intermittent problems checking our email, then getting to our web site. After some checking, we discovered it was a DNS problem. We were suddenly not able to resolve domain names externally - everything is fine on the local network.

A dig +trace identified our nameservers, "ns3.ourdomin.net" and "ns4.ourdomain.net" but then:

couldn't get address for 'ns3.ourdomin.net': not found couldn't get address for 'ns4.ourdomain.net': not found dig: couldn't get address for 'ns3.ourdomain.net': no more

We checked on NsLookup.io, and Cloudfare DNS, Google DNS and OpenDNS all returned "No records found."

But, once in a while, it would connect. Occasionally, an nslookup would return an IP address. Sporadically, an email would come through, or go out.

I'm questioning, where "dig" gets the IP address of our nameserver? And if it cannot get the IP address of our nameserver, is that a problem I can fix on my end? Or is that a propagation issue with our registrar?

We host our own DNS (currently on Windows Server 2016) - have not an issue like this in approximately 20 years.

Appreciate any suggestions.

Robert Franco
  • 11
  • 1
  • What is your domain name? – Michael Hampton Feb 06 '21 at 00:36
  • We have several... www.sourceoftitle.com is one of them. – Robert Franco Feb 06 '21 at 00:39
  • Neither of your nameservers is reachable. Someone appears to have disregarded best practices and put them on the same network, which is apparently not currently connected to the rest of the Internet. – Michael Hampton Feb 06 '21 at 00:44
  • They are connected to the Internet. They are responding to dns requests, I assume for users that have the ip address cached. But, the ip address of the nameservers are not being resolved. I can access them locally, and I can reach the Internet from the dns server. But... Yes... They are on the same network. – Robert Franco Feb 06 '21 at 01:00
  • 4
    Well that's interesting. After doing some digging I came up with 65.117.195.90 and 65.117.195.91. But when I sent DNS requests to these addresses, I did not get a response from either one. Are you sure they're online? Is a firewall blocking the responses? – Michael Hampton Feb 06 '21 at 01:16
  • Those IP addresses are correct. They are online. They are working properly locally. They do intermittently resolve outside requests. When I make requests with dnslookup, I can watch the traffic monitor on the router and my IP address doesn't show up. The requests are not getting to the network. When I run a "dig +trace" it seems that the IP addresses for the nameservers cannot be found (most of the time), so the dns request are not getting to the dns server. Where does the IP address for the nameservers come from? I assume a Top Level Domain? I haven't made any changes on my end. – Robert Franco Feb 06 '21 at 01:27
  • to clarify: `dig @e.gtld-servers.NET. VERSATITLE.NET. -t ns` -> `ns3.VERSATITLE.NET. 172800 IN A 65.117.195.90` etc. But querying ns3.versatitle.net or ns4 doesn't work. As these are serving sourceoftitle.com , sourceoftitle.com doesn't work. As already told, having the second nameserver in a different network (and originally implied: location) avoids the total failure. – A.B Feb 06 '21 at 07:56
  • I set up a DNS server on AWS (Route 53) and it did resolve the issue. I'm still perplexed, because there were no changes made to anything on our end and the DNS server was working fine internally. It is still responding to public reverse DNS requests. So, it is something very odd. But, having the second off-site DNS server is, as pointed out, a best practice and it resolved our issue, whatever it was. Thank you for the responses. – Robert Franco Feb 07 '21 at 14:01

0 Answers0