YIKES - any idea wtf going on???

Discussion in 'ISPConfig 3 Priority Support' started by craig baker, Jul 10, 2013.

  1. craig baker

    craig baker HowtoForge Supporter

    I have my wonderful server Centos 6.4 perfect setup etc etc that I've been writing about and just got whackered by a real weirdie
    any help will be most appreciated.

    I have entered quite a few servers and I am running DNS on the server.
    I'm attached to Verizon fios and have been somewhat happy.
    I've got a static ip 74.96.241.34 the server is attached to.

    BUT get this

    when I ping www.kangaroocarcare.com I may get 74.96.241.34 OR
    I can ping and get 74.96.241.4!!!
    .4 of course has nothing to do with me and when that is the response the site is 100% down.

    But I've inspected the file generated by ISPCONFIG and it looks kosher!

    --snip==
    $TTL 3600
    @ IN SOA ns9.cdbsystems.com. cdb.craigscomputers.net. (
    2013070701 ; serial, todays date + todays serial #
    7200 ; refresh, seconds
    540 ; retry, seconds
    604800 ; expire, seconds
    86400 ) ; minimum, seconds
    ;

    kangaroocarcare.com. 3600 A 74.96.241.34
    kangaroocarcare.com. 3600 MX 10 mail.kangaroocarcare.com.
    kangaroocarcare.com. 3600 NS ns4.cdbsystems.com.
    kangaroocarcare.com. 3600 NS ns9.cdbsystems.com.
    mail 3600 A 74.96.241.34
    www 3600 A 74.96.241.34

    --snip--

    where on EARTH is 74.96.241.4 coming from???

    from a recent ping session:
    --snip--

    C:\Users\Owner>ping www.kangaroocarcare.com

    Pinging www.kangaroocarcare.com [74.96.241.4] with 32 bytes of data:
    Control-C
    ^C
    C:\Users\Owner>ping www.kangaroocarcare.com

    Pinging www.kangaroocarcare.com [74.96.241.4] with 32 bytes of data:
    Request timed out.
    Request timed out.
    Request timed out.
    Request timed out.

    Ping statistics for 74.96.241.4:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

    C:\Users\Owner>ping www.kangaroocarcare.com

    Pinging www.kangaroocarcare.com [74.96.241.4] with 32 bytes of data:
    Request timed out.

    Ping statistics for 74.96.241.4:
    Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
    Control-C
    ^C
    C:\Users\Owner>ping www.kangaroocarcare.com

    Pinging www.kangaroocarcare.com [74.96.241.34] with 32 bytes of data:
    Reply from 74.96.241.34: bytes=32 time=10ms TTL=249
    Reply from 74.96.241.34: bytes=32 time=9ms TTL=249
    Reply from 74.96.241.34: bytes=32 time=8ms TTL=249

    Ping statistics for 74.96.241.34:
    Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 8ms, Maximum = 10ms, Average = 9ms
    --snip--


    see? suddenly it switches back to .34 and I can see the site!

    HELP!
    many thanks in advance.
     
  2. till

    till Super Moderator

    Most likely the primary and secondary dns servers of the domain have different records for the domain, this kind of split brain situation can happen when the secondary does not receive a update of the dns records. You can check that e.g. at intodns:

    http://www.intodns.com
     
  3. craig baker

    craig baker HowtoForge Supporter

    Yikes!

    I was happy once I convinced myself it was not MY BIND that was in error it has to be a poisoned dns cache somewhere and it will work itself out.
    but I do NOT understand how it got the first 3 octets right and the last one wrong! thats a really unpleasant surprise!

    thanks till
     

Share This Page