[isalist] Re: Maybe OT: DNS Resolution oddities
- From: Jim Harrison <jim@xxxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Mon, 16 Aug 2010 11:56:22 -0700
Can you get a netcap of this event?
I do agree that it seems odd that some DNS servers resolve this properly,
while others do not.
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Joe Pochedley
Sent: Monday, August 16, 2010 10:36
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Maybe OT: DNS Resolution oddities
I'm not sure this is a TMG problem. But I haven't totally ruled out TMG.
I'm investigating why we're unable to deliver email to the domain
ceramic-substrates.co.uk . The issue started last week and is still
happening today. The issue appears to be a DNS problem (internal DNS
Server: Server 2003 SP2, no forwarders). When I try to nslookup the
ceramic-substrates.co.uk domain, I get:
> ceramic-substrates.co.uk
Server: [10.1.1.78]
Address: 10.1.1.78
DNS request timed out.
timeout was 2 seconds.
*** Request to [10.1.1.78] timed-out
However, resolution is working fine for other domains..
> google.com
Server: [10.1.1.78]
Address: 10.1.1.78
Non-authoritative answer:
google.com MX preference = 100, mail exchanger =
google.com.s9a1.psmtp.com
google.com.s9a1.psmtp.com internet address = 74.125.148.10
I thought maybe something weird with the co.uk root servers, but no, other
.co.uk domains appear to resolve correctly:
> bbc.co.uk
Server: [10.1.1.78]
Address: 10.1.1.78
Non-authoritative answer:
bbc.co.uk MX preference = 10, mail exchanger =
cluster1.eu.messagelabs.com
bbc.co.uk MX preference = 20, mail exchanger =
cluster1a.eu.messagelabs.com
cluster1a.eu.messagelabs.com internet address = 85.158.141.190
cluster1a.eu.messagelabs.com internet address = 85.158.136.170
cluster1a.eu.messagelabs.com internet address = 85.158.137.231
So then I switched to Google's name servers to make sure that it wasn't the
remote DNS that's the problem.
> server 8.8.8.8
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8
> ceramic-substrates.co.uk
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
ceramic-substrates.co.uk MX preference = 10, mail exchanger =
mail2.ukisp.com
I even tried some of the online DNS lookup tools, and they were able to
resolve the domain name (A and MX records) with no problems. So I'm at a
bit of a loss. DNS resolution seems to work OK for other domains, but not
ceramic-substrates.co.uk. The connection to the DNS server responsible for
the ceramic-substrates.co.uk domain initiates, and then a few moments later
is reported as "gracefully closed in an orderly shutdown process with a
three-way FIN-initiated handshake".
I have not tried disabling the DNS app filter yet as I figured that I should
see something in the log if the DNS app filter was tripping up the
connection? Anyone else have an issue with their DNS servers not being able
to resolve the ceramic-substrates.co.uk domain's MX records? (Note, I also
get a timeout if I try to resolve the A record for
www.ceramic-substrates.co.uk . So it's not limited to MX record lookups..)
Other related posts:
