[dns-operations] most of root NS and com's NS fail from here

Ken Peng kpeng at terra.com
Tue Apr 29 09:29:51 UTC 2014


于 2014-4-29 12:21, David Conrad 写道:
> Ken,
>
> On Apr 28, 2014, at 7:43 PM, Ken Peng <kpeng at terra.com> wrote:
>> Recent days I found most of the root nameservers, and com/net's
>> nameservers can't work from here. When accessing to them I always got
>> timeout.
>
> If you're querying from inside China, probably the first thing you should check is to see if the root server IP addresses you're querying match the following list (a-m):
>
> a.root-servers.net. - 198.41.0.4
> b.root-servers.net. - 192.228.79.201
> c.root-servers.net. - 192.33.4.12
> d.root-servers.net. - 199.7.91.13
> e.root-servers.net. - 192.203.230.10
> f.root-servers.net. - 192.5.5.241
> g.root-servers.net. - 192.112.36.4
> h.root-servers.net. - 128.63.2.53
> i.root-servers.net. - 192.36.148.17
> j.root-servers.net. - 192.58.128.30
> k.root-servers.net. - 193.0.14.129
> l.root-servers.net. - 199.7.83.42
> m.root-servers.net. - 202.12.27.33
>

I checked them, all seem correct.


a.root-servers.net.     579835  IN      A       198.41.0.4

b.root-servers.net.     579834  IN      A       192.228.79.201

c.root-servers.net.     579843  IN      A       192.33.4.12

d.root-servers.net.     579837  IN      A       199.7.91.13

e.root-servers.net.     172815  IN      A       192.203.230.10

f.root-servers.net.     579597  IN      A       192.5.5.241

g.root-servers.net.     579591  IN      A       192.112.36.4

h.root-servers.net.     579578  IN      A       128.63.2.53

i.root-servers.net.     579587  IN      A       192.36.148.17

j.root-servers.net.     579591  IN      A       192.58.128.30

k.root-servers.net.     579599  IN      A       193.0.14.129

l.root-servers.net.     172762  IN      A       199.7.83.42

m.root-servers.net.     579603  IN      A       202.12.27.33



> and
>
> a.root-servers.net. - 2001:503:ba3e::2:30
> b.root-servers.net. -
> c.root-servers.net. - 2001:500:2::c
> d.root-servers.net. - 2001:500:2d::d
> e.root-servers.net. -
> f.root-servers.net. - 2001:500:2f::f
> g.root-servers.net. -
> h.root-servers.net. - 2001:500:1::803f:235
> i.root-servers.net. - 2001:7fe::53
> j.root-servers.net. - 2001:503:c27::2:30
> k.root-servers.net. - 2001:7fd::1
> l.root-servers.net. - 2001:500:3::42
> m.root-servers.net. - 2001:dc3::35
>
> You then might want to do a traceroute to those IP addresses and see if it looks like they're going towards the right places (a little complicated given anycast routing, but if they all stay within China, you might be a bit suspicious).  You then might want to try pinging those IP addresses to see the loss/latency stats.
>

This is the traceroute info for one of the failed nameservers.

$ traceroute h.root-servers.net
traceroute to h.root-servers.net (128.63.2.53), 30 hops max, 60 byte packets
  1  113.108.228.129 (113.108.228.129)  0.404 ms  0.886 ms  1.064 ms
  2  121.14.46.93 (121.14.46.93)  0.475 ms  0.941 ms  1.227 ms
  3  121.14.37.33 (121.14.37.33)  6.604 ms  6.958 ms  7.168 ms
  4  121.14.37.6 (121.14.37.6)  0.369 ms  0.377 ms  0.393 ms
  5  121.14.50.13 (121.14.50.13)  1.569 ms  1.615 ms  1.694 ms
  6  113.108.208.97 (113.108.208.97)  4.362 ms  3.704 ms  3.624 ms
  7   (202.97.34.202)  2.973 ms  2.976 ms  2.972 ms
  8  202.97.61.234 (202.97.61.234)  1.429 ms  1.421 ms  1.297 ms
  9  202.97.52.154 (202.97.52.154)  161.854 ms  161.380 ms  161.363 ms
10  202.97.49.158 (202.97.49.158)  157.784 ms  157.338 ms  157.326 ms
11  218.30.54.198 (218.30.54.198)  255.352 ms  255.432 ms  255.425 ms
12  los-edge-05.inet.qwest.net (67.14.22.130)  251.492 ms 
los-edge-05.inet.qwest.net (67.14.22.106)  256.656 ms 
los-edge-05.inet.qwest.net (67.14.22.130)  251.350 ms
13  65-126-18-214.dia.static.qwest.net (65.126.18.214)  360.808 ms 
360.171 ms  360.426 ms
14  143.56.244.2 (143.56.244.2)  258.023 ms  254.128 ms  254.172 ms
15  ap-1-1-1-nd.level3-lax.core.dren.net (140.6.244.1)  249.144 ms 
248.882 ms  249.567 ms
16  np-5-1-1-nd.sandiego.core.dren.net (140.6.0.1)  359.050 ms  358.964 
ms  359.087 ms
17  138.18.190.89 (138.18.190.89)  349.903 ms  349.947 ms  349.974 ms
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *


The ping info:

$ ping -c 3 h.root-servers.net
PING h.root-servers.net (128.63.2.53) 56(84) bytes of data.
64 bytes from 128.63.2.53: icmp_seq=1 ttl=45 time=355 ms
64 bytes from 128.63.2.53: icmp_seq=2 ttl=45 time=356 ms
64 bytes from 128.63.2.53: icmp_seq=3 ttl=45 time=257 ms

--- h.root-servers.net ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 21549ms
rtt min/avg/max/mdev = 257.609/323.121/356.333/46.325 ms


Thanks!




>> I am from China, ISP telecom.
>> Can you tell what happens?
>
> Probably not definitively without more information...
>
> Regards,
> -drc
>




More information about the dns-operations mailing list