DNS Issues???

[Diesel_Fuel]

Ok, I'm having a small problem with my site. I resolved my last issue about accessing the site internally via the domain by setting up an internal DNS server. That is all working fine. However, I have a friend who cannot access the site at all. Some others that have "tracerouted" my site all seem to end up with the same problem of DNS timing out. However, I find it odd that some can access it and some cannot access the site at all, though it appears all of them are having DNS issues.

Here is my request from Gentoo, notice it uses the internal DNS server:

[moocha]

This is not a DNS issue, it looks to be a routing and/or cabling issue. Clearly the problem is located either on the 24.25.0.197 router, at your end, or in the link in-between. I advise you contact RR technical support.
_________________
Military Commissions Act of 2006: http://tinyurl.com/jrcto

"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."
-- attributed to Benjamin Franklin

[svancouw]

I find it interesting that when you run a traceroute on your own system that it returns a private IP address. How do you have your system set up? Are you forwarding ports to the .2 address? If so, I would suggest that this might be the problem.

Having set up nameservers in the past (and again recently), you should think about either placing the server in the DMZ on your router, give it a public IP address, and remove all private IP addresses. This should remove any problems that you encounter. Since you have a DNS server, you obviously have at least one static IP address, so it should be inexpensive to purchase more from your ISP if you need to.

A DNS server uses at least three or four ports to properly maintain itself. If you must do port forwarding, make sure that you are redirecting all the necessary ports.

I'm not convinced that this is a cabling issue. The ones that are able to do a traceroute to your system, does it only sometimes work for them, or does it always work for some and never for others?

[bunder]

my tracert seems to point to level3...

[svancouw]

I have noticed now that nearly every time a traceroute is performed, a different target IP address appears. This tells me that you are using a dynamic IP address and using something like dyndns.org to set up your website. Is this correct? This could be the reason that you could not easily set up your domain to allow internal access to you external website. My traceroute came up with 157, .142 and .122 for the same domain name just today.

Since you are using a domain I can safely infer that you are using a Windows-based network. If I am interpreting this correctly, you would not be able to set up a static DNS record in your Domain DNS server, where you would point www to the IP address of your website. I work part-time at a credit union network admin, and that is what we do. The reason this happens is that when your domain has the same domain as the address of the website, the system tries to resolve www to itself and fails. When you put a www record in the Windows DNS server, it can simply forward the request directly to th web server.

I may be completely mis-interpreting this, and my apologies if I have, and doubly so if you already know this. Any additional information would be helpful.

My traceroute results:

C:\Documents and Settings\Sean>tracert the1st.com

Tracing route to the1st.com [66.28.84.157]
over a maximum of 30 hops:

1 2 ms 1 ms 1 ms 64-142-83-200.dsl.static.sonic.net [64.142.83.20
0]
2 11 ms 11 ms 10 ms 64-142-83-1.dsl.static.sonic.net [64.142.83.1]
3 13 ms 11 ms 11 ms 1.fe-1-1-0.gw4.200p-sf.sonic.net [64.142.32.8]
4 13 ms 12 ms 12 ms 0.ge-0-1-0.gw.sr.sonic.net [64.142.0.197]
5 12 ms 13 ms 13 ms 2.ge-2-1-0.gw2.sr.sonic.net [208.201.224.37]
6 16 ms 16 ms 17 ms 0.ge-1-0-0.gw2.equinix-sj.sonic.net [64.142.0.20
6]
7 17 ms 18 ms 17 ms GigabitEthernet1-0.GW1.SJC7.ALTER.NET [157.130.2
14.177]
8 16 ms 17 ms 18 ms POS1-0.XR2.SJC7.ALTER.NET [152.63.53.194]
9 88 ms 86 ms 88 ms 0.so-3-2-0.XL2.NYC1.ALTER.NET [152.63.16.5]
10 85 ms 86 ms 87 ms POS7-0.GW9.NYC1.ALTER.NET [152.63.9.1]
11 84 ms 84 ms 84 ms r2-pos2-3.in.nycmnyzr.cv.net [65.19.102.145]
12 85 ms 86 ms 85 ms 451be091.cst.lightpath.net [65.19.96.145]
13 85 ms 85 ms 85 ms r1-srp1-0.cr.whplny.cv.net [65.19.120.3]
14 85 ms 86 ms 85 ms r2-srp5-0.cst.whplny.cv.net [65.19.120.36]
15 85 ms 85 ms 85 ms r5-ge9-16.cst.whplny.cv.net [65.19.121.154]
16 88 ms 87 ms 88 ms 454a4a66.cst.lightpath.net [69.74.74.102]
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.

Trace complete.

nslookup results:

C:\Documents and Settings\Sean>nslookup the1st.com
Server: ns1.sonic.net
Address: 208.201.224.11

Non-authoritative answer:
Name: the1st.com
Address: 66.28.84.157

[bunder]

[svancouw]

Not taken as a flame at all. I'm afraid I've worked too much with Windows and not enough with Linux, comparatively, so you are right to correct me. I'm not sure about running a domain off of a dynamic IP address, but that idea has some merit and everyone's free to express their opinions.

The reason I love this forum is that people can be honest and safely disagree. Ideas flow and problems are solved.

I suppose it could be level3's fault, but they never showed up in my traceroute at all (although the first timed out response could be them, there's no data to support that). Without having more information, I believe it is more likely to be a configuration issue.

I ran a whois lookup, and the1st.com appears to be hosted (or at least the authoritive DNS servers are there) by tidewater.net, and not dependant on level3. My traceroute is able to reach them without problems.