[outages] ntp.org DNS lookups failing
Gert Doering
gert at greenie.muc.de
Wed Jan 18 15:25:23 EST 2017
Hi,
On Wed, Jan 18, 2017 at 02:15:32PM -0600, Douglas K. Rand via Outages wrote:
> All of our DNS queries in the ntp.org zone seem to be failing.
>
> Checked a few public DNS servers, such as Google's 8.8.8.8 and 8.8.4.4,
> and they are missing it also.
This looks like a name server set change, and the old servers failed /
stopped to answer.
One of our recursives lists these
;; ANSWER SECTION:
ntp.org. 74239 IN NS ns2.everett.org.
ntp.org. 74239 IN NS ns1.ntp.org.
ntp.org. 74239 IN NS ns2.ntp.org.
ntp.org. 74239 IN NS ns1.everett.org.
... and returns SERVFAIL to "pool.ntp.org" queries.
The other one lists these:
;; ANSWER SECTION:
ntp.org. 3509 IN NS anyns.pch.net.
ntp.org. 3509 IN NS ns2.everett.org.
ntp.org. 3509 IN NS ns3.p20.dynect.net.
ntp.org. 3509 IN NS dns2.udel.edu.
ntp.org. 3509 IN NS ns1.p20.dynect.net.
ntp.org. 3509 IN NS ns2.p20.dynect.net.
ntp.org. 3509 IN NS ns1.everett.org.
ntp.org. 3509 IN NS dns1.udel.edu.
ntp.org. 3509 IN NS ns4.p20.dynect.net.
... and happily answers queries....
Trying to query directly, ns1/ns2.ntp.org return SERVFAIL as well,
and ns1/ns2.everett.org do not reply at all... so pure guesswork on
my side says "the original set is broken / under attack / ..., so
new servers have been added, but as long as the old NS records are
still being cached, things keep failing".
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the Outages
mailing list