Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[fixed bug] ns3.siginno.com as NS record of dthinker.net
07-19-2018, 02:25 PM (This post was last modified: 07-19-2018 03:10 PM by zma.)
Post: #1
[fixed bug] ns3.siginno.com as NS record of dthinker.net
------------------------------

[zma@host201:~]$ dig tab.d-thinker.org @115.231.209.243

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> tab.d-thinker.org @115.231.209.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5777
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;tab.d-thinker.org. IN A

;; ANSWER SECTION:
tab.d-thinker.org. 963 IN CNAME tab.dthink.net.
tab.dthink.net. 600 IN A 203.86.233.108

;; AUTHORITY SECTION:
dthink.net. 600 IN NS ns7.zettadom.com.

;; ADDITIONAL SECTION:
ns7.zettadom.com. 744 IN A 115.231.209.243

;; Query time: 44 msec
;; SERVER: 115.231.209.243#53(115.231.209.243)
;; WHEN: Thu Jul 19 14:22:38 HKT 2018
;; MSG SIZE rcvd: 136

[zma@host201:~]$ dig tab.d-thinker.org @203.86.233.108

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> tab.d-thinker.org @203.86.233.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23404
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;tab.d-thinker.org. IN A

;; ANSWER SECTION:
tab.d-thinker.org. 892 IN CNAME tab.dthink.net.
tab.dthink.net. 514 IN A 203.86.233.108

;; AUTHORITY SECTION:
dthink.net. 72485 IN NS ns7.zettadom.com.
dthink.net. 72485 IN NS ns3.siginno.com.

;; ADDITIONAL SECTION:
ns7.zettadom.com. 957 IN A 115.231.209.243

;; Query time: 4 msec
;; SERVER: 203.86.233.108#53(203.86.233.108)
;; WHEN: Thu Jul 19 14:22:42 HKT 2018
;; MSG SIZE rcvd: 162

------------------------------

Here, ns3.siginno.com seems an empty A record:

--------------------
[zma@host201:~]$ dig ns3.siginno.com

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> ns3.siginno.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49466
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ns3.siginno.com. IN A

;; AUTHORITY SECTION:
siginno.com. 1702 IN SOA ns09.domaincontrol.com. dns.jomax.net. 2016050200 28800 7200 604800 3600

;; Query time: 16 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jul 19 14:24:31 HKT 2018
;; MSG SIZE rcvd: 112
-----------------

I feel there is something wrong. One simple fix may be to remove ns3.siginno.com if it is not available any more.
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 02:29 PM
Post: #2
RE: [bug] ns3.siginno.com as NS record of dthinker.net
@xwcwt: could you take a look?
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 02:34 PM
Post: #3
RE: [bug] ns3.siginno.com as NS record of dthinker.net
(07-19-2018 02:29 PM)zma Wrote:  @xwcwt: could you take a look?

I do not know the detail info clearly. I saw you run

Code:
dig tab.d-thinker.org @203.86.233.108

While 203.86.233.108 is the public address of TaB. Is there's a DNS vm under the same Public IP? Do you know which one?

To be honest, i do not know what's the first step I should do.
Find all posts by this user
Quote this message in a reply
07-19-2018, 02:34 PM
Post: #4
RE: [bug] ns3.siginno.com as NS record of dthinker.net
The problem seems in hututadns0e1:

[root@tp11 ~]# iptables -t nat -S
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 25 -j DNAT --to-destination 10.0.0.13:25
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 587 -j DNAT --to-destination 10.0.0.13:587
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 993 -j DNAT --to-destination 10.0.0.13:993
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 995 -j DNAT --to-destination 10.0.0.13:995
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 7071 -j DNAT --to-destination 10.0.0.13:7071
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 8009 -j DNAT --to-destination 10.0.0.13:80
-A PREROUTING -d 203.86.233.108/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.1.13:80
-A PREROUTING -d 203.86.233.108/32 -p tcp -m tcp --dport 22016 -j DNAT --to-destination 10.0.1.13:22
-A PREROUTING -d 203.86.233.108/32 -p tcp -m tcp --dport 15022 -j DNAT --to-destination 10.0.0.14:22
-A PREROUTING -d 203.86.233.108/32 -p udp -m udp --dport 53 -j DNAT --to-destination 10.0.0.14:53
-A PREROUTING -d 203.86.233.108/32 -p tcp -m tcp --dport 53 -j DNAT --to-destination 10.0.0.14:53
-A PREROUTING -d 203.86.233.109/32 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.2.13:80
-A PREROUTING -d 203.86.233.108/32 -p tcp -m tcp --dport 22335 -j DNAT --to-destination 10.0.3.35:22
-A POSTROUTING -s 10.0.0.13/32 -j SNAT --to-source 203.86.233.109
-A POSTROUTING -o enp1s0:1 -j MASQUERADE
-A POSTROUTING -o enp1s0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.13/32 -j SNAT --to-source 203.86.233.109
-A POSTROUTING -s 10.0.1.13/32 -j SNAT --to-source 203.86.233.109
[root@tp11 ~]# ping 10.0.0.14
PING 10.0.0.14 (10.0.0.14) 56(84) bytes of data.
64 bytes from 10.0.0.14: icmp_seq=1 ttl=64 time=0.177 ms
64 bytes from 10.0.0.14: icmp_seq=2 ttl=64 time=0.148 ms
^C
--- 10.0.0.14 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.148/0.162/0.177/0.019 ms
[root@tp11 ~]# xl list
Name ID Mem VCPUs State Time(s)
Domain-0 0 14719 8 r----- 2246223.5
hututadns0e1 567 256 1 -b---- 31732.3
httweb 585 512 2 -b---- 33112.9
neo4j1e0 626 8000 4 -b---- 16106.5
zimbra-hututa 767 2048 1 -b---- 3205.7
forumvrs2e3 768 6144 2 -b---- 15561.1
[root@tp11 ~]# ssh zma@10.0.0.14
zma@10.0.0.14's password:
Last login: Wed Mar 7 10:55:43 2018 from 10.0.0.2
[zma@hututadns0e1 ~]$ netstat -ptlnu
(No info could be read for "-p": geteuid()=1001 but you should be root.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 10.0.0.14:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
udp 0 0 10.0.0.14:53 0.0.0.0:* -
udp 0 0 127.0.0.1:53 0.0.0.0:* -
[zma@hututadns0e1 ~]$ sudo netstat -ptlnu
[sudo] password for zma:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 10.0.0.14:53 0.0.0.0:* LISTEN 761/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 761/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 628/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 662/sendmail: accep
tcp6 0 0 :::22 :::* LISTEN 628/sshd
udp 0 0 10.0.0.14:53 0.0.0.0:* 761/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 761/named
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 02:35 PM
Post: #5
RE: [bug] ns3.siginno.com as NS record of dthinker.net
(07-19-2018 02:34 PM)xwcwt Wrote:  
(07-19-2018 02:29 PM)zma Wrote:  @xwcwt: could you take a look?

I do not know the detail info clearly. I saw you run

Code:
dig tab.d-thinker.org @203.86.233.108

While 203.86.233.108 is the public address of TaB. Is there's a DNS vm under the same Public IP? Do you know which one?

To be honest, i do not know what's the first step I should do.

It's hututadns0e1 http://tab.d-thinker.org/showthread.php?tid=4264 .

The wrong reply seems from it http://tab.d-thinker.org/showthread.php?...http://tab.d-thinker.org/showthread.php?tid=11978&pid=7805 .
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 02:41 PM
Post: #6
RE: [bug] ns3.siginno.com as NS record of dthinker.net
(07-19-2018 02:35 PM)zma Wrote:  
(07-19-2018 02:34 PM)xwcwt Wrote:  
(07-19-2018 02:29 PM)zma Wrote:  @xwcwt: could you take a look?

I do not know the detail info clearly. I saw you run

Code:
dig tab.d-thinker.org @203.86.233.108

While 203.86.233.108 is the public address of TaB. Is there's a DNS vm under the same Public IP? Do you know which one?

To be honest, i do not know what's the first step I should do.

It's hututadns0e1 http://tab.d-thinker.org/showthread.php?tid=4264 .

The wrong reply seems from it http://tab.d-thinker.org/showthread.php?...http://tab.d-thinker.org/showthread.php?tid=11978&pid=7805 .

After I logged in hututadns0e1 once, it seems fine now magically...


[zma@host201:~]$ dig @203.86.233.108 tab.d-thinker.org

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @203.86.233.108 tab.d-thinker.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34645
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;tab.d-thinker.org. IN A

;; ANSWER SECTION:
tab.d-thinker.org. 1391 IN CNAME tab.dthink.net.
tab.dthink.net. 50 IN A 203.86.233.108

;; AUTHORITY SECTION:
dthink.net. 512 IN NS ns7.zettadom.com.

;; ADDITIONAL SECTION:
ns7.zettadom.com. 1718 IN A 115.231.209.243

;; Query time: 4 msec
;; SERVER: 203.86.233.108#53(203.86.233.108)
;; WHEN: Thu Jul 19 14:41:00 HKT 2018
;; MSG SIZE rcvd: 136
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 02:55 PM (This post was last modified: 07-19-2018 02:56 PM by zma.)
Post: #7
RE: [bug] ns3.siginno.com as NS record of dthinker.net
From logs, there were quite some failures in resolving tab.dthink.net on hututadns0e1:

[root@hututadns0e1 named]# grep dthink /var/log/messages*
/var/log/messages:Jul 18 10:30:26 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:231d::2:30#53
/var/log/messages-20180624:Jun 19 10:24:22 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:d2d::30#53
/var/log/messages-20180624:Jun 19 23:58:54 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:83eb::30#53
/var/log/messages-20180624:Jun 20 12:10:57 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:500:856e::30#53
/var/log/messages-20180624:Jun 20 12:10:57 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:502:1ca1::30#53
/var/log/messages-20180624:Jun 20 12:10:57 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:d414::30#53
/var/log/messages-20180624:Jun 22 17:44:13 hututadns0e1 named[761]: error (network unreachable) resolving 'mx.dthink.net/A/IN': 2001:500:856e::30#53
/var/log/messages-20180701:Jun 25 02:12:49 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:a83e::2:30#53
/var/log/messages-20180701:Jun 25 02:12:49 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:231d::2:30#53
/var/log/messages-20180701:Jun 25 02:12:49 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:502:1ca1::30#53
/var/log/messages-20180701:Jun 26 05:20:35 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:231d::2:30#53
/var/log/messages-20180701:Jun 26 05:20:35 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:83eb::30#53
/var/log/messages-20180701:Jun 27 11:53:29 hututadns0e1 named[761]: error (network unreachable) resolving 'wretar.dthink.net/A/IN': 2001:502:1ca1::30#53
/var/log/messages-20180701:Jun 29 12:31:37 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:a83e::2:30#53
/var/log/messages-20180701:Jun 29 12:31:37 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:231d::2:30#53
/var/log/messages-20180701:Jun 29 12:31:37 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:83eb::30#53
/var/log/messages-20180708:Jul 2 04:23:41 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:a83e::2:30#53
/var/log/messages-20180708:Jul 2 08:56:08 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:83eb::30#53
/var/log/messages-20180708:Jul 2 08:56:08 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:500:856e::30#53
/var/log/messages-20180708:Jul 2 08:56:08 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:502:1ca1::30#53
/var/log/messages-20180708:Jul 2 13:16:35 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:a83e::2:30#53
/var/log/messages-20180708:Jul 2 13:16:35 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/A/IN': 2001:503:eea3::30#53
/var/log/messages-20180708:Jul 4 15:06:05 hututadns0e1 named[761]: error (network unreachable) resolving 'wretar.dthink.net/AAAA/IN': 2001:503:83eb::30#53
/var/log/messages-20180715:Jul 9 12:25:37 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:a83e::2:30#53
/var/log/messages-20180715:Jul 10 06:06:49 hututadns0e1 named[761]: error (network unreachable) resolving 'tab.dthink.net/AAAA/IN': 2001:503:83eb::30#53

It points to an IPv6 address while we are using only ipv4 so far.

I suggest disable ipv6 on hututadns0e1 http://tab.d-thinker.org/showthread.php?...http://tab.d-thinker.org/showthread.php?tid=4264&pid=7806 .
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 02:57 PM
Post: #8
RE: [bug] ns3.siginno.com as NS record of dthinker.net
(07-19-2018 02:41 PM)zma Wrote:  
(07-19-2018 02:35 PM)zma Wrote:  
(07-19-2018 02:34 PM)xwcwt Wrote:  
(07-19-2018 02:29 PM)zma Wrote:  @xwcwt: could you take a look?

I do not know the detail info clearly. I saw you run

Code:
dig tab.d-thinker.org @203.86.233.108

While 203.86.233.108 is the public address of TaB. Is there's a DNS vm under the same Public IP? Do you know which one?

To be honest, i do not know what's the first step I should do.

It's hututadns0e1 http://tab.d-thinker.org/showthread.php?tid=4264 .

The wrong reply seems from it http://tab.d-thinker.org/showthread.php?...http://tab.d-thinker.org/showthread.php?tid=11978&pid=7805 .

After I logged in hututadns0e1 once, it seems fine now magically...


[zma@host201:~]$ dig @203.86.233.108 tab.d-thinker.org

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @203.86.233.108 tab.d-thinker.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34645
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;tab.d-thinker.org. IN A

;; ANSWER SECTION:
tab.d-thinker.org. 1391 IN CNAME tab.dthink.net.
tab.dthink.net. 50 IN A 203.86.233.108

;; AUTHORITY SECTION:
dthink.net. 512 IN NS ns7.zettadom.com.

;; ADDITIONAL SECTION:
ns7.zettadom.com. 1718 IN A 115.231.209.243

;; Query time: 4 msec
;; SERVER: 203.86.233.108#53(203.86.233.108)
;; WHEN: Thu Jul 19 14:41:00 HKT 2018
;; MSG SIZE rcvd: 136

I do not find strange setting in named configuration too...
Find all posts by this user
Quote this message in a reply
07-19-2018, 02:59 PM
Post: #9
RE: [bug] ns3.siginno.com as NS record of dthinker.net
(07-19-2018 02:57 PM)xwcwt Wrote:  
(07-19-2018 02:41 PM)zma Wrote:  
(07-19-2018 02:35 PM)zma Wrote:  
(07-19-2018 02:34 PM)xwcwt Wrote:  
(07-19-2018 02:29 PM)zma Wrote:  @xwcwt: could you take a look?

I do not know the detail info clearly. I saw you run

Code:
dig tab.d-thinker.org @203.86.233.108

While 203.86.233.108 is the public address of TaB. Is there's a DNS vm under the same Public IP? Do you know which one?

To be honest, i do not know what's the first step I should do.

It's hututadns0e1 http://tab.d-thinker.org/showthread.php?tid=4264 .

The wrong reply seems from it http://tab.d-thinker.org/showthread.php?...http://tab.d-thinker.org/showthread.php?tid=11978&pid=7805 .

After I logged in hututadns0e1 once, it seems fine now magically...


[zma@host201:~]$ dig @203.86.233.108 tab.d-thinker.org

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @203.86.233.108 tab.d-thinker.org
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34645
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;tab.d-thinker.org. IN A

;; ANSWER SECTION:
tab.d-thinker.org. 1391 IN CNAME tab.dthink.net.
tab.dthink.net. 50 IN A 203.86.233.108

;; AUTHORITY SECTION:
dthink.net. 512 IN NS ns7.zettadom.com.

;; ADDITIONAL SECTION:
ns7.zettadom.com. 1718 IN A 115.231.209.243

;; Query time: 4 msec
;; SERVER: 203.86.233.108#53(203.86.233.108)
;; WHEN: Thu Jul 19 14:41:00 HKT 2018
;; MSG SIZE rcvd: 136

I do not find strange setting in named configuration too...

Possible it had never been able to update its cache for dthink.net http://tab.d-thinker.org/showthread.php?...http://tab.d-thinker.org/showthread.php?tid=11978&pid=7806 and is using an very old cached record.
Visit this user's website Find all posts by this user
Quote this message in a reply
07-19-2018, 03:10 PM
Post: #10
RE: [bug] ns3.siginno.com as NS record of dthinker.net
Seems fine now:

[zma@host201:~]$ dig -t NS dthink.net @203.86.233.108

; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> -t NS dthink.net @203.86.233.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43363
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dthink.net. IN NS

;; ANSWER SECTION:
dthink.net. 599 IN NS ns7.zettadom.com.

;; Query time: 247 msec
;; SERVER: 203.86.233.108#53(203.86.233.108)
;; WHEN: Thu Jul 19 15:09:46 HKT 2018
;; MSG SIZE rcvd: 69

[zma@host201:~]$
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump: