Major DNS update? Major nameservers down? What's going on?

Nazo

Nazo

2[H]4U
Joined
Apr 2, 2002
Messages
3,672
Well, these past few days, I've been having troubles getting to quite a number of sites. I swear it's beginning to feel like half the web is down. Quite a number of sites that I never had trouble with before, many of which are rather major places (eg, not some little unknown site with cheap servers, but the big ones that tend to have multiple backups) just can't be found. No DNS or anything. The thing is, I understand that could just be ISP issues or something, but, I've verified this by checking other nameservers not provided by my ISP. Even those places just can't find any records for these sites.

Here's an example:
http://www.farcry-thegame.com/
I was going to see if there were any new patches for it or anything like that, but no good. Currently unable to find any DNS records anywhere. While they were at it, http://www.farcry.ubi.com/ dissapeared too. In fact, http://www.ubi.com/ is gone. Well, there's always third party sites, but, this is a huge pain because 99% of the web links to other parts of the web. What I mean is that things like downloads are usually screwed up because everyone is too cheap to host things on their own servers and just simply link to it in such a way that they attempt to make it look like it's own their own server. I HATE that.

Anyway, as you can see, with a giant number of DNS entries completly missing, it's not just some minor little incident, but must actually be something a little more important. Perhaps one of the main nameservers that the others get their databases from is having issues? Anyway, I was just wondering because it's beginning to become annoying and still hasn't dissapeared over these few days.

BTW, does anyone have any good information on how to set up a DNS server (bind) in Windows XP to not just do simple things like cache addresses, but, to actually try to maintain a small database in such a way that when things like this (especially when ISP nameservers get issues, which is FAR more common) I would have a backup? I know it could be done, but I'm afraid that it's just a bit beyond me. I never got it quite set up when I tried before and it never really did anything useful.
 
No problems here. Tried doing a 'dig +trace'?

Code: 
$ dig +trace [url]www.farcry-thegame.com[/url] 

; <<>> DiG 9.2.4rc5 <<>> +trace [url]www.farcry-thegame.com[/url]
;; global options:  printcmd
.                       155317  IN      NS      F.ROOT-SERVERS.NET.
.                       155317  IN      NS      G.ROOT-SERVERS.NET.
.                       155317  IN      NS      H.ROOT-SERVERS.NET.
.                       155317  IN      NS      I.ROOT-SERVERS.NET.
.                       155317  IN      NS      J.ROOT-SERVERS.NET.
.                       155317  IN      NS      K.ROOT-SERVERS.NET.
.                       155317  IN      NS      L.ROOT-SERVERS.NET.
.                       155317  IN      NS      M.ROOT-SERVERS.NET.
.                       155317  IN      NS      A.ROOT-SERVERS.NET.
.                       155317  IN      NS      B.ROOT-SERVERS.NET.
.                       155317  IN      NS      C.ROOT-SERVERS.NET.
.                       155317  IN      NS      D.ROOT-SERVERS.NET.
.                       155317  IN      NS      E.ROOT-SERVERS.NET.
;; Received 436 bytes from 127.0.0.1#53(127.0.0.1) in 108 ms

com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
;; Received 472 bytes from 192.5.5.241#53(F.ROOT-SERVERS.NET) in 208 ms

farcry-thegame.com.     172800  IN      NS      nic1.ubisoft.com.
farcry-thegame.com.     172800  IN      NS      nic2.ubisoft.com.
;; Received 118 bytes from 192.54.112.30#53(H.GTLD-SERVERS.NET) in 50 ms

[url]www.farcry-thegame.com[/url]. 3600    IN      CNAME   lb.ubisoft.com.
lb.ubisoft.com.         3600    IN      A       216.98.48.7
ubisoft.com.            3600    IN      NS      nic1.ubisoft.com.
ubisoft.com.            3600    IN      NS      nic2.ubisoft.com.
ubisoft.com.            3600    IN      NS      ns0.ubisoft.com.
;; Received 185 bytes from 216.98.52.5#53(nic1.ubisoft.com) in 137 ms
 
Right now I don't really have bind installed. I'm using external tools on the web such as network-tools.com

EDIT: Wow, tried it just now and actually got a response on network-tools this time around. The IP still didn't seem to work though. I get no response from the server. BTW, if I try to ping that address, it says transmit failed, error code 65. No trouble pinging google.
 
Code: 
  5    21 ms    23 ms    19 ms  gbr5-p80.sl9mo.ip.att.net [12.123.24.234]
  6    22 ms    21 ms    28 ms  tbr2-p013501.sl9mo.ip.att.net [12.122.11.121]
  7    28 ms    27 ms    27 ms  tbr2-cl7.cgcil.ip.att.net [12.122.10.45]
  8    26 ms    28 ms    28 ms  ggr2-p390.cgcil.ip.att.net [12.123.6.37]
  9    28 ms    26 ms    28 ms  so-1-1-0.BR6.CHI2.ALTER.NET [204.255.174.9]
 10    28 ms    29 ms    50 ms  0.so-5-3-0.XL1.CHI2.ALTER.NET [152.63.64.50]
 11   262 ms    29 ms    33 ms  0.so-0-0-0.TL1.CHI2.ALTER.NET [152.63.68.82]
 12    49 ms    49 ms    49 ms  0.so-3-0-0.TL1.MTL1.ALTER.NET [152.63.0.70]
 13    48 ms    50 ms    52 ms  0.so-7-0-0.XL1.MTL1.ALTER.NET [152.63.133.65]
 14    50 ms    64 ms    52 ms  POS6-0.GW2.MTL1.ALTER.NET [152.63.128.241]
 15    50 ms    47 ms    48 ms  ubis-gw.customer.alter.net [216.95.146.46]
 16    51 ms    49 ms    53 ms  foo.ubisoft.com [216.98.49.252]
 17    51 ms    55 ms    52 ms  lb.ubisoft.com [216.98.48.7]

looks fine. its a routing issue
 
Hrm. Well, I tried traceroute. In fact, I noticed something rather curious. That address (even when I manually specified the IP address itself rather than the DNS address) didn't even go through the modem (gateway.) Oh, and I got transmit error 65 again even for traceroute to that site (not to google, here, or any number of other sites I CAN get to though.)

Hrm, so what can be causing this? I assumed it was a nameserver issue since every time I cared enough to look it up on that website I got no results there either.
 
you havent been IP banned from that site, have you?
 
Not to my knowlege. I can't imagine why as I do scans/etc, so shouldn't have any trojans, and, I'm no hacker (don't even know how to do more than just a bunch of pings if I wanted to "attack" someone.) Also, bear in mind I've had this issue with a LOT of sites. There's surely no way that so many could have banned my IP. Besides, wouldn't it normally be connection refused, not transmit failed without even STARTING the route (eg didn't even go through the gateway.) This is, after all, a commercial game site, not some little forum somewhere or something where they would WANT to ban someone who doesn't really push it (and even then most forums aren't so strict that they ban easily.)
 
Does your ISP do content filtering?
 
Not last I checked. If they did, they do a poor job of it. And I'd be pretty ticked just out of the principle of the thing.

BTW, I just got smart about this. I forgot my modem has diagnostic tools. The modem is able to ping www.farcry-thegame.com even though I still can't. This is definitely on my side whatever it is. But, why the heck does it only affect about 1/10 of the sites I try to visit?

EDIT: Most likely this will not matter, but, just in case, I'm informing you that I JUST NOW (NOT BEFORE!) did the tweaking thing with the help of dslreports to get the rwin, mtu & etc to more reasonable settings. It didn't help any, but I didn't really expect it to. The reason I point this out is that it could still affect things later.
 
have you tried setting your own dns servers instead of using whatever?

I was able to get to that site fine.

What was the last thing you remember doing before this starting happended?
 
Installing windows. d-:

I don't really know of any good nameservers. However, the nameserver isn't the issue. Remember, even when I manually enter the IP address after looking it up elsewhere, I get the same error. (In fact, I tried copying and pasting the IP address mentioned previously in this same topic.) Even when trying to ping a nonexistant address, I've never seen it say transmit failed like that. Something is seriously misconfigured somewhere...
 
Alright, I found the problem. It turns out that somehow all these sites are falling within the range of the blocklist I had downloaded into ZoneAlarm. This is why transmission stopped before it ever even made it to the modem. So, for future reference, this is the solution.
 
For future reference, here are some good nameservers

216.135.0.10
216.135.1.10
63.64.9.19
 
Thanks.
Speaking of which, that reminds me of a question I asked earlier. Anyone seen any tutorials on getting bind PROPERLY configured to do more useful stuff?
 
You must log in or register to reply here.
Back
Top