DNS servers on the fritz?

I nearly had a heart attack this morning when I went to start up my desktop and suddenly over half of my webpages stopped working. We’re talking normal stuff like google, yahoo, cnn, etc.

Due to whatever is happening with the DNS servers, it’s randomly blocking things like bing too, then allowing them to work again. For a few moments, I was able to connect to everything normally, then it went screwy again.

So, I figured I’d throw up a new thread, since the other relates to only google, and see who else is having the same issues.

To fix this you just go into network and sharing>(connection type, lan wireless etc)>properties>internet protocol version 4>obtain dns server automatically

You may or may not have to restart and/or move the setting more than once before it sticks. On one of my systems it took instantly, on another I had to restart.

They seem to be pretty heavily loaded

Tests run with ns_bench

Nameserver              Response Time (ms)
                        min/avg/max/stdev/retries

8.20.247.20             97.00/98.00/99.00/0.63/0
8.26.56.26              97.00/98.80/100.00/0.98/0
8.8.8.8                 25.00/25.60/26.00/0.49/0
8.8.4.4                 25.00/26.00/27.00/0.63/0
156.154.70.22           34.00/37.60/45.00/3.88/0
156.154.71.22           20.00/21.60/23.00/1.02/0
208.67.222.222          19.00/20.00/21.00/0.63/0
208.67.220.220          21.00/21.40/22.00/0.49/0


Just hit [ENTER] to run again or enter an x to quit?

Nameserver              Response Time (ms)
                        min/avg/max/stdev/retries

8.20.247.20             97.00/98.40/100.00/1.02/0
8.26.56.26              98.00/99.20/100.00/0.98/0
8.8.8.8                 25.00/26.80/33.00/3.12/0
8.8.4.4                 23.00/24.80/27.00/1.33/0
156.154.70.22           34.00/34.40/35.00/0.49/0
156.154.71.22           22.00/22.20/23.00/0.40/0
208.67.222.222          20.00/21.00/22.00/0.89/0
208.67.220.220          21.00/21.80/23.00/0.75/0


Just hit [ENTER] to run again or enter an x to quit?

I failed to save the log, but mine basically pinged the DNS server something stupid like 650 times before my internet connection finally gave up. I’m actually kinda proud that my system could handle 650 outbound connections at once.

Figured I’d throw something up here, so at least people can fix the problem. I blew nearly 2 hours before finding any information about the DNS servers.

A trace from the Netherlands, seems like the anycast is ending up in NJ, but way to slow on the last hops

Tracing route to ns2.recursive.dns.com [8.20.247.20]
over a maximum of 30 hops:

  1    <Local> 
  2    <Local>
  3    <Local>
  4    19 ms    18 ms     *     10GE1-2.dr1-asd7.nl.euro.net [194.134.187.48]
  5    21 ms    19 ms    19 ms  10GE5-0-1.cr1-asd8.nl.euro.net [194.134.161.12]
  6    18 ms    19 ms    19 ms  PC11.er1-asd8.nl.euro.net [194.134.161.11]
  7     *        *        *     Request timed out.
  8    22 ms    21 ms    20 ms  ams-sa1-i.AMS.NL.NET.DTAG.DE [62.154.15.57]
  9    20 ms    19 ms    20 ms  80.156.160.58
 10   100 ms   100 ms    99 ms  comodo-group-inc.gigabitethernet6-27.ar4.nyc1.gblx.net [208.48.239.234]
 11    97 ms    97 ms    96 ms  ns2.recursive.dns.com [8.20.247.20]

Trace complete.

tcp connect times are on the same order of ms.

tcping -n 10 8.20.247.20 53

Probing 8.20.247.20:53/tcp - Port is open - time=104.931ms
Probing 8.20.247.20:53/tcp - Port is open - time=104.266ms
Probing 8.20.247.20:53/tcp - Port is open - time=100.737ms
Probing 8.20.247.20:53/tcp - Port is open - time=100.000ms
Probing 8.20.247.20:53/tcp - Port is open - time=100.226ms
Probing 8.20.247.20:53/tcp - Port is open - time=98.360ms
Probing 8.20.247.20:53/tcp - Port is open - time=99.663ms
Probing 8.20.247.20:53/tcp - Port is open - time=98.941ms
Probing 8.20.247.20:53/tcp - Port is open - time=99.664ms
Probing 8.20.247.20:53/tcp - Port is open - time=101.468ms

Ping statistics for 8.20.247.20:53
     10 probes sent.
     10 successful, 0 failed.
Approximate trip times in milli-seconds:
     Minimum = 98.360ms, Maximum = 104.931ms, Average = 100.826ms

Please open a troubleticket here Comodo - Powered by Kayako Help Desk Software so it can be escalated to support.

Please see my reply at:

https://forums.comodo.com/comodo-secure-dns/secure-dns-server-not-loading-google-t78220.0.html

Looks like they’ve fixed whatever the problem is and it’s working fine again!

please let me know if you have any continuing issues

Hi Brian,

Is the round-trip issue also supposed to be solved?

dig @ns2.recursive.dns.com www.comodo.com

; <<>> DiG 9.8.1 <<>> @ns2.recursive.dns.com www.comodo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24542
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0

;; QUESTION SECTION:
;www.comodo.com.                        IN      A

;; ANSWER SECTION:
www.comodo.com.         511     IN      A       91.199.212.176

;; AUTHORITY SECTION:
comodo.com.             429     IN      NS      ns0.comododns.com.
comodo.com.             429     IN      NS      ns0.comododns.net.
comodo.com.             429     IN      NS      ns1.comododns.com.
comodo.com.             429     IN      NS      ns1.comododns.net.

;; Query time: 109 msec
;; SERVER: 8.20.247.20#53(8.20.247.20)
;; WHEN: Fri Nov 04 00:02:41 2011
;; MSG SIZE  rcvd: 143

Query time: 109 msec

Well it was a issue we had with one of our peering partners at a specific site. It didn’t affect the peering at other sites, so it was a one-off thing. During the event it had around a 30-60% packet failure, so it was taken offline once identified and later resolved.

Odd, just a couple hours ago I was able to access Bing without an issue but was having trouble accessing Gmail and Youtube. Those issues disappeared but now Bing.com is coming up as a blocked site for Comodo Secure DNS.

which part of bing are you being blocked at? have a hostname for me to search for?