Ambiente:
Domínio do Active Directory com um único controlador de domínio (Windows Server 2003 R2 Standard x64 Edition - Service Pack 2) que também é o DNS
Clientes do Windows XP Service Pack 3. Os computadores clientes têm apenas o nosso interno Servidor DNS como seu endereço DNS.
Nossos usuários informaram que ocasionalmente não podem visitar a Southwest Airlines site www.southwest.com.
Após alguns dias de tentativas, conseguimos reproduzir o problema no usuário de um teste login.
Ao tentar acessar o site no Firefox, a barra de status diz: "Observando www.southwest.com "e depois de alguns instantes o Firefox exibe:
Endereço não encontrado
O Firefox não consegue encontrar o servidor em www.southwest.com
Resultados semelhantes no Internet Explorer
Tentamos reiniciar o navegador e o computador, mas ainda não podemos acessar o local. Outros sites que testamos funcionam normalmente.
Nós tentamos acessar o site de outro computador e obtivemos os mesmos resultados.
nslookup revela o seguinte:
C:\Documents and Settings\TestQ>nslookup www.teamdesk.net
Server: server.domain.local
Address: 172.21.31.206
Name: www.teamdesk.net
Address: 208.100.33.78
C:\Documents and Settings\TestQ>nslookup www.southwest.com
Server: server.domain.local
Address: 172.21.31.206
DNS request timed out.
timeout was 2 seconds.
*** Request to server.domain.local timed-out
C:\Documents and Settings\TestQ>nslookup
Default Server: server.domain.local
Address: 172.21.31.206
> www.southwest.com
Server: server.domain.local
Address: 172.21.31.206
DNS request timed out.
timeout was 2 seconds.
*** Request to server.domain.local timed-out
> set d2
> www.southwest.com
Server: server.domain.local
Address: 172.21.31.206
------------
SendRequest(), len 51
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.southwest.com.domain.local, type = A, class = IN
------------
------------
Got answer (119 bytes):
HEADER:
opcode = QUERY, id = 4, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.southwest.com.domain.local, type = A, class = IN
AUTHORITY RECORDS:
-> domain.local
type = SOA, class = IN, dlen = 41
ttl = 3600 (1 hour)
primary name server = server.domain.local
responsible mail addr = hostmaster
serial = 2064
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
SendRequest(), len 35
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.southwest.com, type = A, class = IN
------------
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
*** Request to server.domain.local timed-out
> www.google.com
Server: server.domain.local
Address: 172.21.31.206
------------
SendRequest(), len 48
HEADER:
opcode = QUERY, id = 6, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.google.com.domain.local, type = A, class = IN
------------
------------
Got answer (116 bytes):
HEADER:
opcode = QUERY, id = 6, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
www.google.com.domain.local, type = A, class = IN
AUTHORITY RECORDS:
-> domain.local
type = SOA, class = IN, dlen = 41
ttl = 3600 (1 hour)
primary name server = server.domain.local
responsible mail addr = hostmaster
serial = 2064
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
SendRequest(), len 32
HEADER:
opcode = QUERY, id = 7, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.google.com, type = A, class = IN
------------
------------
Got answer (132 bytes):
HEADER:
opcode = QUERY, id = 7, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 6, authority records = 0, additional = 0
QUESTIONS:
www.google.com, type = A, class = IN
ANSWERS:
-> www.google.com
type = CNAME, class = IN, dlen = 8
canonical name = www.l.google.com
ttl = 69859 (19 hours 24 mins 19 secs)
-> www.l.google.com
type = A, class = IN, dlen = 4
internet address = 74.125.239.19
ttl = 300 (5 mins)
-> www.l.google.com
type = A, class = IN, dlen = 4
internet address = 74.125.239.20
ttl = 300 (5 mins)
-> www.l.google.com
type = A, class = IN, dlen = 4
internet address = 74.125.239.18
ttl = 300 (5 mins)
-> www.l.google.com
type = A, class = IN, dlen = 4
internet address = 74.125.239.17
ttl = 300 (5 mins)
-> www.l.google.com
type = A, class = IN, dlen = 4
internet address = 74.125.239.16
ttl = 300 (5 mins)
------------
Non-authoritative answer:
Name: www.l.google.com
Addresses: 74.125.239.19, 74.125.239.20, 74.125.239.18, 74.125.239.17
74.125.239.16
Aliases: www.google.com
Como podemos diagnosticar e resolver ainda mais este problema?
EDITAR
Eu trabalho com o Brad. Obrigado pela sua ajuda até agora.
1) O servidor DNS atua como o resolvedor. Não há pesquisa direta diferente dos servidores raiz por meio de dicas de raiz.
2) Sob o estado de erro (ou seja, quando as pesquisas do southwest.com estão expirando), nslookup southwest.com ns-1.southwest.com expira procurando o servidor ns-1.southwest.com. Mesma coisa com ns-2.southwest.com.
3) Sob o estado de erro, nslookup southwest.com 12.5.136.190 e nslookup southwest.com 63.169.44.190 (ou seja, contra os endereços IP de ns-1 e ns-2.southwest.com) funcionam, retornando os endereços IP do southwest.com.
4) Sob o estado de erro, o cache permanece inalterado quando as coisas estão funcionando normalmente. Isto é, dnsmgmt \ pesquisas em cache. (Root) \ com \ southwest sempre mostra o seguinte (incluindo o registro A para ns-2, que falha (veja o item 2 acima)).
Name Type Data
---- ---- ----
(same as parent folder) Name Server (NS) ns-1.southwest.com
(same as parent folder) Name Server (NS) ns-2.southwest.com
(same as parent folder) Host (A) 208.94.152.100
(same as parent folder) Host (A) 208.94.153.100
ns-2 Host (A) 63.169.44.190
Eu suspeito que estamos negligenciando algo óbvio ...
EDITAR
(Desculpe pela demora. Eu postei isso há mais de 8 horas, mas nunca apareceu.)
Sob o estado de erro,
5) nslookup southwest.com contra todos os servidores * .gtld-servers.net bem-sucedidos
... QUESTIONS:
southwest.com, type = A, class = IN
AUTHORITY RECORDS:
-> southwest.com
type = NS, class = IN, dlen = 7
nameserver = ns-1.southwest.com
ttl = 172800 (2 days)
-> southwest.com
type = NS, class = IN, dlen = 7
nameserver = ns-2.southwest.com
ttl = 172800 (2 days)
ADDITIONAL RECORDS:
-> ns-1.southwest.com
type = A, class = IN, dlen = 4
internet address = 12.5.136.190
ttl = 172800 (2 days)
-> ns-2.southwest.com
type = A, class = IN, dlen = 4
internet address = 63.169.44.190
ttl = 172800 (2 days)
------------
Name: southwest.com
Served by:
- ns-1.southwest.com
12.5.136.190
southwest.com
- ns-2.southwest.com
63.169.44.190
southwest.com
6) nslookup southwest.com 208.67.222.222 (OpenDNS) teve sucesso
7) Limpar o cache consertou o problema, mas ele retorna mais tarde.
8) Depois de limpar o cache e fazer o nslookup southwest.com (que é bem-sucedido), o cache agora tem o registro A do ns-1 (ele não estava no estado de erro, veja o item 4 acima)
Name Type Data
---- ---- ----
(same as parent folder) Name Server (NS) ns-1.southwest.com
(same as parent folder) Name Server (NS) ns-2.southwest.com
(same as parent folder) Host (A) 208.94.153.100
(same as parent folder) Host (A) 208.94.152.100
ns-1 Host (A) 12.5.136.190
ns-2 Host (A) 63.169.44.190
9) Observe que o servidor DNS só encaminha para os servidores raiz. Consegue pensar em algum motivo que deva causar este problema?
Se você encaminhar o DNS para o seu ISP, tente fazer um nslookup especificando seus servidores e ver se o problema está no fim. Se você estiver usando dicas de raiz, certifique-se de que a dica de raiz do o servidor raiz L esteja usando o direito IP. Eu vi isso causar alguma lentidão em instalações mais antigas do AD.