运维开发网

域名系统 – DNS问题,站点离线. nslookup定期失败,挖掘/主机一直工作

运维开发网 https://www.qedev.com 2020-04-07 18:28 出处:网络 作者:运维开发网整理
我的网站在一天中的大部分时间间歇性地停止运行,我疯狂地试图调试原因.这似乎是一个DNS问题,因为我的DNS服务器从我的ISP更改为谷歌的8.8.8.8修复它为我的个人浏览器.但现在这也失败了! DownForEveryoneOrJustMe表示它已经上升了,虽然我收到用户的一些投诉,但事实并非如此. nslookup是间歇性的: 16:04: ~/d/coachup (master) > nslo
我的网站在一天中的大部分时间间歇性地停止运行,我疯狂地试图调试原因.这似乎是一个DNS问题,因为我的DNS服务器从我的ISP更改为谷歌的8.8.8.8修复它为我的个人浏览器.但现在这也失败了! DownForEveryoneOrJustMe表示它已经上升了,虽然我收到用户的一些投诉,但事实并非如此.

nslookup是间歇性的:

16:04: ~/d/coachup (master) > nslookup www.coachup.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
*** Can't find www.coachup.com: No answer

整个一天,有时会返回一个结果,但现在不是.当我尝试使用我的一个GoDaddy DNS名称服务器(我认为它是权威的?我从whois获得它们)时,我得到:

16:06: ~/d/coachup (master) > nslookup www.coachup.com NS36.DOMAINCONTROL.COM
Server:         NS36.DOMAINCONTROL.COM
Address:        208.109.255.18#53

www.coachup.com canonical name = chiba-9316.herokussl.com.

另一个更加不稳定:

16:07: ~/d/coachup (master) > nslookup www.coachup.com NS35.DOMAINCONTROL.COM
Server:         NS35.DOMAINCONTROL.COM
Address:        216.69.185.18#53

*** Can't find www.coachup.com: No answer

16:08: ~/d/coachup (master) > nslookup www.coachup.com NS35.DOMAINCONTROL.COM
Server:         NS35.DOMAINCONTROL.COM
Address:        216.69.185.18#53

www.coachup.com canonical name = chiba-9316.herokussl.com.

然而,即使反复尝试,挖掘总会带回信息:

16:08: ~/d/coachup (master) > dig @8.8.8.8 www.coachup.com ANY

; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 www.coachup.com ANY
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49917
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.coachup.com.               IN      ANY

;; ANSWER SECTION:
www.coachup.com.        2815    IN      CNAME   chiba-9316.herokussl.com.

;; Query time: 32 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Dec 18 16:09:25 2013
;; MSG SIZE  rcvd: 68

16:09: ~/d/coachup (master) > dig @NS35.DOMAINCONTROL.COM www.coachup.com ANY

; <<>> DiG 9.8.3-P1 <<>> @NS35.DOMAINCONTROL.COM www.coachup.com ANY
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58865
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;www.coachup.com.               IN      ANY

;; ANSWER SECTION:
www.coachup.com.        3600    IN      CNAME   chiba-9316.herokussl.com.

;; AUTHORITY SECTION:
coachup.com.            3600    IN      NS      ns36.domaincontrol.com.
coachup.com.            3600    IN      NS      ns35.domaincontrol.com.

;; Query time: 309 msec
;; SERVER: 216.69.185.18#53(216.69.185.18)
;; WHEN: Wed Dec 18 16:09:39 2013
;; MSG SIZE  rcvd: 120

主机同样工作一致.

一些问题:

>为什么挖掘和托管工作一致但不是nslookup?

>我如何确定我的权威名称服务器. whois在那里工作吗?

我的工作理论是,GoDaddy名称服务器一直不稳定,有一次,当谷歌的8.8.8.8要求www.coachup.com并得到一个不答复时,它暂时缓解了这一点.这看起来似乎有道理吗?但是它只有nslookup而不是挖掘或主机.

此外,Heroku status显示他们昨天正在进行“DNS维护”.这可能导致这种情况吗?它说它现在是绿色的.

*为什么挖掘和托管工作一致但不是nslookup?

因为当你运行dig时你使用了’ANY’选项,这意味着你不仅要查找’A’记录,还要查找其他记录,例如CNAME.虽然nslookup正在寻找’A’记录.有趣的是,当我’挖掘@ 8.8.8.8 www.coachup.com’时,我没有回答,但是当我’挖@8.8.8.8 www.coachup.com cname’时,我收到了回复.

*如何确定我的权威名称服务器. whois在那里工作吗?

whois主要是一个管理数据库,确定你的实际名称服务器使用’dig trace www.coachup.com’ –

[root@kauai ~]# dig +trace www.coachup.com

; > DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 > +trace www.coachup.com
;; global options: +cmd
.                       3600000 IN      NS      G.ROOT-SERVERS.NET.
.                       3600000 IN      NS      K.ROOT-SERVERS.NET.
.                       3600000 IN      NS      D.ROOT-SERVERS.NET.
.                       3600000 IN      NS      J.ROOT-SERVERS.NET.
.                       3600000 IN      NS      M.ROOT-SERVERS.NET.
.                       3600000 IN      NS      C.ROOT-SERVERS.NET.
.                       3600000 IN      NS      I.ROOT-SERVERS.NET.
.                       3600000 IN      NS      H.ROOT-SERVERS.NET.
.                       3600000 IN      NS      F.ROOT-SERVERS.NET.
.                       3600000 IN      NS      A.ROOT-SERVERS.NET.
.                       3600000 IN      NS      B.ROOT-SERVERS.NET.
.                       3600000 IN      NS      E.ROOT-SERVERS.NET.
.                       3600000 IN      NS      L.ROOT-SERVERS.NET.
;; Received 512 bytes from 192.168.10.109#53(192.168.10.109) in 18 ms

com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
;; Received 505 bytes from 192.33.4.12#53(192.33.4.12) in 133 ms

coachup.com.            172800  IN      NS      ns35.domaincontrol.com.
coachup.com.            172800  IN      NS      ns36.domaincontrol.com.
;; Received 117 bytes from 192.54.112.30#53(192.54.112.30) in 138 ms

www.coachup.com.        3600    IN      CNAME   chiba-9316.herokussl.com.
;; Received 68 bytes from 208.109.255.18#53(208.109.255.18) in 33 ms

您的权威名称服务器位于 –

coachup.com.            172800  IN      NS      ns35.domaincontrol.com.
coachup.com.            172800  IN      NS      ns36.domaincontrol.com.

*我怀疑问题出在Heroku上,谷歌和其他一些dns服务器缓存了不存在的记录响应,之后他们开始从负缓存响应.一旦负缓存过期,它应该工作.我的猜测仍然是猜测,你的权威名称服务器确实提供了cname响应,但谷歌dns服务器无法完成“chiba-9316.herokussl.com.”的解析,假设Herok遇到问题.

为了测试这个我在几个公共DNS服务器上进行挖掘 – 我从网站“http://pcsupport.about.com/od/tipstricks/a/free-public-dns-servers.htm”获得.所有人都回复了CNAME,但包括谷歌在内的一些人没有回复“A”记录查询 –

请求’A’记录.注意:谷歌dns是’8.8.8.8′


[daniel@kauai ~]$for dns in $(awk '{print $2}' /tmp/dnsservers ); do echo ==$dns===; dig @$dns www.coachup.com. +short ;done
==209.244.0.3===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
50.16.224.113
23.23.124.44
23.23.101.90
==8.8.8.8===
==8.26.56.26===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
23.23.124.44
23.23.101.90
50.16.224.113
==208.67.222.222===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
50.16.224.113
23.23.101.90
23.23.124.44
==156.154.70.1===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
23.23.124.44
23.23.101.90
50.16.224.113
==198.153.192.40===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
23.23.101.90
50.16.224.113
23.23.124.44
==81.218.119.11===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
23.23.124.44
23.23.101.90
50.16.224.113
==195.46.39.39===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
50.16.224.113
23.23.101.90
23.23.124.44
==23.90.4.6===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
23.23.101.90
23.23.124.44
50.16.224.113
==216.146.35.35===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
50.16.224.113
23.23.101.90
23.23.124.44
==89.233.43.71===
chiba-9316.herokussl.com.
elb002794-1867396571.us-east-1.elb.amazonaws.com.
23.23.101.90
50.16.224.113
23.23.124.44
==74.82.42.42===
==109.69.8.51===

请求CNAME查询 –


[daniel@kauai ~]$for dns in $(awk '{print $2}' /tmp/dnsservers ); do echo ==$dns===; dig @$dns www.coachup.com. +short cname ;done
==209.244.0.3===
chiba-9316.herokussl.com.
==8.8.8.8===
chiba-9316.herokussl.com.
==8.26.56.26===
chiba-9316.herokussl.com.
==208.67.222.222===
chiba-9316.herokussl.com.
==156.154.70.1===
chiba-9316.herokussl.com.
==198.153.192.40===
chiba-9316.herokussl.com.
==81.218.119.11===
chiba-9316.herokussl.com.
==195.46.39.39===
chiba-9316.herokussl.com.
==23.90.4.6===
chiba-9316.herokussl.com.
==216.146.35.35===
chiba-9316.herokussl.com.
==89.233.43.71===
chiba-9316.herokussl.com.
==74.82.42.42===
chiba-9316.herokussl.com.
==109.69.8.51===
chiba-9316.herokussl.com.

0

精彩评论

暂无评论...
验证码 换一张
取 消