Why must Comcast's DNS suck?
Ben Scott
dragonhawk at gmail.com
Tue Nov 14 11:37:57 EST 2006
On 11/14/06, Paul Lussier <p.lussier at comcast.net> wrote:
> Nope. The two I can remember of hand are:
>
> www.evangelicaloutpost.com[1]
> www.shamusyoung.com[2]
FWIW: I just ssh'ed into my home system and checked those two names
against the two Comcast DNS servers present in my /etc/resolv.conf,
and everything appeared to resolve fine.
> Both result in 'not found' errors from home:
>
> $ host www.evangelicaloutpost.com
> Host www.evangelicaloutpost.com not found: 2(SERVFAIL)
Hmmm, SERVFAIL is more than just a simple "not found", it means
"something is actively broken". I have seen nameservers give that
response when you attempt to send a recursive query to a nameserver
configured to refuse connections or recursion. But it can also
originate from a broken authoritative server or a lame delegation.
> $ cat /etc/resolv.conf
> search hsd1.ma.comcast.net.
> nameserver 24.34.240.9
> nameserver 24.34.241.9
> nameserver 68.87.64.196
Those reverse to:
24.34.240.9 chlm2-pdns-tmp.chelmsfdrdc2.ma.boston.comcast.net.
24.34.241.9 chlm2-2dns-tmp.chelmsfdrdc2.ma.boston.comcast.net.
68.87.64.196 ns.inflow.pa.bo.comcast.net.
Note the "-tmp" in those first two names. Meanwhile, I have these, from DHCP:
68.87.71.226 cns.chelmsfdrdc2.ma.boston.comcast.net.
68.87.73.242 cns.manassaspr.va.dc02.comcast.net.
At a guess, it looks like you have stale entries in your resolv.conf file.
> I think they're managed via DHCP.
You might want to make sure of that. :-)
Of course, as others suggested, setting up your own local,
full-service, recursive resolver is probably a good idea, too.
-- Ben
More information about the gnhlug-discuss
mailing list