Menu
▾
▴
Re: [Assp-test] DNSBL failures on good IPs
|
From: GrayHat <gr...@gm...> - 2008-11-10 15:48:39
|
>> timeouts; probably caused by congestion or connectivity issues >> the "browsing" isn't a good indication since there are many other >> factors involved (e.g. you may be using a proxy) I'd try monitoring >> the DNS servers for timeouts / packet loss; about the "resolution >> testing"; if you tell me which platform are you running ASSP on I >> may give you more detailed instruction to test the DNS resolution > Windows 2003 ok; ensure your DNS servers are performing selftests at regular intervals; also, ensure they aren't using "forwarders" if possible but just using "root hints" to carry out standard resolution; to ensure you've everything properly setup, have a look here http://support.microsoft.com/kb/323380 just ensure to skip the "forwarders" section (if possible) and setup your DNS so that it will use full recursion and root-hints w/o delegating the resolution process to external forwarders; also, ensure to have the EDNS0 support disabled (see http://support.microsoft.com/kb/828263) since in most cases it may cause slowdowns and/or packet "loss" once you'll have the above properly setup, keep an eye on your resolver and also on your firewall logs trying to spot any dropped DNS traffic and/or any DNS queries timeouts |
