[Freelance Traveller] July issue ready for download!

FreeTrav

FreeTrav

Cosmic Mongoose
The July 2015 issue of Freelance Traveller is ready for download!

This month's feature is Mark McCabe's "Variable Stars and Dwarfs: An Overview for Non-Astronomers", taking a quick look at the characteristics of dwarf stars and variable stars.

We also have our usual assortment of reviews, stories, house rules, adventures, and other articles for your reading pleasure!

Download it from the usual place:

Main site: http://www.freelancetraveller.com/magazine/

Perma-link to this issue: http://www.freelancetraveller.com/magazine/2015-07/
 
Since April, we've been seeing sporadic reports of people not able to resolve our site (and email bouncing). The only reason we can find that this might be happening is that Google (and Google Public DNS) has made a change in the way they handle resolving domains - first, they have implemented a DNSSEC requirement (not relevant wrt Freelance Traveller), and second, they have (together with the implementation of the DNSSEC requirement) apparently started adhering to a more rigorous interpretation of the DNS query specifications. As a result, many domains, hosted and self-hosted, have been having sporadic problems, and Google has not been forthcoming about what these domains and hosts need to do to meet the more rigorous standard.

If you use Google Public DNS as your DNS-of-choice for resolving, you will continue to see sporadic failures to resolve. If you use your own ISP's DNS servers, you may not (unless they use Google's). We are not aware of any problems where OpenDNS is used, nor when Level3's "public" DNS servers are used.

As I write this, Google is currently resolving freelancetraveller.com.

Yahoo!'s recent incoming-email changes are well known, and affect many non-Yahoo!-hosted lists. It appears, however, that Yahoo! may also rely in some way on Google's DNS, and as a result, mail sent from Yahoo! (or through Yahoo!'s servers from an ISP that outsources mail to Yahoo!) to a freelancetraveller.com email address may bounce with a failure to resolve the domain.

Note that if you are attempting to access Freelance Traveller from a workplace computer, and your organization uses WebSense to block certain sites/categories of sites, Freelance Traveller is listed by Websense in its filter category "Games", and will be blocked if that filter is active.

In order to further troubleshoot this ongoing problem - any failure to resolve, website or email - I'd appreciate reports being sent to freetrav@gmail.com. If you can, please include the DNS settings on your computer (for website failures); for email failures, please include the complete failure message.

Google Public DNS IP Addresses (These may sporadically fail to resolve us): 8.8.8.8, 8.8.4.4
Level3 "Public" DNS IP Addresses: 4.2.2.1, 4.2.2.2
OpenDNS Public DNS IP Addresses: 208.67.222.222, 208.67.220.220, 208.67.222.220, 208.67.220.222
 
So why does all this only affect your site though? Check that your bandwidth and hosting fees are being paid. GoDaddy says your URL is good for 3 more years.

ADDED:
barefruit.co.uk is as far as it goes.

8.8.8.8 always works. The Interweb is broken if it goes down.
 
ShawnDriscoll said:
So why does all this only affect your site though? Check that your bandwidth and hosting fees are being paid.
Click to expand...
It doesn't affect only my site, and I pay in advance for an entire year, with no bandwidth limits. If Google were more forthcoming about how to fix the problem, it'd be fixed; I've been going back and forth with my hosting provider about this - it's frustrating for them, too, as their site under their own domain name becomes inaccessible under the same circumstances. Many small hosting operations are affected, and some larger ones (I've seen reports that Dreamhost-hosted sites have the same sporadic problems, also BlueHost) as well - and it always seems to be when Google DNS is involved (I've never seen a report where OpenDNS was provably involved, nor when Level3's DNS is involved).

There's more info from an affected company's point of view at https://www.docmosis.com/company/blog/item/google-broken-dns-2015.html - but my host claims to have fixed the problems mentioned, and is still having problems with Google.
 
Ok. It's just a router issue then with your hosting site's IT guys. Those things happen with small-ish cloud firms. Hopefully they'll figure out what configuration it needs to at least have HTTP and FTP working again.

I can see a DNS block happening if a cloud cluster was virus driven. But such issues are easy to resolve.
 
ShawnDriscoll said:
Ok. It's just a router issue then with your hosting site's IT guys. Those things happen with small-ish cloud firms. Hopefully they'll figure out what configuration it needs to at least have HTTP and FTP working again.

I can see a DNS block happening if a cloud cluster was virus driven. But such issues are easy to resolve.
Click to expand...
It's not a cloud.io router issue. It's a DNS issue at Google. It's been known to be a DNS issue at Google since April, when all this crap started happening, right after Google started implementing the DNSSEC requirement. The Docmosis page I included in my previous post to this thread makes it clear that it's Google.

8.8.8.8 doesn't have to go down to "break the internet"; it only has to refuse to resolve a particular domain - which is what's happening. Somehow, the Level3 and OpenDNS servers don't seem to be having the problem, and since *I* stopped using Google's Public DNS, *I* haven't been having any problems accessing the site. Can't get clearer evidence than that that it's Google.

If Google's DNS is involved, directly or indirectly, there will be sporadic resolution problems. Right now, Google IS resolving - but that can change at any time.
 
Your site is either 92.242.140.2 or it isn't. If it's intermittent, the fault is in the hard/soft config at the site location. Hopefully other customers that have their stuff hosted there are screaming to get the network back on the Internet. I did a look at that IP address. It has a history of being tampered with by office guru types. Over-engineering of some kind with how it was setup. Or sub-par infrastructure.
 
ShawnDriscoll said:
Your site is either 92.242.140.2 or it isn't. If it's intermittent, the fault is in the hard/soft config at the site location. Hopefully other customers that have their stuff hosted there are screaming to get the network back on the Internet. I did a look at that IP address. It has a history of being tampered with by office guru types. Over-engineering of some kind with how it was setup. Or sub-par infrastructure.
Click to expand...
Your DNS is screwed up. That IP reverse-resolves to an unallocated address in barefruit.co.uk's netblock. I am hosted in/near Atlanta, GA, USA, by a company originally known as cyberwebhosting.net, later cwhn.co, now converting their branding to cloud.io. The authorized nameservers for freelancetraveller.com are ns1-beta.cwhn.co and ns2-beta.cwhn.co. (Sadly, ns1... is at the same IP as Freelance Traveller itself; ns2... is at an adjacent IP in the same /24, neither of which is a recommended configuration - but neither of which is inherently problematical as long as the links to the rest of the net are up.) If you are not getting 216.201.91.52 as the returned IP for freelancetraveller.com, there is a problem with your DNS service. Or your ISP's. Google is currently showing the correct IP. OpenDNS is currently showing the correct IP. Level3 is currently showing the correct IP. I am having no trouble accessing the site. isup.me (downforeveryoneorjustme.com) reports it's up (meaning that it's resolving to a pingable server). Other people have attempted to get to the site and succeeded without any problem.

When Google DNS fails to resolve, it returns NXDOMAIN rather than an invalid IP address. When I get a report of inaccessibility, that's the first thing I check. Intermittently, Google does return NXDOMAIN - but right now, it's returning the correct IP. That you're seeing it resolve to an incorrect address, rather than a complete failure to resolve (NXDOMAIN), suggests to me that your DNS provider - or your ISP's, or someone else up the resolve chain - hasn't implemented any sort of security against malicious record insertion (According to Wikipedia, the UK's Office of the Information Commissioner will not prosecute DNS spoofing/hijacking, even though doing so in the UK contravenes UK laws). I suggest you try setting your computer to use the OpenDNS server addresses I gave in an earlier message in this thread, and see if that resolves your problem accessing Freelance Traveller.
 
My own DNS server can't find it either...

Code: 
nslookup freelancetraveller.com
Server:		192.168.1.1
Address:	192.168.1.1#53

** server can't find freelancetraveller.com: SERVFAIL

Code: 
dig freelancetraveller.com

; <<>> DiG 9.9.5 <<>> freelancetraveller.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58975
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;freelancetraveller.com.		IN	A

;; Query time: 20 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Wed Jul 08 10:21:24 PDT 2015
;; MSG SIZE  rcvd: 51
 
AndrewW said:
My own DNS server can't find it either...

Code: 
nslookup freelancetraveller.com
Server:		192.168.1.1
Address:	192.168.1.1#53
That's your own ISP's DNS being hidden from you. My ISP does the same thing (although I don't get the failure to resolve; it resolves just fine for me). At the moment, your ISP's DNS seems to be getting bad data from somewhere; I suspect that there's an insecure DNS server somewhere in the chain of resolution your ISP is using, and either that server or the one beyond it has bad (probably spoofed/hijacked) data. Try setting your computer's DNS to use the OpenDNS servers I listed before, and I suspect your problem getting to Freelance Traveller will disappear.
Click to expand...
 
dragoner said:
Works fine for me, could it be a UK problem?
Click to expand...
That's what I suspected - a spoofed DNS somewhere key in the UK - and the Commissioner of Information doesn't prosecute it, either, according to Wikipedia - but I'm not sure that it's ONLY the UK that's affected (I wasn't sure that Shonner is in the UK; I have no clue where AndrewW is; I also think that CotI's "Aramais" reported having problems, and I know that he's in Alaska).
 
Huh. I'm on Evil Corp, uh Comcast, maybe it's their big move to crush all other ISP's and see them driven before them. Maybe something weird is going on with the internet? I am not having issues with my site, and it's hosted in Los Angeles afaik.

edit: Just used google to search for freelance traveller, and it came back perfectly fine. Curious problem.
 
dragoner said:
Huh. I'm on Evil Corp, uh Comcast, maybe it's their big move to crush all other ISP's and see them driven before them. Maybe something weird is going on with the internet? I am not having issues with my site, and it's hosted in Los Angeles afaik.

edit: Just used google to search for freelance traveller, and it came back perfectly fine. Curious problem.
Click to expand...
Curiouser than you think - I was listening to the local all-news AM radio station, and got these tidbits:

1. The New York Stock Exchange has halted trading since midmorning due to a computer problem of some sort.
2. United Airlines is grounded, because of a computer problem, and has been for several hours.
3. While it's back up now, The Wall Street Journal's website was offline for a while because of a computer problem of some sort.

Nobody is saying 'cyberattack' yet; currently, it's just coincidence. I'm beginning to wonder though; recall that once is an accident...
 
I googled dns resolving issues and just got a bunch of old articles, or maybe it is the great hack of 2015? We'll see.
 
FreeTrav said:
1. The New York Stock Exchange has halted trading since midmorning due to a computer problem of some sort.
2. United Airlines is grounded, because of a computer problem, and has been for several hours.
3. While it's back up now, The Wall Street Journal's website was offline for a while because of a computer problem of some sort.

Nobody is saying 'cyberattack' yet; currently, it's just coincidence. I'm beginning to wonder though; recall that once is an accident...
Click to expand...
Your site was down long before a router went bad in New York though. Two totally different trouble tickets. I'd check the router connection in London. I've had sites that were owned by a company at one location and the data was actually in another country. Canada does a lot of clouding for American web hosting sites, for example.

This kind of issue in London sounds like the typical "two routers connected to each other in a loop." Everything seemed fine until a DNS got VMed or physically moved to another rack.
 
ShawnDriscoll said:
FreeTrav said:
1. The New York Stock Exchange has halted trading since midmorning due to a computer problem of some sort.
2. United Airlines is grounded, because of a computer problem, and has been for several hours.
3. While it's back up now, The Wall Street Journal's website was offline for a while because of a computer problem of some sort.

Nobody is saying 'cyberattack' yet; currently, it's just coincidence. I'm beginning to wonder though; recall that once is an accident...
Click to expand...
Your site was down long before a router went bad in New York though.
Click to expand...
Oh, I'm not seriously suggesting that the above and my outage are related - and if there was a general problem in NYC, I'd be quite surprised to be NOT affected by it, as everything around here goes through NYC (I'm in the suburbs). The three items above probably were, in fact, unrelated computer glitches and not network-related.

I've done traceroutes to my host, though, and also used webtools to do the same from elsewhere. Those traces all go through Atlanta before hitting nonresponsive nodes. I suppose the nonresponsive nodes could then be relaying to anywhere else in the world, but somehow, I don't think so. And Atlanta was positioning itself as a new tech center a few years back. FWIW, their website (still at cwhn.co) says that their main data center is in Atlanta, and their backup in Dallas. Consumer protection in the US isn't exactly happy to discover that a company is lying to their customers, especially on topics that may well influence those customers' decisions to patronize a company. Doesn't mean it doesn't happen, but...

My theoretical money is still on DNS, though - if people were getting the right IP address but couldn't then connect (while others could), I'd look at routing, but what I'm hearing is that they're getting NXDOMAIN, or (in your case) a wrong IP address. That points very strongly at DNS. I'm not going to blame Google right now because they're resolving properly at the moment. But somewhere there's a DNS server that is Not Well, and it's in the chain of interrogation for you and Timothy Collinson, at the very least. That's why I've been suggesting bypassing local DNS servers, and going to OpenDNS. Level3 or Google (right now) would likely do as nicely. In any case, if you switch DNS servers, and it works, well...
 
I'm not getting any IP address now. So that means it's being looked at by someone. Probably someone is setting up the webserver again as if it's a new installed. Then it has to trickle to all the ISPs again for proper routing which takes about a day to happen.
 
ShawnDriscoll said:
I'm not getting any IP address now. So that means it's being looked at by someone. Probably someone is setting up the webserver again as if it's a new installed. Then it has to trickle to all the ISPs again for proper routing which takes about a day to happen.
Click to expand...
No, it's not the site - it's a DNS issue that is not under the control of cwhn or me. Yahoo! isn't seeing MX or A records, which is just wrong; I'm getting mail just fine - from other people, but via the freelancetraveller.com mail server (MX freelancetraveller.com - one of the suboptimal configurations when you're dealing with inexpensive small-company hosting). And I (and other people) are getting to the site just fine.

I will note that it's not just the UK that's having problems; I've had a report from New Zealand that there's a problem as well. And a maybe-problem from Alaska. And definite problems from Yahoo!, but Yahoo! has some corporate attitude problems when it comes to breaking the 'net.

Why do you keep insisting that the problem is at my end? It's not - it's DNS issues Somewhere Else. The registered nameservers are up and providing correct data; what appears to be happening is that someone, somewhere isn't doing a proper interrogation and getting the authoritative results.
 
You must log in or register to reply here.

Similar threads

FreeTrav
[Freelance Traveller] March/April 2025 Posted!
Replies
0
Views
207
FreeTrav
FreeTrav
FreeTrav
[Freelance Traveller] May/June 2025 Posted!
Replies
1
Views
331
phavoc
P
FreeTrav
[Freelance Traveller] January/February 2025 Posted for Download!
Replies
7
Views
590
FreeTrav
FreeTrav
FreeTrav
[Freelance Traveller] November/December 2024 Posted for Download!
Replies
1
Views
437
Jame Rowe
J
FreeTrav
[Freelance Traveller] July/August 2024 Posted for Download!
Replies
1
Views
855
ottarrus
ottarrus
Back
Top