Your IP:

Our Forums Have Moved!

Visit our new forums at https://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
  1.  permalink
    We are experiencing something VERY odd, and would love some thoughts from the community.. The webpage: http://wiredsuccess.com/avm/takethecvi-impactmovie/ Is built on Wordpress and has an iFrame pointing here: http://members.taylorprotocols.com/Tools/CVIGift_WiredSuccess.aspx?GiftHash=d4721909-e3ac-102f-b8c1-f1940f8d9956

    when they client who uses OpenDNS inside their network, goes to the page, the page loads, but the iframe spits out an error.. IF they go to the iframe URL only it works..

    VERY odd.. any ideas???

    Chris
  2.  permalink
    Should we have to ask what the error message is?
  3.  permalink
    sorry!!


    Hmm, members.taylorprotocols.com isn't loading right now.

    The computers that run members.taylorprotocols.com are having some trouble. Usually this is just a temporary problem, so you might want to try again in a few minutes.

    Want more detail? See which nameservers are failing.



    Clicking on the link I Got:

    Nameserver trace for members.taylorprotocols.com:

    · Looking for who is responsible for root zone and followed g.root-servers.net.
    · Looking for who is responsible for com and followed m.gtld-servers.net.
    · Looking for who is responsible for taylorprotocols.com and followed ns1.dedicatednet.com.
    Nameservers for members.taylorprotocols.com:

    · ns1.dedicatednet.com
    · ns2.dedicatednet.com returned (SERVFAIL)
    • CommentAuthorrotblitz
    • CommentTimeMay 4th 2012
     permalink
    I can't reproduce it. For me it works perfectly.
    Also CacheCheck shows the same valid result 66.199.186.173 for all locations.
    Also ns2.dedicatednet.com answers correctly.

    "when they client who uses OpenDNS inside their network"

    If I understood what this means, I could think this is a possible problem.
    Thankful People: chrisbehnke
  4.  permalink
    Our client is a small company that uses OpenDNS for filtering in their own local network. Their environment is the only place that we have been able to duplicate the problem. If they change the DNS settings of their local workstation to 4.2.2.1 or some other server it works fine...

    Thanks!!

    Chris
    • CommentAuthorrotblitz
    • CommentTimeMay 4th 2012
     permalink
    I see now. So the idea would be to execute the following command when it doesn't work:
    nslookup members.taylorprotocols.com.

    As it apparently occurs in a HTML frame, the issue can also be pure browser related. What browser is being used there?
  5.  permalink
    The Seattle server seems to take a while to resolve the address if I look in Cache Check, and also takes a while when refreshing the cache, so there is some latency with SEA getting the records from the authoritative NS or something. It does not seem slow at all checking some other domain names.
    https://www.opendns.com/support/cache/

    The IP address is 66.199.186.173, which, if when added to the hosts file of the affected computer causes the error to be resolved, you can put this down to some issue with OpenDNS or the upstream NS.

    SEA did undergo maintenance on 29 April http://system.opendns.com/ , but is completed.
    • CommentAuthorrhino14
    • CommentTimeMay 7th 2012
     permalink
    Chris,

    Did you check the Guid?
  6.  permalink
    We are still having the problem... This is a critical issue for us so any help is greatly appreciated!! I actually shot a little jing movie to show you what happens..

    please have a look here: https://vimeo.com/41685633

    really appreciate any help!

    Thanks!

    Chris
    • CommentAuthorrotblitz
    • CommentTimeMay 7th 2012
     permalink
    This is interesting. As you don't get this issue when configuring OpenDNS or another external DNS service on the computer, but you have problems when using the router with OpenDNS (or possibly another 3rd party DNS service), it looks as if you have a lousy router, and this may not be related to OpenDNS. Some routers are bad DNS servers/forwarders...
  7.  permalink
    rotbilitz I wish that were the case... I have confirmed this issue on 3 separate networks, it has nothing to do with the router... the DHCP on my router is configured to use OpenDNS Home http://www.opendns.com/home-solutions/parental-controls/...

    this is also happening on two business both using OpenDNS Enterprise... It has NOTHING to do with the router...

    Chris
  8.  permalink
    If this is happening to businesses using the Enterprise offering, contact the OpenDNS rep for those accounts. You are paying for premium support.
    Thankful People: zelus
    • CommentAuthorrotblitz
    • CommentTimeMay 7th 2012
     permalink
    If you prefer to continue here, you would have to post the following information (if possible as plain text).

    1. Configure the computer with OpenDNS, and post the output of the following commands:
    dig +noall +answer which.opendns.com txt
    dig members.taylorprotocols.com

    2. Then configure your computer to use the router for DNS, and post the same.

    3. Then configure your computer with any other DNS service, and post the same again.
  9.  permalink
    Chriss-MacBook-Air:~ Chris$ dig +noall +answer which.opendns.com txt
    which.opendns.com. 0 IN TXT "4.sea"
    Chriss-MacBook-Air:~ Chris$ dig members.taylorprotocols.com

    ; <<>> DiG 9.7.3-P3 <<>> members.taylorprotocols.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24073
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;members.taylorprotocols.com. IN A

    ;; ANSWER SECTION:
    members.taylorprotocols.com. 0 IN A 67.215.66.132

    ;; Query time: 1039 msec
    ;; SERVER: 208.67.222.222#53(208.67.222.222)
    ;; WHEN: Mon May 7 12:56:46 2012
    ;; MSG SIZE rcvd: 61

    __________________________________________________________________________________________

    Chriss-MacBook-Air:~ Chris$ dig +noall +answer which.opendns.com txt
    which.opendns.com. 0 IN TXT "I am not an OpenDNS resolver."
    Chriss-MacBook-Air:~ Chris$ dig members.taylorprotocols.com

    ; <<>> DiG 9.7.3-P3 <<>> members.taylorprotocols.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42288
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;members.taylorprotocols.com. IN A

    ;; ANSWER SECTION:
    members.taylorprotocols.com. 85780 IN A 66.199.186.173

    ;; Query time: 1 msec
    ;; SERVER: 10.1.10.1#53(10.1.10.1)
    ;; WHEN: Mon May 7 12:57:33 2012
    ;; MSG SIZE rcvd: 61

    __________________________________________________________________________________________

    Chriss-MacBook-Air:~ Chris$ dig +noall +answer which.opendns.com txt
    which.opendns.com. 0 IN TXT "I am not an OpenDNS resolver."
    Chriss-MacBook-Air:~ Chris$ dig members.taylorprotocols.com

    ; <<>> DiG 9.7.3-P3 <<>> members.taylorprotocols.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33912
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

    ;; QUESTION SECTION:
    ;members.taylorprotocols.com. IN A

    ;; ANSWER SECTION:
    members.taylorprotocols.com. 27311 IN A 66.199.186.173

    ;; Query time: 31 msec
    ;; SERVER: 4.2.2.1#53(4.2.2.1)
    ;; WHEN: Mon May 7 12:59:18 2012
    ;; MSG SIZE rcvd: 61
    • CommentAuthorrotblitz
    • CommentTimeMay 7th 2012
     permalink
    Well, your router or DNS server at 10.1.10.1 does not use OpenDNS, i.e. is not configured to use OpenDNS, but is using another DNS service.

    Further, if using OpenDNS, you're using the OpenDNS Seattle location. Is this close enough to you?

    And if you configured OpenDNS on the computer (1st series), your DNS lookup took more than one second, and OpenDNS was not able to resolve it, but returned the IP address of hit-servfail.opendns.com. This is exactly correspondent to what you have observed with the browser.

    I would like to second @maintenance, recommending to use the support coming with enterprise.
  10.  permalink
    Is there a better way to get support? This is very upsetting, we feel almost held hostage by the OpenDNS servers not having the correct information. They return 67.215.66.132 which is NOT correct the correct address is 66.199.186.173 which EVERYONE else has... what is the best way for me to get the OpenDNS numbers corrected...

    any real help is greatly appreciated...
  11.  permalink
    ok, when I have my DNS set to the Open DNS settings it returns the incorrect address... when I have it set to ANY other DNS server it returns the correct address... This isn't about me needing to get support, this is about OpenDNS offering bad addresses...

    who can I call that actually knows what they are doing? is there a support line??
    • CommentAuthorrotblitz
    • CommentTimeMay 7th 2012
     permalink
    No idea, you got Enterprise, not me. I'm a user, not like you, but a home user "only".

    And as said, for me it works perfectly. I cannot reproduce your observations here, so cannot confirm that OpenDNS returns bad or wrong information.
  12.  permalink
    "is there a support line?? "

    Whoever is in charge of the OpenDNS accounts has contact information for specific representatives of OpenDNS for support. It doesn't get much better than that. If you don't have this information, then the proper persons in charge should be contacting OpenDNS, either for resolution of a problem or to delegate authority to you to act as their representative.

    "This isn't about me needing to get support, this is about OpenDNS offering bad addresses..."

    Again, this is not a bad IP address, this is what OpenDNS returns for NXDOMAIN. Which means that OpenDNS is not getting an A record from the domains authoritative NS. OpenDNS can, of course, still look into the situation if you contact them. (Also note that Enterprise users can opt to receive the standard NXDOMAIN response.)

    https://www.opendns.com/support/cache/ Still shows SEA responding with a bit of latency for this domain name.

    Here are some test results which might interest you
    http://dnscheck.iis.se/?time=1336425792&id=2327695&view=advanced&test=standard

    Delegation

    *

    Begin testing delegation for members.taylorprotocols.com.
    *

    Domain members.taylorprotocols.com/IN does not exist.
    *

    Failed to find parent of members.taylorprotocols.com/IN.
    *

    Delegation not found at parent.

    Which fits nicely with what you had posted previously:
    · ns2.dedicatednet.com returned (SERVFAIL)

    The Seattle resolver (SEA) is apparently served by this problematic nameserver. So, you should probably be talking to the domain name hosting company if you are a representative of Taylor.

    More problems and information:
    http://www.intodns.com/taylorprotocols.com

    *I could use the nameservers listed below to performe recursive queries. It may be that I am wrong but the chances of that are low. You should not have nameservers that allow recursive queries as this will allow almost anyone to use your nameservers and can cause problems. Problem record(s) are:
    66.199.186.21
    66.199.186.11

    *FAIL: The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers (see RFC2181 5.4.1). You need to make sure that these nameservers are working.If they are not working ok, you may have problems!
    ns3.dedicatednet.com

    *WARNING: Not all of your nameservers are in different subnets

    *WARNING: Single point of failure

    So perhaps you needn't bother contacting the OpenDNS reps assigned to your clients at all...
    Thankful People: zelus

This discussion has been inactive for longer than 30 days, and is thus closed.