[AusNOG] Brisbane Telstra DNS issues
Sean K. Finn
sean.finn at ozservers.com.au
Thu Jun 13 10:05:11 EST 2013
>From what I can tell it's not *100%* Telstra related, but is happening at 'Certain?' Ingress/Egress points to another carrier.
If I had to hazard a guess, with a very high number of DNS/UDP based attacks going on at the moment, I'd say UDP was being blocked at Egress/ingress at Telstra's Edge by a 'security' device that is misclassifying UDP/DNS.
Given that their own DNS servers rely on UDP to do recursive lookups, then the traffic to/from Tesltras own DNS servers to the root nameservers, as well as any clients traversing the same egress point in the network, are having their DNS requests stripped.
It also explains why SOME lookups work SOME of the time from Some Telstra nameservers, but then traffic to other nameservers across a different, effected, egress point, don't work.
Again, this is me reading what's going on from the outside.
You can confirm it with some traces to see who is working / who isn't working.
-Sean.
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Jason Bailey
Sent: Wednesday, June 12, 2013 8:09 PM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Brisbane Telstra DNS issues
This issue is ongoing in WA. DNS lookups to both Telstra and non-Telstra servers are failing more than 50% of the time.
On Wed, Jun 12, 2013 at 5:03 PM, Tim Butler <tim at conetix.com.au<mailto:tim at conetix.com.au>> wrote:
It was a nightmare for support staff today (80% of calls were related to the Telstra DNS failure).
Despite being such a major fault, Telstra didn't see it fit to put any details on their status page (servicestatus.bigpond.com<http://servicestatus.bigpond.com> / servicestatus.telstra.com<http://servicestatus.telstra.com>).
We referred clients with DNS issues back to Telstra, only for their call centre staff to tell them there's no fault and the problem exists elsewhere. Obviously for those without technical knowledge simply thought both parties were playing the blame game.
No acknowledgment of the fault mean there was no ability to provide a resolution and meant major disruptions for many people.
I would love to know what their status pages are for if it's not for tracking faults.
Thanks,
Tim.
On 12/06/13 6:46 PM, Sean K. Finn wrote:
Just a follow up.
A big thanks to the Team.Telstra Lurker on list that contacted me, im not sure that they want to be named.
Issue is confirmed resolved.
Sean.
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Sean K. Finn
Sent: Wednesday, June 12, 2013 11:20 AM
To: 'Parth Shukla'
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>; Shayne
Subject: Re: [AusNOG] Brisbane Telstra DNS issues
Unknown.
It's just started working again on my test connection. (Spooky)
Can anyone else who was seeing the issue let me know if resolved?
S.
From: Parth Shukla [mailto:pparth at pparth.net]
Sent: Wednesday, June 12, 2013 11:18 AM
To: Sean K. Finn
Cc: Pete Brown; ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>; Shayne
Subject: Re: [AusNOG] Brisbane Telstra DNS issues
Is this happening because they are testing to see how they can "reduce" torrent traffic?
Regards,
Parth
On Wed, Jun 12, 2013 at 11:15 AM, Sean K. Finn <sean.finn at ozservers.com.au<mailto:sean.finn at ozservers.com.au>> wrote:
I've had more information come in from customers.
It looks like all UDP is being blocked at this stage. VOIP Circuits across a Telstra connection connect but theres no UDP Payload data coming through.
Might be isolated to an exchange.
S.
From: Pete Brown [mailto:rendhalver at gmail.com<mailto:rendhalver at gmail.com>]
Sent: Wednesday, June 12, 2013 11:13 AM
To: Sean K. Finn
Cc: Shayne; ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Brisbane Telstra DNS issues
That dns server is working fine from Telstra fttp in South Brisbane.
I am also not seeing DNS issues here.
Though we only use the telstra dns servers as forwarders.
On 12 June 2013 11:03, Sean K. Finn <sean.finn at ozservers.com.au<mailto:sean.finn at ozservers.com.au>> wrote:
3G and Dongles are working fine.
We've had at least 20 customer calls about it, plus I've confirmed with an inner-city BNE Business-Grade ADSL Connection.
Whirlpool is having a whine too:
http://forums.whirlpool.net.au/forum-replies.cfm?t=2112811
DNS Server that wont work from an ADSL Connection is 139.130.4.4 (That's the Telstra supplied one) But I can't get any manual UDP Queries out that link to any other nameserver either.
They just don't show up at the other end in a TCPDUMP.
S.
From: Shayne [mailto:shayne.mcc at gmail.com<mailto:shayne.mcc at gmail.com>]
Sent: Wednesday, June 12, 2013 10:56 AM
To: Sean K. Finn
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Brisbane Telstra DNS issues
working fine for me although over adsl and 3G
On 12/06/2013 10:50 AM, "Sean K. Finn" <sean.finn at ozservers.com.au<mailto:sean.finn at ozservers.com.au>> wrote:
Hi is anyone else experiencing Telstra DNS issues in Brisbane?
It appears as though someone at Telstra has blocked all UDP-Port53 requests from any Telstra connection in Brisbane.
Not only can't I resolve using Telstra's Brisbane DNS, I can't resolve any other nameservers when using a Telstra ADSL Connection here in Sunny Brisvegas.
This issue appears to be Widespread.
If someone from Telstra is Lurking, please unblock UDP port 53 as it's kind of essential for Internets to work.
Sean.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130613/93df775c/attachment.html>
More information about the AusNOG
mailing list