[ale] news.google.com affecting BIND and Drupal?
Lightner, Jeff
JLightner at water.com
Tue May 24 15:37:13 EDT 2011
Drupal is using news.google.com to get its content so is doing a lookup of news.google.com which is a CNAME to news.l.google.com.
This started with us having issues with our Drupal site getting errors intermittently:
"The feed from Boil Water seems to be broken, because of error -111 Connection refused."
The Boil Water feed is basically just Drupal going to news.water.com to find information about governmental authorities issuing boil water alerts.
Since this is coming out of a server in our DMZ we had opened the firewall for specific IPs (it won't do it by name - only by IP) so our theory is it is using different IPs to get to news.google.com due to the difference in what the two DNS servers were reporting.. (Apparently they saw the IPs change some time back as well but I wasn't notified of that until after the fact when I created the Nagios monitor that let me know we were seeing the above error starting yesterday.
I understand the idea of localization - what I don't understand is why it would be treating our two servers on the same internal subnet NATted to the same external subnet as each other as if they were in different locations which is why I asked my question.
Alternatively - does anyone know of any "static" set of IPs Google uses for the equivalent of news.google.com so it doesn't change based on which server does the name resolution?
-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of David Tomaschik
Sent: Tuesday, May 24, 2011 3:20 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] news.google.com affecting BIND and Drupal?
news.l.google.com implements DNS round robin plus some sort of
localization feature (I'm not sure what, but it always gives results
in the same /24 to a single query.)
I don't see anything significantly different in your queries. (And,
to be honest, I'm not sure how Drupal factors in at all.)
David
On Tue, May 24, 2011 at 2:53 PM, Lightner, Jeff <JLightner at water.com> wrote:
> Is anyone else seeing odd results with news.google.com using Drupal?
>
>
>
> My BIND 9 master and slave are getting different results. If I go out to
> other sites such as Kloth.net or iptools.com they also get different results
> from each other and different from what my master and slave are reporting.
>
>
>
> I'm running BIND 9.3 (The RedHat version that has backported patches and
> enhancements from later BIND versions in it so please don't tell me to use a
> newer version.)
>
>
>
> On doing some research I found that Google has made a couple of changes in
> the past week or so affecting their news stuff. The one that seems like
> it might explain why Kloth.net, iptools.com and my server get different
> answers is the May 13th introduction of "news near you" discussed in this
> article:
>
> http://www.pcmag.com/article2/0,2817,2385369,00.asp
>
>
>
> That is aimed at mobile devices but I could see how they might also try to
> make it work with static sites. However it wouldn't explain why both my
> servers coming from the same location would get different results. I'm
> thinking maybe there is something else obvious I'm missing.
>
>
>
> I am not caching on these servers and have bounced named on both but it
> didn't help.
>
>
>
> Does anyone have any ideas? Other than the fact that they're master and
> slave with different IPs and setup to talk to each other the named.conf on
> both hosts is the same. They both have the same OS and same hardware.
> Also we have some Windows DNS servers in house and they seem to be giving
> the same results as my slave so the master appears to be the odd man out.
>
>
>
> When I run "dig news.google.com" from my BIND 9 master I'm getting:
>
> ; <<>> DiG 9.3.4-P1 <<>> news.google.com
>
> ;; global options: printcmd
>
> ;; Got answer:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46508
>
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 2
>
>
>
> ;; QUESTION SECTION:
>
> ;news.google.com. IN A
>
>
>
> ;; ANSWER SECTION:
>
> news.google.com. 603615 IN CNAME news.l.google.com.
>
> news.l.google.com. 300 IN A 72.14.209.99
>
> news.l.google.com. 300 IN A 72.14.209.104
>
>
>
> ;; AUTHORITY SECTION:
>
> google.com. 170523 IN NS ns1.google.com.
>
> google.com. 170523 IN NS ns2.google.com.
>
> google.com. 170523 IN NS ns3.google.com.
>
> google.com. 170523 IN NS ns4.google.com.
>
>
>
> ;; ADDITIONAL SECTION:
>
> ns3.google.com. 344424 IN A 216.239.36.10
>
> ns4.google.com. 343339 IN A 216.239.38.10
>
>
>
> ;; Query time: 6 msec
>
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
>
> ;; WHEN: Tue May 24 14:17:14 2011
>
> ;; MSG SIZE rcvd: 190
>
>
>
> Yet on my slave I get:
>
> ; <<>> DiG 9.3.4-P1 <<>> news.google.com
>
> ;; global options: printcmd
>
> ;; Got answer:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30872
>
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 4, ADDITIONAL: 0
>
>
>
> ;; QUESTION SECTION:
>
> ;news.google.com. IN A
>
>
>
> ;; ANSWER SECTION:
>
> news.google.com. 603986 IN CNAME news.l.google.com.
>
> news.l.google.com. 300 IN A 74.125.65.99
>
> news.l.google.com. 300 IN A 74.125.65.103
>
> news.l.google.com. 300 IN A 74.125.65.104
>
> news.l.google.com. 300 IN A 74.125.65.105
>
> news.l.google.com. 300 IN A 74.125.65.106
>
> news.l.google.com. 300 IN A 74.125.65.147
>
>
>
> ;; AUTHORITY SECTION:
>
> google.com. 171986 IN NS ns4.google.com.
>
> google.com. 171986 IN NS ns1.google.com.
>
> google.com. 171986 IN NS ns2.google.com.
>
> google.com. 171986 IN NS ns3.google.com.
>
>
>
> ;; Query time: 5 msec
>
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
>
> ;; WHEN: Tue May 24 14:18:03 2011
>
> ;; MSG SIZE rcvd: 222
>
>
>
>
>
> P.S. If you're on the BIND mailing list sorry for the cross-post.
>
>
> Proud partner. Susan G. Komen for the Cure.
>
> Please consider our environment before printing this e-mail or attachments.
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential
> information and is for the sole use of the intended recipient(s). If you are
> not the intended recipient, any disclosure, copying, distribution, or use of
> the contents of this information is prohibited and may be unlawful. If you
> have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error, and
> delete it. Thank you.
> ----------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
--
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com
_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Proud partner. Susan G. Komen for the Cure.
Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------
More information about the Ale
mailing list