網頁

2005年10月17日 星期一

DNS 爆炸的問題

看起來似乎找到兇手了。所以前面那篇似乎是錯怪我們偉大的微軟大哥了。本來以為是WindowsXP在討打,結果就算重灌了之後好像情況還是依然沒改善,動不動就會把 blog.cookys.org 指到舊的 ip 去然後爆炸,而且這個問題那位「色小外長輩」好像有跟我反應過,不過機八鴉卻說他都沒遇到,然後拼命嘲笑我說我家台子爆炸了,我猜應該是因為他用 Sharp Reader 來收 RSS 所以都沒感覺,唯一有感覺大概就是RSS噴汁的時候?

問題是出在之前申請的免費 DNS slave:PowerDNS ,今年二月多幫 cookys.org 掛上去的 dns 避免 ADSL 一掛就全部斷光的慘況。不過前一陣子PowerDNS說他們不幹了:

Dear cookys lin,

This message is to inform you of an important change concerning your
PowerDNS Express account.

PowerDNS Express currently provides free dns hosting for over 40.000 domains
worldwide, and this number is still increasing every day.
Unfortunately, we have been suffering from heavy abuse lately. Botnets,
spammers using our mailforwards and repeated DOS attacks have increased our
costs of running this service enormously.

We regret to inform you that, in order to keep providing you with high
quality DNS management, we are forced to stop all free services on PowerDNS
Express as of today.

As a result, your account needs to be upgraded.
Because we would really like to keep you as our customer, we've lowered the
prices of our paid services significantly! Have a look at
http://express.powerdns.com/cshop.php for our new prices.

Please login to your account first to purchase the appropriate packages
and/or remove any unused domains.
Starting October 15th, 2005 we will be disabling accounts that are over balance.

然後我只是沒注意理他,想說掛著那天想到再把他拿掉就好,反正應該沒差。就算那台機器不回依照 DNS 的機制反正還是會查的到。天曉得因為太相信這樣的機制所以就倒楣了。因為PowerDNS的 DNS 「還在線上」、而且「還會回應」,但是「不會更新」。剛剛發現的:

正常的 DNS:

[22:29-/var/log-] $ dig blog.cookys.org @dns.cookys.org

; <> DiG 9.3.0 <> blog.cookys.org @dns.cookys.org
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15828
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3

;; QUESTION SECTION:
;blog.cookys.org. IN A

;; ANSWER SECTION:
blog.cookys.org. 600 IN A 140.134.26.72

;; AUTHORITY SECTION:
cookys.org. 600 IN NS dns.hysh.tnc.edu.tw.
cookys.org. 600 IN NS dns.twku.net.
cookys.org. 600 IN NS dns.cookys.org.
cookys.org. 600 IN NS dns2.cookys.org.

;; ADDITIONAL SECTION:
dns.twku.net. 600 IN A 61.219.228.78
dns.cookys.org. 600 IN A 220.134.232.80
dns2.cookys.org. 600 IN A 140.134.27.100

;; Query time: 3 msec
;; SERVER: 220.134.232.80#53(dns.cookys.org)
;; WHEN: Sun Oct 16 22:29:56 2005
;; MSG SIZE rcvd: 193

跑去查 PowerDNS 的話:

[22:29-/var/log-] $ dig blog.cookys.org @dns-eu2.powerdns.net

; <> DiG 9.3.0 <> blog.cookys.org @dns-eu2.powerdns.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32436
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;blog.cookys.org. IN A

;; ANSWER SECTION:
blog.cookys.org. 600 IN A 210.59.67.2

;; Query time: 343 msec
;; SERVER: 212.72.55.217#53(dns-eu2.powerdns.net)
;; WHEN: Sun Oct 16 22:30:08 2005
;; MSG SIZE rcvd: 49

真是有夠歡樂啊!所以來去去爸爸PowerDNS拿掉之後就等他更新了吧,希望這樣就解決了-_-。