if anyone here has any contact with any NTL bods in charge of networks, can you please explain to them that the reason for having TWO ( or more ) DNS available is so that if the first one fails, the second is still available....

how come NTLs seem to fail together? are they connected to the same cable segment or something? wouldnt it make sense for them to be phisically seperate ( perhaps different ends of the country? )
or am i missing something?

This was a bigger outage than NTL all ISPs had outage last night. it was all discussed

here (http://www.forum.nthellworld.co.uk/showthread.php?p=86984#post86984)

if anyone here has any contact with any NTL bods in charge of networks, can you please explain to them that the reason for having TWO ( or more ) DNS available is so that if the first one fails, the second is still available....

how come NTLs seem to fail together? are they connected to the same cable segment or something? wouldnt it make sense for them to be phisically seperate ( perhaps different ends of the country? )
or am i missing something?

The two main DNS clusters are physically seperate (they are in different towns) and on completely different network segments.

if all dns's were affected, how come i had an uninterupted nights browsing using different DNS?

ok, i will take your word that they are seperate then, still seems like they go down together quite a bit though...

Look how quick NTL were to shift blame
http://www.theregister.co.uk/content/6/34204.html
damaged undersea transatlantic cable is being blamed for causing havoc for Net and phone users in the UK last night

while NTL blamed the cable problem for downing its Net service - including web browsing, email, ftp and newsgroups - for around eight hours.

but Telewest confirmed that its customers also experienced difficulties accessing email and personal webspace for around four hours
Mmmmmm ;)

Look how quick NTL were to shift blame
http://www.theregister.co.uk/content/6/34204.html



but
Mmmmmm ;)
Maybe NTL's DNS are actually France's:rofl:

Maybe NTL's DNS are actually France's:rofl:


well i wonder if NTL will refund us!!

I bet fu**ing not!! :afire: :afire: :afire: :afire: :afire:

then again it 'aint' their fault they only have 1 way out of the UK!!! if it wasnt a DNS issue in the 1st place

well i wonder if NTL will refund us!!

I bet fu**ing not!! :afire: :afire: :afire: :afire: :afire:

then again it 'aint' their fault they only have 1 way out of the UK!!! if it wasnt a DNS issue in the 1st place
Well the 1 day in a month would amount to about 50p-£1 depending on your package, also DNS is probably only 5 percent of the service cost they probably owe 2p
(that is how ntl would argue it :p )

well i wonder if NTL will refund us!!

I bet fu**ing not!! :afire: :afire: :afire: :afire: :afire:

then again it 'aint' their fault they only have 1 way out of the UK!!! if it wasnt a DNS issue in the 1st place
Why would they ?. As far as I can see, none of the ISP's will refund you for a failure beyond their control.

If NTL/BT/Freeserve etc only had one way out of the UK you wouldn't have any service now since the cable is still damaged.

The DNS problems were just a symptom, not a cause.

The DNS problems were just a symptom, not a cause.

I don't think they were a symptom, I was able to point at non-ntl DNS and browse US sites without issue.

I don't think they were a symptom, I was able to point at non-ntl DNS and browse US sites without issue.
same here...

apart from anything, the ONLY thing a transatlantic cable break should affect is transatlantic traffic, apart from some odities with peering agreements whereby UK bound traffic goes via the US first...

I don't think they were a symptom, I was able to point at non-ntl DNS and browse US sites without issue.

Me too, as soon as I realised it was a DNS issue, I manually entered the addresses I use when at work and bang - all services return without problem.

I find it a little odd that an undersea cable problem near France should kncok out the NTL DNS servers completely, surely we should have just had a reduced service? Or am I misunderstanding the technology used?

Kind regards,
Cyril666
:D

Hello by the way, I've moved from .com - actually it seems I was evicted :rolleyes: along with all other residents...

Me too, as soon as I realised it was a DNS issue, I manually entered the addresses I use when at work and bang - all services return without problem.
Last night's problems have me confused:

1. I don't use NTL's DNS servers. The only time an NTL DNS should affect me is when one of their web proxies looks up a name.

2. Browsing was next to non-existent last night. But access to my 3rd party email provider (via non-NTL DNS lookup) was fine. I tried switching to different NTL web proxies, and also leaving it up to the local transparent proxies, all to no avail.

3. As soon as I switched to a 3rd party web proxy (a BT Openworld one, as it happens), browsing came back to life.

All the above would seem to suggest it was mainly an NTL DNS issue affecting their web proxies.

And yet, I was unable to ping many sites by explicit IP address (which shouldn't involve any DNS lookups). This suggests some sort of routing problem. Most of the unavailable sites were in the UK, so I don't see how a transatlantic link could be responsible. Access seemed to come and go at random. Maybe the inability to access by IP address was a side-effect of the transatlantic failure putting additional strain on intra-UK links?

If anyone can give a rational explanation for last night's outage that actually fits the symptoms, I'd be most interested.

try here (http://www.web-user.co.uk/news/news.php?id=47245)

Seems there was some sort of attack on zonealarm aswell.

Last night's problems have me confused:

1. I don't use NTL's DNS servers. The only time an NTL DNS should affect me is when one of their web proxies looks up a name.


you will use NTLs DNS every time your browser needs to lookup a domain address ( assuming of course you are connected via ntl and havent overriden the dns settings )

it may well be that the url is passed 'as is' to the proxy so no DNS is required, but i am not sure if that is the case with transparent proxies ( where the browser is not aware of the proxies existence and send the request as if the proxy wasnt there, but the proxy intercepts it )

Is the browsing back to normal on the normal DNS?

try here (http://www.web-user.co.uk/news/news.php?id=47245)

Seems there was some sort of attack on zonealarm aswell.

that suggests a DoS on some DNS servers, targetting the zone labs domain...interesting

seems that we may have a case of lots of **** hitting the fan at the same time...

unless of course the cable break turns out to be sabotage as well...

if all dns's were affected, how come i had an uninterupted nights browsing using different DNS?
Quite .. had it not been for DNS lookups failing I'd not have known there was a problem.

If it adds anything useful to the discussion, I had slooooow browsing (rapidly decaying into non-existent) until I switched off the NTL proxy specified in my settings. I have been using two non-ntl specified DNS for some weeks and I did nothing to alter those. Simple switching off my specified proxy returned me to speedy browsing.

try here (http://www.web-user.co.uk/news/news.php?id=47245)

Seems there was some sort of attack on zonealarm aswell.
Why would attacks on zone alarm causes these problems? :shrug:

Unless there are so mny attacks they are clogging up the link:confused:

you will use NTLs DNS every time your browser needs to lookup a domain address ( assuming of course you are connected via ntl and havent overriden the dns settings )
I obviously didn't make myself clear. When I stated "I don't use NTL's DNS servers. The only time an NTL DNS should affect me is when one of their web proxies looks up a name", I was trying to point out that my DNS settings are explicitly set to non-NTL ones. I *HAVE* overridden the NTL DNS settings. So, when my browser (or any other application) looks up a name, it will go to the non-NTL DNS servers (and jolly reliable they are, too).

It's only when the browser makes a request on port 80 and NTL's tranparent proxy intercepts it that the trouble begins. The NTL web proxy appears to make a reverse-DNS lookup on the IP address, and of course it will use NTL's (sometimes non-functioning) DNS servers. There is nothing I can do to prevent this, other than to explicitly set up a non-NTL web proxy that runs on a port other than 80. And when I did so late last night (using a BT Openworld proxy that had been left open to non-BT users - probably inadvertantly), browsing sprang back to life.

Or maybe I've completely misunderstood how NTL's proxies work. I am only concluding that they do a reverse-DNS lookup based on the symptoms. It's possible that it was coincidence that everything started working at the same time I switched to the non-NTL proxy. What I'd really like to find out is exactly how NTL's proxies are set up.

ah, ok, sorry cliveb, my mistake, i understand what you are getting at now..
what you said about reverse dns lookups would seem to fit with what towny said

Why would attacks on zone alarm causes these problems? :shrug:

Unless there are so mny attacks they are clogging up the link:confused:

because they arent attacks on zonealarm as such, they are attacks on DNS servers targeted at the lookup for www.zonealarm.com ( or that was my understanding )
essentially loads of requests to lookup the ip of www.zonealarm.com ( well thats one way of looking at it )

the side effect is that all dns lookups are slow or fail ( cos the dns server is getting so many hits )

*edit actually, thats ********, I missread the article*

Or maybe I've completely misunderstood how NTL's proxies work. I am only concluding that they do a reverse-DNS lookup based on the symptoms. It's possible that it was coincidence that everything started working at the same time I switched to the non-NTL proxy. What I'd really like to find out is exactly how NTL's proxies are set up.
Nothing is a simple as it first looks;

The Proxy servers don't do reverse lookups, very little would work if they relied on that system as a large number of website IP's don't have a reverse lookup available (non of mine do). Many websites share an IP as well.

When you request a page, your pc does a DNS lookup and sends the request to the identified IP. The proxy intercepts this request [on port 80] and checks the http headers for the host & page you requested. If it can supply this from its cache then it will, otherwise it will request the page itself to then pass it onto you. This will involve it doing a DNS lookup using the DNS servers it is set to use (which would presumably be NTL's).

If NTL's DNS is broken and you are using your own, you will be able to request & browse pages that the proxy has cached. If the proxy does not have them cached then it would not be able to request them for you because of its lack of DNS. You would not be able to access those pages.

However, if NTL's DNS were ok, but links to the US were down, you could still have a problem, even for web sites hosted in the UK (even with .co.uk domain names) if the domains master name servers are based in the US (like someone using zoneedit or register.com).

This is becuase if the entry for www.yourdomain.co.uk (http://www.yourdomain.co.uk/) has expired from the local DNS servers cache then it has to be looked up again from the master name server [in the US]. If this cannot be done due to a link failure then you would not be able to access the site, you would get a DNS lookup failure even though the site is fine, uk based and NTL's DNS servers are fine.

A domains DNS record could also have expired on NTL's DNS servers but not the DNS servers you are using which would make the situation look even more strange (http to the site could fail, but https/ftp etc would work).

This will have been some of the problems last night, making DNS look broken, and some sites apparently working [for some people] and others not - the failed link was still the root of the problem.

blimey one night of no net access and a cry for refund
get a life i am a net addict but even i managed to find something else to do :p :naughty:

When you request a page, your pc does a DNS lookup and sends the request to the identified IP. The proxy intercepts this request [on port 80] and checks the http headers for the host & page you requested. If it can supply this from its cache then it will, otherwise it will request the page itself to then pass it onto you. This will involve it doing a DNS lookup using the DNS servers it is set to use (which would presumably be NTL's).
Let me make sure I've got this right....

When my browser is set up without an explicit proxy and I request, say, "www.bbc.co.uk", it is my understanding that my browser does a DNS lookup on that name and receives an IP address in reply. Then my browser attempts to connect to that IP address on port 80, at which point NTL's transparent proxy intercepts it. Now, at this stage, all the connections are being done at the IP address level, so why does the proxy have to do a DNS lookup?

You say that the proxy checks the http headers: am I to understand that in those headers will be the host name "www.bbc.co.uk", and it is this which causes the proxy to do a DNS lookup (if the page is not in its cache)? Seems a bit strange: why not just use the IP address in the original request that was intercepted, thus saving an unnecessary DNS lookup? (It would be a bit ironic if the answer is because NTL don't trust others' DNS servers :-)

http://212.250.5.117/lookup/default.asp

DNS - affecting all internet packages (RESOLVED)

so are we now to take it that there WAS a problem with NTLs own DNS servers, and it WASNT the fact that there was a transatlantic cable break?
if so, my original comment stands, how did BOTH DNS ( primary and secondary ) fail together...


*edit, ah, maybe it is related to the "Planned Maintenance w/c 24/11/03"*

http://212.250.5.117/lookup/default.asp

DNS - affecting all internet packages (RESOLVED)

so are we now to take it that there WAS a problem with NTLs own DNS servers, and it WASNT the fact that there was a transatlantic cable break?
if so, my original comment stands, how did BOTH DNS ( primary and secondary ) fail together...


*edit, ah, maybe it is related to the "Planned Maintenance w/c 24/11/03"*
The cable outage line was changed from DNS issues to "major outage", which i presume means that it appeared to be a DNS problem - it certainly appeared that way to me - and then, when it became apparant that it wasn't, they changed the message on the telephone line, but obviously not on the server status page.

The cable outage line was changed from DNS issues to "major outage", which i presume means that it appeared to be a DNS problem - it certainly appeared that way to me - and then, when it became apparant that it wasn't, they changed the message on the telephone line, but obviously not on the server status page.

hmm, i still think there seems to be a tendency to blame this cable break for things that it wasnt to blame for... there WAS something f*cked up with NTLs DNS ( whether it was their fault or not ) as using a different set of DNS solved all the connection problems I was having...

hmm, i still think there seems to be a tendency to blame this cable break for things that it wasnt to blame for... there WAS something f*cked up with NTLs DNS ( whether it was their fault or not ) as using a different set of DNS solved all the connection problems I was having...
Same here, but I did have some problems getting armerican sites earlier that day (on a non-ntl connection)

Same here, but I did have some problems getting armerican sites earlier that day (on a non-ntl connection)

Also if you read the very long thread about what went on - other ISPs were having similar issues - including freeserve and BT .

personally - I think NTL saw it as a DNS issue (after all it would not be the first time ;) ) and did not update everything when they realised it was something bigger... I'm just glad it seems to be working at the moment. :smokin:

Also if you read the very long thread about what went on - other ISPs were having similar issues - including freeserve and BT .

personally - I think NTL saw it as a DNS issue (after all it would not be the first time ;) ) and did not update everything when they realised it was something bigger... I'm just glad it seems to be working at the moment. :smokin:
perhaps there were more issues here than we have been told about. Its possible ntl took their dns offline,as it appeared to be a dns issue - that would be why i couldn't ping the dns servers. when they went back online and ppl still couldn't connect they must have realised there was something else afoot

Well at the moment the only way I can get here is through Freeserve.

I don't know if the following comment is related to what is wrong with ntl's crappy caches and DNS, and maybe they are trying to sort it out now.


The reason NTL users are experiencing redirects to our website is because NTL's tranparent web caches are not resolving host names correctly. They are not following the chain of authority for the internet name space as defined by the root servers ultimately run by ICANN.
NTL has been aware of this for a number of months (when this last happened) and have still not fixed it.

Well at the moment the only way I can get here is through Freeserve.

I don't know if the following comment is related to what is wrong with ntl's crappy caches and DNS, and maybe they are trying to sort it out now.

well, I am currently logged in - using the NTL transparent cache, and NTL DNS, and having no problems :angel:

if anyone here has any contact with any NTL bods in charge of networks, can you please explain to them that the reason for having TWO ( or more ) DNS available is so that if the first one fails, the second is still available....

how come NTLs seem to fail together? are they connected to the same cable segment or something? wouldnt it make sense for them to be phisically seperate ( perhaps different ends of the country? )
or am i missing something?

An NTL spokeswoman told The Register that because of knock-on effects users still experienced problems when traffic was re-routed (see NTL status page here).

Put under extra pressure, NTL's DNS servers failed, she said. That meant users were unable to log onto Web sites using their host name, even though the sites were reachable to users who knew their IP address.

Email and other services were hosed for the same reason.

Yeah right-it was that cable that's been causing the ntl mail server problems for the last 8 or so months was it? :rolleyes:

http://www.theregister.co.uk/content/6/34242.html