Zen Internet Support Forum

Well it's promising that things appear to be better. I'll have another look at the DNS things today. I've deliberately not been looking at them the past few days as I wanted to see what the feedback was before tweaking again. Instead I've been looking at other DNS tweakery (different servers) and doing a sanity check on our email platform - which I'm glad to say actually seems quite sane and coherent :-)

---

--
Jerry Nicholls
Principal Systems Engineer
perl -e '$_=q(print "perl -e \x27\$_=q($_);eval\x27\n");eval'

Jerry Nicholls:

Well it's promising that things appear to be better. I'll have another look at the DNS things today. I've deliberately not been looking at them the past few days as I wanted to see what the feedback was before tweaking again. Instead I've been looking at other DNS tweakery (different servers) and doing a sanity check on our email platform - which I'm glad to say actually seems quite sane and coherent :-)

It appears better for me too but not perfect. There are days when I only get a few HTTP errors but I still get them. However, there are still days where I have to refresh every page I load as the first attempt will nearly always fail.

 

Hope that helps in determining if the measures you have taken to date are having a positive effect and thanks for taking the time to look into this and trying to resolve it.

 

SR

 

Same issue.... with *any* Microsoft site... which has led to problems activating Windows and downloading updates...  seems to have cleared since last night (bar the activation servers), but this is not the first time it's happened.

All other sites seem fine...

---

Just ickle ol' me.

I've had a look at the DNS caches now and the original limit of 100 clients-per query was most definitely being exceeded, but well and truly below the level I have set the servers to last week. I can't see any obvious reason now why there may still be lookup timeouts. One thing that may help, if possible, is that if anyone is repeatedly getting timeouts for a site could they provide me with a tcpdump/packet capture for the DNS traffic ? Ie if, for example, you can't lookup windowsupdate.microsoft.com a tcpdump/wireshark/whatever packet dump of the port 53/UDP traffic may be very useful -  I can provide an email address to send it to, so PM me if you have a good capture.

 

---

--
Jerry Nicholls
Principal Systems Engineer
perl -e '$_=q(print "perl -e \x27\$_=q($_);eval\x27\n");eval'

How are people finding things now ? We made the counter-intuitive decision on Friday to remove one of the backend DNS caches from the 212.23.3.100 load balancer to see if that improved performance. From our viewpoint things were better so took the other matching server out of the 212.23.6.100 load balanced cluster yesterday.

The two servers that have been removed will be replaced with appropriate hardware in due course.

 

---

--
Jerry Nicholls
Principal Systems Engineer
perl -e '$_=q(print "perl -e \x27\$_=q($_);eval\x27\n");eval'

Jerry Nicholls:

How are people finding things now ? We made the counter-intuitive decision on Friday to remove one of the backend DNS caches from the 212.23.3.100 load balancer to see if that improved performance. From our viewpoint things were better so took the other matching server out of the 212.23.6.100 load balanced cluster yesterday.

The two servers that have been removed will be replaced with appropriate hardware in due course.

 

 

Hi Jerry,

 

OK, I don't want to count any chicken but I haven't had any problems with http since Monday. Fingers are crossed hoping that my issue has been resolved and I'll post back here letting you know how i get on over the next few days, whether it's good news or bad.

 

Many thanks for taking the time to try and resolve this,

 

SR 

Phew - a reply ! I was beginning to wonder if a) we'd fixed it so that no one had a reason to come back here to post, or b) we'd broken it so badly that no one could resolve this forum's URL to complain ! :-)

We're seeing a few other operational oddities but they don't appear to be affecting performance and are related to having to reboot the caches after applying security updates. At the moment I'm led to believe that the oddities are to do with needing to completely repopulate the caches from scratch so more effort is required. We're looking into ways of dumping the cache prior to a restart to save on that effort every time we reboot.

---

--
Jerry Nicholls
Principal Systems Engineer
perl -e '$_=q(print "perl -e \x27\$_=q($_);eval\x27\n");eval'

Hi Jerry,

 

Guess what? As soon as I made my post, http started playing up again.

 

this is a little frustrating but I appreciate the efforts being put in to resolving this.

 

SR 

Seems fine this end Jerry - least I can still hit M$ site <ok, some of us /have/ to>

---

Just ickle ol' me.