# Possible DNS issues on website...host not helpful



## djshiva (Aug 5, 2009)

So the org I work for has 3 domains, all of which are hosted on the same server. Within the last 6 months, problems have been showing up.

The problem is that some people can access the site, while others can't. Sometimes the inability to access the site are temporary, other times, not so temporary. 

I used to be able to see the site from my home, but Monday that just stopped working. We couldn't see it from the office either. Today I can see it from the office, but not from home. Some friends in other cities can see it, some can't. 

So I pinged the IP address from home, and received responses. But when I ping the sitenames, nothing. It times out.

This leads me to believe it is a DNS issue. 

I have told all of this to my webhost, and he kinda acts like I am stupid. He has no idea why this is happening, doesn't communicate with me to let me know whether he is even trying to fix it, and to some degree, I don't think he believes me, because all of the other sites he hosts seem to be working fine (or at least they are not complaining). 

Obviously, my first response is that he will soon be exiting as web host. But in the meantime, does anyone have any ideas what could be causing the issue? 

Here are some of the things I found when using the DNS Tools at dnsstuff.com

ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can
query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when
it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to
have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache
poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as
part of an attack, by forging their IP address.

ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers.

ERROR: Your DNS servers leak stealth information in non-NS requests:
This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records
listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not
leak the stealth NS records in response to other queries.


----------



## inphektion (Apr 13, 2010)

def seems like dns to those sites is messed up bad. who hosts the dns? same as hosts the web or somewhere else? If you post the domain name i can help you further.


----------



## djshiva (Aug 5, 2009)

The web host is also the one who hosts the DNS. He said that he was fixing the issue (after I hounded him and sent him a DNS report that showed his OWN site was borked), but I haven't seen a resolution.

Main domain is www.citact.org. This also affects www.cacefindiana.org.


----------



## Tikuf (Mar 5, 2010)

I personaly would change DNS hosts asap, lots of cheap ones out there, that will save you alot of hassle but still allow you to keep your current host if you wish to stay with them.

But the errors that DNS stuff has returned to you showes the host as done some very un-wise/amateurish setup.

And he may not be aware of the issue or how to correct the issues simply because he does not know, hence why it happened in the first place.

I ran my own scan and it has MANY in the DNS.

Notes:
There is also free DNS hosts but use at your own risk.


But looking at the bigger picture and not just the issue at hand. Maybe its time to look at other hosting options as this host seems be not willing to provide proper support for your site, or support for their own infrastructure properly.


----------



## djshiva (Aug 5, 2009)

Thanks, Tikuf! 

Yeah, I have already put into action the changeover of our webhosting. After far too much time spent attempting to get our webhost to fix the issues, I am done. 

Thanks so much to all who have replied and checked out the sites themselves.


----------

