Friday, February 19, 2010

DNS Tracing - A Critical Network Debugging Tool

The cool thing about DNS is how distributed it is. In theory, to view a single web page you might have to make dozens, if not hundreds of DNS lookups. This would be painfully slow. Luckily, DNS was built with this challenge in mind, and no single server needs to be contacted to do a name lookup. Better yet, the information can be cached locally so no lookup is needed at all.

The really annoying thing about DNS, though, is how distributed it is. Let's say you want to relocate a server - because the DNS address is cached in multiple places, it takes time for changes to propagate through. One user might see the new site, while another might see the old one - that's just life with DNS.

While this is annoying for server moves, what about when you have a potential DNS issue? A customer tells you they can't reach the website - is that because the DNS cache they are talking to is out of date? Or do they have a more updated copy of the DNS, and pretty soon, nobody will be able to reach the site? Untangling who's actually looking at the authoritative DNS setup (which the caches will eventually catch up to), is tricky to say the least.

The solution? DNS tracing.

Suppose you are going to a website for the very first time, and nobody on your network has gone their either. How is the domain name resolved? It's a multi-step process: first, a root name server is consulted. It won't know the specific host you're looking for, but it will know who you should ask. Behind the scenes, the information the root name server provided will be used to ask another DNS server, and perhaps another, till the exact host is found.

It's actually a remarkable system when you think about it - the large central authority needs to know just enough to point you in the right direction, and distributed, locally controlled servers can do the rest.

And how does this help you debug your client's connection issue? Simple - you can use Simple DNS Plus's tool to find out how your DNS is officially functioning. If the trace is correct there, then the problem is most likely with the customer's local network. When his setup gets fixed, he'll be back to normal. On the other hand, if your trace fails, then what your customer is seeing is reality - and the site is only working for you because it's cached locally.

When that cache expires, your site will be broken. My suggestion - learn how to use DNS tracing now, before you need it.

1 comment:

  1. Pretty slick. I will add this to my bag of tricks.