It seems like a number of Microsoft related web sites have vanished.
www.msnbc.com
www.microsoft.com
I've tried from both AT&T and Earthlink, and can't reach them.
The name servers don't seem to be returning valid answers. If they
are in your cache, it works. But after clearing the cache, nada.
I noticed name server problems earlier this evening. Is this spreading?
It seems like a number of Microsoft related web sites have vanished.
Seems to be Microsoft server problems...
www.msnbc.com
$ dig msnbc.com @a.root-servers.net
;; AUTHORITY SECTION:
msnbc.com. 2D IN NS DNS4.CP.MSFT.NET.
msnbc.com. 2D IN NS DNS5.CP.MSFT.NET.
;; ADDITIONAL SECTION:
DNS4.CP.MSFT.NET. 2D IN A 207.46.138.11
DNS5.CP.MSFT.NET. 2D IN A 207.46.138.12
Hmmmm
$ dig www.msnbc.com @207.46.138.11
;; res options: init recurs defnam dnsrch
;; res_nsend to server 207.46.138.11: Connection timed out
$ dig www.msnbc.com @207.46.138.12
;; ANSWER SECTION:
www.msnbc.com. 1H IN CNAME msnbc.com.
msnbc.com. 1H IN A 207.46.150.254
msnbc.com. 1H IN A 207.46.238.109
msnbc.com. 1H IN A 207.46.238.23
msnbc.com. 1H IN A 207.46.238.24
msnbc.com. 1H IN A 207.46.238.26
msnbc.com. 1H IN A 207.46.150.205
www.microsoft.com
$ dig microsoft.com @a.root-servers.net
;; AUTHORITY SECTION:
microsoft.com. 2D IN NS DNS4.CP.MSFT.NET.
microsoft.com. 2D IN NS DNS5.CP.MSFT.NET.
microsoft.com. 2D IN NS DNS7.CP.MSFT.NET.
microsoft.com. 2D IN NS DNS6.CP.MSFT.NET.
;; ADDITIONAL SECTION:
DNS4.CP.MSFT.NET. 2D IN A 207.46.138.11
DNS5.CP.MSFT.NET. 2D IN A 207.46.138.12
DNS7.CP.MSFT.NET. 2D IN A 207.46.138.21
DNS6.CP.MSFT.NET. 2D IN A 207.46.138.20
$ dig www.microsoft.com @207.46.138.11
;; res_nsend to server 207.46.138.11: Connection timed out
$ dig www.microsoft.com @207.46.138.12
;; res_nsend to server 207.46.138.12: Connection timed out
$ dig www.microsoft.com @207.46.138.21
;; res_nsend to server 207.46.138.21: Connection timed out
$ dig www.microsoft.com @207.46.138.20
;; res_nsend to server 207.46.138.20: Connection timed out
It seems like a number of Microsoft related web sites have vanished.
I noticed name server problems earlier this evening. Is this
spreading?
windowsupdate.microsoft.com was also really sporadic for a while earlier,
but I was able to eventually get an answer. As you suggested, connections
to the hosts are going through fine once you get an answer.
dns4.cp.msft.net. through dns7.cp.msft.net (the auth servers) are pinging
fine but DNS queries sent to those hosts timeout. The address block does
appear to belong to Microsoft so... maybe they misconfigured their
firewall or sumtin.
Also noticed extremely high levels of packet loss to them earlier but that
appears to be straightened out.
When will all the idiots who think they know how to configure DNS, but
obviously don't, learn that they can't get away with having all their
nameservers on the same network no matter how well connected that
network might appear to be under the best of conditions, or how many
different directions the fiber leaves the building/campus?
As you can see for MICROSOFT.COM everything's apparently in one place,
network geography-wise:
Domain servers in listed order:
DNS4.CP.MSFT.NET 207.46.138.11
DNS5.CP.MSFT.NET 207.46.138.12
DNS6.CP.MSFT.NET 207.46.138.20
DNS7.CP.MSFT.NET 207.46.138.21
Those addresses might be in a /16 in allocation:
Microsoft (NETBLK-MICROSOFT-GLOBAL-NET) MICROSOFT-GLOBAL-NET
207.46.0.0 - 207.46.255.255
and whois.ra.net shows a /18 for their routing:
$ whois -h whois.ra.net 207.46.138.11
Route: 207.46.128.0/18
descr: MS-CP
origin: AS8070
mnt-by: MICROSOFT-MAINT-CW
changed: judithsh@microsoft.com 20001024
source: CW
but I'd almost be willing to bet that all those machines are in the same
building, and maybe even in the same room (and if not they're probably
at least all on the same campus). Even if they have tunnels routing
these addresses to machines in diverse physical locales, they don't seem
to have managed to eliminate any significant number of the serious
failure scenarios.
Seems I can at the moment get to *one* of their nameservers:
$ host -C microsoft.com
microsoft.com NS DNS4.CP.MSFT.NET
Nameserver DNS4.CP.MSFT.NET not responding
microsoft.com SOA record not found at DNS4.CP.MSFT.NET, try again
microsoft.com NS DNS5.CP.MSFT.NET
Nameserver DNS5.CP.MSFT.NET not responding
microsoft.com SOA record not found at DNS5.CP.MSFT.NET, try again
microsoft.com NS DNS7.CP.MSFT.NET
dns.cp.msft.net msnhst.microsoft.com (2001012306 900 600 7200000 7200)
!!! microsoft.com SOA primary dns.cp.msft.net is not advertised via NS
microsoft.com NS DNS6.CP.MSFT.NET
Nameserver DNS6.CP.MSFT.NET not responding
microsoft.com SOA record not found at DNS6.CP.MSFT.NET, try again
but it's not one that's registered for MSNBC.COM....
Domain servers in listed order:
DNS4.CP.MSFT.NET 207.46.138.11
DNS5.CP.MSFT.NET 207.46.138.12
$ host -C msnbc.com
msnbc.com NS DNS4.CP.MSFT.NET
Nameserver DNS4.CP.MSFT.NET not responding
msnbc.com SOA record not found at DNS4.CP.MSFT.NET, try again
msnbc.com NS DNS5.CP.MSFT.NET
Nameserver DNS5.CP.MSFT.NET not responding
msnbc.com SOA record not found at DNS5.CP.MSFT.NET, try again
I can however eventually (took one retry and quite a few seconds!) get
an answer for www.mnbc.com it seems:
$ host -a www.msnbc.com
www.msnbc.com CNAME msnbc.com
msnbc.com NS DNS4.CP.MSFT.NET
msnbc.com NS DNS5.CP.MSFT.NET
msnbc.com A 207.46.238.109
msnbc.com A 207.46.238.23
msnbc.com A 207.46.238.24
msnbc.com A 207.46.238.26
msnbc.com A 207.46.150.205
msnbc.com A 207.46.150.254
Wow! Would you look at that! They may even have their web servers more
diversely placed on the network than they do their nameservers!
If only Microsoft were the only ones that made this kind of inevitably
fatal (at least from a DNS point of view) mistake..... 
One would think that a company with the obvious resources and power they
have would have registered nameservers on every major backbone on the
planet, and then some (right up to the maximum possible!). I don't want
my nameservers to disappear from any part of the net at any time, and
I'm sure they don't either. I've only got three for my home domain
(with really only two separate network paths to them), but I'm not a
multi-national corporation either!
Oh, and just as I'm about to send this off I see one more server cough
up replies (guess that's where I got the msnbc.com A RRs from too):
$ host -C msnbc.com
msnbc.com NS DNS5.CP.MSFT.NET
Nameserver DNS5.CP.MSFT.NET not responding
msnbc.com SOA record not found at DNS5.CP.MSFT.NET, try again
msnbc.com NS DNS4.CP.MSFT.NET
dns.cp.msft.net msnhst.microsoft.com (2001012205 1800 900 7200000 3600)
!!! msnbc.com SOA primary dns.cp.msft.net is not advertised via NS
$ host -C microsoft.com
microsoft.com NS DNS5.CP.MSFT.NET
Nameserver DNS5.CP.MSFT.NET not responding
microsoft.com SOA record not found at DNS5.CP.MSFT.NET, try again
microsoft.com NS DNS7.CP.MSFT.NET
Nameserver DNS7.CP.MSFT.NET not responding
microsoft.com SOA record not found at DNS7.CP.MSFT.NET, try again
microsoft.com NS DNS6.CP.MSFT.NET
dns.cp.msft.net msnhst.microsoft.com (2001012306 900 600 7200000 7200)
!!! microsoft.com SOA primary dns.cp.msft.net is not advertised via NS
microsoft.com NS DNS4.CP.MSFT.NET
dns.cp.msft.net msnhst.microsoft.com (2001012306 900 600 7200000 7200)
Weirdness, they're returning a response (albeit 35 seconds after the
request) for MX records, however, an A lookup for microsoft.com times out..
efnt01:exile {114} dig microsoft.com @207.46.138.12
Sean;
Sounds like it was corruption of the DNS table :
http://www.msnbc.com/news/519306.asp
from the article
The database that includes this information is called a DNS Table. On
Saturday, MyDomain.com accidentally released a DNS table to the world
that was full of errors, Lau said. The mistakes meant a small fraction of
Web surfers trying to visit Yahoo.com were instead sent to an IP address
inside MyDomains.com.
In addition to misdirecting
Yahoo.com and Microsoft.com
visitors, surfers trying to reach
MSN.com and a host of .net
sites also ended up at
MyDomains.com. In about a
four-hour period Saturday, some
50,000 new clicks were
registered on the MyDomains
page, and the number was still
rising at 5 a.m. ET.
Reminds me of Eugene Kashpureff...
Sean Donelan wrote:
hardly.
the issue with mydomain.com is that certain *nix's have
it listed in /etc/resolv.conf (or the specific equivalent)
as an example although it's commented out. your joe-intelligent
administrator apparently decided to uncomment it.
to my knowledge, mydomain.com didn't do anything illegal,
where as eugene decided to get zerocool.
actually, i find it slightly funny.
-ken harris
toronto, canada
I actually think this is rather funny myself, too.
Never underestimate human stupidity. At a software company where I
recently worked, people couldn't understand why I suggested so strongly
that they remove things like "company.com" and "hostname.com" from their
sample configuration files, and replace them with clearly bogus domain
names like "example.domain".
Why is mydomain.com still resolving domains for random hosts? If it stops,
the problem will quickly get corrected.
haha check this out (sorry if someone already posted this)
[DING!]> whois microsoft.com
[whois.internic.net]
Whois Server Version 1.3
Domain names in the .com, .net, and .org domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
MICROSOFT.COM.WILL.LIVE.FOREVER.BUT.LUNIX.SUCKS-BYBIRTH.ARTISTICCHEESE.COM
MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.COM
MICROSOFT.COM.SE.FAIT.HAX0RIZER.PAR.TOUT.LE.ZOY.ORG
MICROSOFT.COM.OWNED.BY.MAT.HACKSWARE.COM
MICROSOFT.COM.N-AIME.BILL.QUE.QUAND.IL.N-EST.PAS.NU
MICROSOFT.COM.MUST.STOP.TAKEDRUGS.ORG
MICROSOFT.COM.IS.SOON.GOING.TO.THE.DEATHCORPORATION.COM
MICROSOFT.COM.IS.SECRETLY.RUN.BY.ILLUMINATI.TERRORISTS.NET
MICROSOFT.COM.IS.NOTHING.BUT.A.MONSTER.ORG
MICROSOFT.COM.IS.NO.MATCH.FOR.THE.UEBER-GEEKS.AT.JIMPHILLIPS.ORG
MICROSOFT.COM.IS.GOD.BUT.LINUX.SUCKS-FOREVER.ARTISTICCHEESE.COM
MICROSOFT.COM.IS.BORING.COMPARED.TO.TEENEXTREME.COM
MICROSOFT.COM.IS.AT.THE.MERCY.OF.DETRIMENT.ORG
MICROSOFT.COM.INSPIRES.COPYCAT.WANNABE.SUBVERSIVES.NET
MICROSOFT.COM.HAS.NO.LINUXCLUE.COM
MICROSOFT.COM.HACKED.BY.PSYKOJOKO.ON.A.ROOT-NETWORK.COM
MICROSOFT.COM.HACKED.BY.HACKSWARE.COM
MICROSOFT.COM.GUTS.NL
MICROSOFT.COM.FAIT.VRAIMENT.DES.LOGICIELS.A.TROIS.FRANCS.DOUZE.ORG
MICROSOFT.COM.ER.IKKE.NO.I.FORHOLD.TIL.LATHANS.NET
MICROSOFT.COM.AINT.WORTH.SHIT.KLUGE.ORG
MICROSOFT.COM
To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them
up
with "=xxx" to receive a full display for each record.
Last update of whois database: Wed, 24 Jan 2001 11:29:23 EST <<<
The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and
Registrars.
On
Wed, 24 Jan
2001, L. Sassaman wrote:
> > Reminds me of Eugene Kashpureff...
>
> hardly.
>
> the issue with mydomain.com is that certain *nix's have
> it listed in /etc/resolv.conf (or the specific equivalent)
> as an example although it's commented out. your joe-intelligent
> administrator apparently decided to uncomment it.I actually think this is rather funny myself, too.
Never underestimate human stupidity. At a software company where I
recently worked, people couldn't understand why I suggested so strongly
that they remove things like "company.com" and "hostname.com" from their
sample configuration files, and replace them with clearly bogus domain
names like "example.domain".Why is mydomain.com still resolving domains for random hosts? If it stops,
the problem will quickly get corrected.__
L. Sassaman
Security Architect | "The only cure for
Technology Consultant | sadness is learning"
>
http://sion.quickie.net | --Thomas Jefferson
-------------- -- ---- ---- --- - - - - - -- - - - - - -
Tony Bourke tony@vegan.net