Mobi.ch not resolvable (SERVFAIL)

Hi there,

Since Tuesday last week (17. March 2020) I can not resolve any records for the mobi.ch domain anymore. Before everything worked fine.
From every other resolver (like Google or form my ISP) the resolution works still fine and the DNS zone is basically also setup correctly.

So what could be the reason why the domain is not resolvable over the Coudflare resolver?
Was the domain blocked by any chance by Cloudflare?

Any help apricated!

Thx

Troubleshooting information:

Link from the diagnostic tool:
https://cloudflare-dns.com/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiTm8iLCJyZXNvbHZlcklwLTEuMS4xLjEiOiJZZXMiLCJyZXNvbHZlcklwLTEuMC4wLjEiOiJZZXMiLCJyZXNvbHZlcklwLTI2MDY6NDcwMDo0NzAwOjoxMTExIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6IlllcyIsImRhdGFjZW50ZXJMb2NhdGlvbiI6IlpSSCIsImlzV2FycCI6Ik5vIiwiaXNwTmFtZSI6IkNsb3VkZmxhcmUiLCJpc3BBc24iOiIxMzMzNSJ9

dig mobi.ch @1.1.1.1

    ; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu
    <<>> mobi.ch @1.1.1.1
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49938
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1452
    ;; QUESTION SECTION:
    ;mobi.ch.                       IN      A

    ;; Query time: 41 msec
    ;; SERVER: 1.1.1.1#53(1.1.1.1)
    ;; WHEN: Fri Mar 27 10:25:05 CET 2020
    ;; MSG SIZE  rcvd: 36
dig mobi.ch @1.0.0.1

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> mobi.ch @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 29382
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;mobi.ch.                       IN      A

;; Query time: 41 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Fri Mar 27 10:28:23 CET 2020
;; MSG SIZE  rcvd: 36
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> mobi.ch @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16466
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;mobi.ch.                       IN      A

;; ANSWER SECTION:
mobi.ch.                883     IN      A       178.209.59.60

;; Query time: 15 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Mar 27 10:29:03 CET 2020
;; MSG SIZE  rcvd: 52
dig +short CHAOS TXT id.server @1.1.1.1
"ZRH"
dig +short CHAOS TXT id.server @1.0.0.1
"ZRH"
dig @ns3.cloudflare.com whoami.cloudflare.com txt +short
"212.60.58.116"

That sounds like a sustained problem with ZRH. Have you tried https://1.1.1.1/purge-cache/

Oh, interesting! Thx for the info!

Did not know this site. Just tried to purge the cache (at https://1.1.1.1/purge-cache/) but it seems not to make any difference for me. Still SERVFAIl for all records.

I do not know if it matters but on Monday, March 16 Swisscom had some issues and outages here in Switzerland and the authoritative name servers for mobi.ch are all connected through Swisscom.
Just mentioning it because on the morning of the 16th March I had no problems but on the 17th, after the outages, the resolution for mobi.ch suddenly stopped working.

Almost seems like the Cloudflare servers in ZHR had somehow ‘blacklisted’ the mobi.ch domain since the March 17. Maybe because of connectivity issues to authoritative servers, caused by the outages form Swisscom? But just a wild guess … :wink:

If purging it didn’t work, open a ticket. Maybe they can figure out why that server doesn’t have it.

Login to Cloudflare and then contact Cloudflare Support by clicking on the Get More Help button.

Cool, thanks for the tip. Sounds good. I will open a ticket then.

1 Like

Sorry about that. It seems like a connectivity issue in ZRH, I’ll take a look.

2 Likes

Thank you @mvavrusa! It seems to be fixed now:

dig mobi.ch @1.1.1.1

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> mobi.ch @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30812
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;mobi.ch.                       IN      A

;; ANSWER SECTION:
mobi.ch.                728     IN      A       178.209.59.60

;; Query time: 13 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Wed Apr 01 14:24:12 CEST 2020
;; MSG SIZE  rcvd: 59
dig +short CHAOS TXT id.server @1.1.1.1
"ZRH"

This was an issue with TCP, I tried to contact the operator for this domain and it seems to have been resolved as of yesterday.

3 Likes

@mvavrusa: Unfortunately the problem seems to be back. Could you please look into it again?

Thank you!

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> mobi.ch @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 9389
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;mobi.ch.                       IN      A

;; Query time: 50 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Apr 16 08:48:33 CEST 2020
;; MSG SIZE  rcvd: 36

dig +short CHAOS TXT id.server @1.1.1.1
"ZRH"

Hi, sorry about that. I tried to email the technical contact for the domain, hopefully it’s going to get resolved.

Hi,

Thank you very much!

Do you know what’s exactly is the cause for the problem. I may have a chance to contact the DNS admin team directly if I know what to tell them.

The issue seems to be with the oversize answers such as:

dig A ns2.mobi-net.ch. +short
212.243.178.150
dig +tcp +dnssec mobi.ch DNSKEY @212.243.178.150
;; WARNING: can't receive reply from [email protected](TCP)
;; WARNING: failed to query server [email protected](TCP)

It seems like the 212.243.178.150 resets the connection immediately
after the query.

It doesn’t seem to be a problem when the response fits in a single
segment (below 1460 bytes). The issue started around 2020-04-16 00:00 UTC.

1 Like

Thx for the info. That’s interesting because the query works perfectly for me.
So it seems the problem is somewhere between ns2.mobi-net.ch and the Cloudflare Server in ZHR.

Do you have the same error for the other two name servers (ns1.mobi-net.ch and ns1.ip-plus.net) too or only for the ns2.mobi-net.ch? Especially the ns1.ip-plus.net would be interesting as this one is at a completely different subnet/site.

Hi, works from my home network as well. It’s possible that ns1.ip-plus.net is working but because it’s not glued in the delegation it’s not tried until the time runs out. I have not received any answer so far, if you could get me in touch I’d be happy to explain or help troubleshoot it.

Ah ok, I see. Unfortunately I got also no response so far for my question I sent internally.