Search Again: Re: Semi-ot, local DNS lookups From: Men & Mice Support Date: Tuesday, September 21, 2004 Time: 2:37:46 pm At 7:58 PM -0700 9/20/04, Scott Haneda wrote: >Please bare with me on this one... "bear", not "bare". I'm no stripper. ;) >I am processing credit card requests against authorzenet.com, the specific >address I SSL post to is secure.authorize.net > >In short, I call curl from php and send off some data to >secure.authorize.net, this has always worked just fine in the past. > >As of recent, secure.authorize.net was a targert of a DDoS attack, I am >getting errors when posting to that address, here is where it gets >strange... > >I can load the url <https://secure.authorize.net/> on any machine just fine. > >The machine that I run curl on does not have QDNS installed on it, that is >on a separate machine, same subnet, so: >Curl machine -> IP of remote QDNS server listed in TCP/IP >QDNS machine -> normal install of QDNS > >What I am finding is that if I do a lookup on secure.authorize.net I get >back: >secure.authorize.net. 174 IN A 64.94.118.66 > >If I take 64.94.118.66 and use that IP to tell curl to post to, it works >reliably, if I use the DNS hostname, it works sporadically. > >I suspect that as a result of the DDoS attack, they changed IP addresses or >something, at any rate, I must be arriving at the wrong machine. The hard >coded IP address always works. I can alter my scripts to use that, but then >I have to babysit their DNS records in the event they change the IP address. > >My question is, is there any way on the curl machine to watch the resolution >of the domain name to A record and see what IP address it is getting back, >then maybe I can better track this down. Sure. Before you issue a "curl" command, issue a "host" command, like this: host secure.authorize.net If either command fails, log the result of the host command. >Perhaps there is a way to tell the local resolver to always check for a >fresh record for this one domain? Nope. >Another strange thing is it seems if I reboot the curl machine, it gets it >right for a few hours, then it fails a bit and works a bit, I just can not >get it to work all the time like it used to. > >Of course, ssh'ing into the curl machine and doing a dig on the domain shows >me the IP address that works, and this is even when I am not able to process >a credit card transaction due to a connection failure. Odd. Sounds like maybe it's not a DNS error after all. Chris Buxton Men & Mice - Making DNS Easy Customer Service and Sales Engineer

Messages In This Thread: Semi-ot, local DNS lookups by Scott Haneda on Sep 20, 2004 at 7:59:48 pm Re: Semi-ot, local DNS lookups by Men & Mice Support on Sep 21, 2004 at 2:37:46 pm Re: Semi-ot, local DNS lookups by Steve Fabian on Sep 21, 2004 at 2:45:06 pm Re: Semi-ot, local DNS lookups by Scott Haneda on Sep 22, 2004 at 5:08:50 pm Re: Semi-ot, local DNS lookups by Men & Mice Support on Sep 22, 2004 at 5:24:38 pm Re: Semi-ot, local DNS lookups by Scott Haneda on Sep 22, 2004 at 6:10:58 pm Re: Semi-ot, local DNS lookups by Scott Haneda on Sep 22, 2004 at 6:21:33 pm Re: Semi-ot, local DNS lookups by Men & Mice Support on Sep 22, 2004 at 6:36:28 pm Re: Semi-ot, local DNS lookups by Cayce Will on Sep 23, 2004 at 11:43:47 am Re: Semi-ot, local DNS lookups by Scott Haneda on Sep 23, 2004 at 1:09:54 pm Re: Semi-ot, local DNS lookups by Ken Eddings on Sep 23, 2004 at 2:13:16 pm