URGENT: SERVFAIL on memphistn.gov

130 views
Skip to first unread message

Lauren Collett

unread,
Aug 4, 2022, 4:13:42 PM8/4/22
to public-dns-discuss
Can someone help me debug MX record SERVFAIL errors for memphistn.gov? Yesterday they received about 80% of emails from Google accounts and today closer to 40% but often none. The Mayor is very frantic. .gov registrar says there is no issue with the entries and I'm not sure how to help the CIty of Memphis IT team troubleshoot the nameservers on their side.....

Thanks!
Lauren

Nikola Semičević

unread,
Aug 5, 2022, 10:57:11 AM8/5/22
to public-dns-discuss

Claus Mattsson

unread,
Aug 5, 2022, 10:57:13 AM8/5/22
to public-dns-discuss
Hi Lauren,

Your authorative DNS setup is missing a lot of the basics. You run two servers, which is ok. Recommended is at least three. Both servers are on a network with the same autonomous system number. They even reaside inside the same IP-range. Best practice is that all servers are on separate ASN. They should never share IP-range. The servers are also recursive and everyone can do public queries to them.

Your problem is probably caused by a connectivity issue between some of Google DNS servers and your authorative servers or ratelimiting on your servers. But I strongly urge you to look into the setup, which seems wrong to me.

//Claus

Lauren Collett

unread,
Aug 5, 2022, 10:57:17 AM8/5/22
to and...@swietek.com, public-dns-discuss
When we look here we can see the MX record https://toolbox.googleapps.com/apps/dig/#MX/memphistn.gov and other mail is coming through (yahoo, outlook, etc). Also attached is their nameserver config on .gov registrar. Do you know a reason you would not see an MX record but the Dig tool does? 

On Thu, Aug 4, 2022 at 3:29 PM Andrzej Swietek <andrzej....@gmail.com> wrote:
There is no MX records

andrzejswietek@Andrzejs-MacBook-Air ~ % dig mx  memphistn.gov

; <<>> DiG 9.10.6 <<>> mx memphistn.gov
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 65176
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;memphistn.gov. IN MX

;; Query time: 5013 msec
;; SERVER: 2a01:115f:4300:7b00:4e19:5dff:fedb:ace0#53(2a01:115f:4300:7b00:4e19:5dff:fedb:ace0)
;; WHEN: Thu Aug 04 22:29:03 CEST 2022
;; MSG SIZE  rcvd: 42

andrzejswietek@Andrzejs-MacBook-Air ~ %
> --
> You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-disc...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/public-dns-discuss/f70455c8-54e7-4656-b161-d4bd052f8777n%40googlegroups.com.
>


--


Lauren Collett

Account Executive

Tennessee State and Local Government

lcol...@google.com | 615-289-8930

cloud.google.com/solutions/government


Screenshot 2022-08-04 1.39.19 PM.png
Reply all
Reply to author
Forward
0 new messages