xkcd

[Prodigious Penguin]

An interesting thing happened to me last night - the main site and blag would load but no new images, and eventually no images at all once my cache started expiring. Confused, I tried the direct link and it didn't fail so much as never resolve. After quite a bit of probing around today, I think I came up with why - the DNS record for imgs.xkcd.com is huge.

Observe a lookup directly to a public DNS server:

Code: Select all

Mighty-Mac:bin admin$ dig imgs.xkcd.com @4.2.2.2
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.7.3 <<>> imgs.xkcd.com @4.2.2.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44677
;; flags: qr rd ra; QUERY: 1, ANSWER: 24, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;imgs.xkcd.com.         IN   A

;; ANSWER SECTION:
imgs.xkcd.com.      430   IN   CNAME   2930-xkcdimgs.voxcdn.com.
2930-xkcdimgs.voxcdn.com. 60   IN   CNAME   content.ord1.site.voxcdn.net.
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.17
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.14
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.16
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.20
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.10
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.27
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.18
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.28
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.21
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.13
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.4
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.2
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.13
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.18
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.15
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.11
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.29
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.30
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.12
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.12
content.ord1.site.voxcdn.net. 82 IN   A   208.122.28.3
content.ord1.site.voxcdn.net. 82 IN   A   208.122.29.19

;; AUTHORITY SECTION:
voxcdn.net.      37398   IN   NS   ns.voxel.net.
voxcdn.net.      37398   IN   NS   ns3.voxel.net.
voxcdn.net.      37398   IN   NS   ns2.voxel.net.

;; ADDITIONAL SECTION:
ns2.voxel.net.      2561   IN   A   208.122.22.22
ns.voxel.net.      2561   IN   A   208.122.22.21
ns3.voxel.net.      2561   IN   A   64.142.113.67

;; Query time: 126 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Thu Oct 13 18:26:00 2011
;; MSG SIZE  rcvd: 567

Now when I try the same thing, allowing the local router (CTR500 for the record) to handle the DNS request:

Code: Select all

Mighty-Mac:bin admin$ nslookup imgs.xkcd.com
;; Truncated, retrying in TCP mode.
;; Connection to 192.168.0.1#53(192.168.0.1) for imgs.xkcd.com failed: connection refused.

In both instances, TCP mode had to be used for the request, yet the second failed. Is it possible there are some routers that will only do DNS over UDP? It's working for me now (just configured the laptop to do DNS requests to 4.2.2.2 directly), but I'm sure there may be others trying to access the site having similar issues.

[jackslash]

Im having these issues too. I find that some internet cafe's firewalls block TCP DNS requests. I also find that I keep having intermittent trouble with resolving the DNS on various networks.

This was in a starbucks:

Code: Select all

wyvern:~ jackslash$ dig imgs.xkcd.com
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.7.3-P3 <<>> imgs.xkcd.com
;; global options: +cmd
;; connection timed out; no servers could be reached

[davean]

Im having these issues too. I find that some internet cafe's firewalls block TCP DNS requests. I also find that I keep having intermittent trouble with resolving the DNS on various networks.

This was in a starbucks:

Code: Select all

wyvern:~ jackslash$ dig imgs.xkcd.com
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.7.3-P3 <<>> imgs.xkcd.com
;; global options: +cmd
;; connection timed out; no servers could be reached

Where are you located?

[jackslash]

That was in a UK Starbucks

[lukewarm]

I, too, noticed that images are not loading, or loading intermittently. I started to investigate. My DNS is happy with large records, but for me, apparently, not all of the addresses into which imgs.xkcd.com resolve are responding:

Code: Select all

$ wget -O /dev/null http://imgs.xkcd.com/comics/making_things_difficult.png
--2011-12-29 08:58:46--  http://imgs.xkcd.com/comics/making_things_difficult.png
Resolving imgs.xkcd.com... 208.122.31.17, 208.122.31.26, 208.122.31.27, ...
Connecting to imgs.xkcd.com|208.122.31.17|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 78391 (77K) [image/png]
Saving to: `/dev/null'

100%[======================================>] 78,391       230K/s   in 0.3s   

2011-12-29 08:58:47 (230 KB/s) - `/dev/null' saved [78391/78391]

$ wget -O /dev/null http://imgs.xkcd.com/comics/making_things_difficult.png
--2011-12-29 08:58:48--  http://imgs.xkcd.com/comics/making_things_difficult.png
Resolving imgs.xkcd.com... 208.122.31.16, 208.122.31.17, 208.122.31.26, ...
Connecting to imgs.xkcd.com|208.122.31.16|:80... connected.
HTTP request sent, awaiting response...     


and there it stays for several minutes already.

It is also not good that the images cdn is not accessible over IPv6 (while the main site is) but this is just a sidenote.

This voxcdn does not look like a right place to be...

= Luke