Barclays bank domain unresolvable only on some servers

Sebastian Arcus s.arcus at open-t.co.uk
Sun Jun 16 08:43:15 UTC 2019


I have discovered Friday that the following domain used by Barclays bank 
in UK doesn't resolve properly - but only on some of my servers running 
Bind:

federate-secure.glbaa.barclays.com

It works on a server with v9.12.3, but it fails on a server with v9.11.0 
and another one with v9.14.2. However, I don't think that the Bind 
version has anything to do with it. All servers are recursive servers.

It also resolves fine if I point to Google dns servers.

I've ran tests on the domain above using the MX Toolbox dns checker 
(mxtoolbox.com), and it fails with the following errors:

3  ns22.barclays.net  157.83.102.246  TIMED-OUT  518 ms  , rcode=NO_DATA
3  ns21.barclays.com  157.83.102.245  TIMED-OUT  509 ms  , rcode=NO_DATA
3  ns23.barclays.com  157.83.126.245  TIMED-OUT  504 ms  , rcode=NO_DATA
3  ns24.barclays.net  157.83.126.246  TIMED-OUT  517 ms  , rcode=NO_DATA

I've had to temporarily disable and bypass the local Bind instance on 
this server and point to Google dns, as users couldn't use online 
banking from Barclays because of the issue above.

Does anybody have any idea why would it work on some servers and with 
Google dns, but not on other servers with Bind? Also, would someone mind 
trying to resolve the above domain at their end and see if they get the 
same errors please.

Any suggestions appreciated. Thank you.


More information about the bind-users mailing list