myNIC registration requirements
asenec at asenec.dallas.nationwide.net
asenec at asenec.dallas.nationwide.net
Wed Aug 18 06:05:07 UTC 1999
Yes, I see what you are saying about the primary/authoritative response.
But why is the response non-authoritative:
# nslookup -q=any smartchoice.com.my 216.121.32.12
Server: magnesium.colossus.net
Address: 216.121.32.12
Non-authoritative answer:
smartchoice.com.my
origin = magnesium.colossus.net
mail addr = hostmaster.regihost.net
serial = 99081115
refresh = 86400 (1 day)
retry = 7200 (2 hours)
expire = 3600000 (41 days 16 hours)
minimum ttl = 172800 (2 days)
smartchoice.com.my nameserver = magnesium.colossus.net
smartchoice.com.my nameserver = quartz.colossus.net
smartchoice.com.my internet address = 216.121.100.228
smartchoice.com.my preference = 10, mail exchanger = mail.smartchoice.com.my
Authoritative answers can be found from:
smartchoice.com.my nameserver = magnesium.colossus.net
smartchoice.com.my nameserver = quartz.colossus.net
magnesium.colossus.net internet address = 216.121.32.12
quartz.colossus.net internet address = 209.78.16.5
mail.smartchoice.com.my internet address = 216.121.100.228
# nslookup 216.121.32.12
Server: localhost
Address: 127.0.0.1
Name: magnesium.colossus.net
Address: 216.121.32.12
#
I get an authoritative answer from this nameserver
when I query a domain which is already registered;
a non-authoritative answer from this nameserver for
a domain which is not registered:
# nslookup
Default Server: localhost
Address: 127.0.0.1
> set type=any
> oakwell.com.my
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
oakwell.com.my nameserver = magnesium.colossus.net
oakwell.com.my nameserver = quartz.colossus.net
oakwell.com.my internet address = 209.182.56.80
Authoritative answers can be found from:
oakwell.com.MY nameserver = magnesium.colossus.net
oakwell.com.MY nameserver = quartz.colossus.net
magnesium.colossus.net internet address = 216.121.32.12
quartz.colossus.net internet address = 209.78.16.5
> exit
# nslookup -q=any oakwell.com.my 216.121.32.12
Server: magnesium.colossus.net
Address: 216.121.32.12
oakwell.com.my
origin = magnesium.colossus.net
mail addr = hostmaster.regihost.net
serial = 99060703
refresh = 86400 (1 day)
retry = 7200 (2 hours)
expire = 3600000 (41 days 16 hours)
minimum ttl = 172800 (2 days)
oakwell.com.my nameserver = magnesium.colossus.net
oakwell.com.my nameserver = quartz.colossus.net
oakwell.com.my preference = 10, mail exchanger = mail.oakwell.com.my
oakwell.com.my internet address = 209.182.56.80
oakwell.com.my nameserver = magnesium.colossus.net
oakwell.com.my nameserver = quartz.colossus.net
magnesium.colossus.net internet address = 216.121.32.12
quartz.colossus.net internet address = 209.78.16.5
mail.oakwell.com.my internet address = 209.182.56.80
#
So it would appear that until the domain is registered,
queries would be answered with non-authoritative responses?
Is that a myNIC catch-22, or do I have something configured
wrong (4.9.7)?
As for whether 216.121.32.12 was shown on the registration
form, I can't tell you since the customer submitted the form.
Annette
> | Date: Tue, 17 Aug 1999 22:36:27 -0500 (CDT)
> | From: asenec at asenec.dallas.nationwide.net
> | To: bind-users at isc.org
> | Subject: myNIC registration requirements
> |
> | Has anyone dealt with this registration agency?
> | Surely they can't have a registration requirement
> | as insane as this:
> |
> | > NSLOOKUP RESULT:
> | >
> | >
> | >
> | > --- PRIMARY SERVER ---
> | >
> | >
> | > nslookup -q=any smartchoice.com.my 216.121.32.12
> | >
> | > Server: magnesium.colossus.net
> | > Address: 216.121.32.12
> | >
> | > Non-authoritative answer: <==SHOULD GIVE AN authoritative answer
> | >
> | >
> | >
> |
> | That was taken from the rejection notification sent by myNIC to
> | the party attempting to register the domain.
> |
> | Going at this from a different approach, short of starting named and blocking
> | all the world from the nameserver, except for myNIC, how could one possibly
> | guarantee an authoritative response from a nameserver for a particular
> | domain? Am I missing something here?
>
> If the nameserver was listed as primary NS in the registration template,
> it *should* give an authoritative response.
>
> I had my disagreements with MYNIC over issues like requiring that the
> SOA mhost be listed as nameserver (effectively diallowing stealth primaries
> behind firewalls) and others, but at first look this looks ok.
> I also disgree with them using nslookup for the test (as nslookup has
> a few interesting bugs that sometimes trigger rejections from MyNIC,
> when dig shows the domain to be ok).
>
> To know better whether this is ok or not, we would know what the template
> looked like you sent in. Did it list 216.121.32.12 as nameserver for the
> domain requested?
>
> |
> | Annette
> |
>
> Mathias Koerber | Tel: +65 / 471 9820 | mathias at staff.singnet.com.sg
> SingNet NOC | Fax: +65 / 475 3273 | mathias at koerber.org
> Q'town Tel. Exch. | PGP: Keyid: 768/25E082BD, finger mathias at singnet.com.sg
> 2 Stirling Rd | 1A 8B FC D4 93 F1 9A FC BD 98 A3 1A 0E 73 01 65
> S'pore 148943 | Disclaimer: I speak only for myself
> * Eifersucht ist eine Leidenschaft, die mit Eifer sucht, was Leiden schafft *
>
>
More information about the bind-users
mailing list