myNIC registration requirements

asenec at asenec.dallas.nationwide.net asenec at asenec.dallas.nationwide.net
Wed Aug 18 06:05:07 UTC 1999 

Yes, I see what you are saying about the primary/authoritative response.
But why is the response non-authoritative:

# nslookup -q=any smartchoice.com.my 216.121.32.12
Server:  magnesium.colossus.net
Address:  216.121.32.12

Non-authoritative answer:
smartchoice.com.my
	origin = magnesium.colossus.net
	mail addr = hostmaster.regihost.net
	serial = 99081115
	refresh = 86400 (1 day)
	retry   = 7200 (2 hours)
	expire  = 3600000 (41 days 16 hours)
	minimum ttl = 172800 (2 days)
smartchoice.com.my	nameserver = magnesium.colossus.net
smartchoice.com.my	nameserver = quartz.colossus.net
smartchoice.com.my	internet address = 216.121.100.228
smartchoice.com.my	preference = 10, mail exchanger = mail.smartchoice.com.my

Authoritative answers can be found from:
smartchoice.com.my	nameserver = magnesium.colossus.net
smartchoice.com.my	nameserver = quartz.colossus.net
magnesium.colossus.net	internet address = 216.121.32.12
quartz.colossus.net	internet address = 209.78.16.5
mail.smartchoice.com.my	internet address = 216.121.100.228
# nslookup 216.121.32.12
Server:  localhost
Address:  127.0.0.1

Name:    magnesium.colossus.net
Address:  216.121.32.12

# 

I get an authoritative answer from this nameserver
when I query a domain which is already registered;
a non-authoritative answer from this nameserver for
a domain which is not registered:

# nslookup 
Default Server:  localhost
Address:  127.0.0.1

> set type=any
> oakwell.com.my
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
oakwell.com.my	nameserver = magnesium.colossus.net
oakwell.com.my	nameserver = quartz.colossus.net
oakwell.com.my	internet address = 209.182.56.80

Authoritative answers can be found from:
oakwell.com.MY	nameserver = magnesium.colossus.net
oakwell.com.MY	nameserver = quartz.colossus.net
magnesium.colossus.net	internet address = 216.121.32.12
quartz.colossus.net	internet address = 209.78.16.5
> exit
# nslookup -q=any oakwell.com.my 216.121.32.12
Server:  magnesium.colossus.net
Address:  216.121.32.12

oakwell.com.my
	origin = magnesium.colossus.net
	mail addr = hostmaster.regihost.net
	serial = 99060703
	refresh = 86400 (1 day)
	retry   = 7200 (2 hours)
	expire  = 3600000 (41 days 16 hours)
	minimum ttl = 172800 (2 days)
oakwell.com.my	nameserver = magnesium.colossus.net
oakwell.com.my	nameserver = quartz.colossus.net
oakwell.com.my	preference = 10, mail exchanger = mail.oakwell.com.my
oakwell.com.my	internet address = 209.182.56.80
oakwell.com.my	nameserver = magnesium.colossus.net
oakwell.com.my	nameserver = quartz.colossus.net
magnesium.colossus.net	internet address = 216.121.32.12
quartz.colossus.net	internet address = 209.78.16.5
mail.oakwell.com.my	internet address = 209.182.56.80
# 

So it would appear that until the domain is registered,
queries would be answered with non-authoritative responses?
Is that a myNIC catch-22, or do I have something configured
wrong (4.9.7)?

As for whether 216.121.32.12 was shown on the registration
form, I can't tell you since the customer submitted the form.

Annette


> | Date: Tue, 17 Aug 1999 22:36:27 -0500 (CDT)
> | From: asenec at asenec.dallas.nationwide.net
> | To: bind-users at isc.org
> | Subject: myNIC registration requirements
> | 
> | Has anyone dealt with this registration agency?
> | Surely they can't have a registration requirement
> | as insane as this:
> | 
> | > NSLOOKUP RESULT:
> | > 
> | > 
> | > 
> | > --- PRIMARY SERVER ---
> | > 
> | > 
> | > nslookup -q=any  smartchoice.com.my  216.121.32.12
> | > 
> | > Server:  magnesium.colossus.net
> | > Address:  216.121.32.12
> | > 
> | > Non-authoritative answer:     <==SHOULD GIVE AN authoritative answer
> | > 
> | > 
> | > 
> | 
> | That was taken from the rejection notification sent by myNIC to 
> | the party attempting to register the domain.  
> | 
> | Going at this from a different approach, short of starting named and blocking
> | all the world from the nameserver, except for myNIC, how could one possibly
> | guarantee an authoritative response from a nameserver for a particular
> | domain?  Am I missing something here?
> 
> If the nameserver was listed as primary NS in the registration template,
> it *should* give an authoritative response. 
> 
> I had my disagreements with MYNIC over issues like requiring that the
> SOA mhost be listed as nameserver (effectively diallowing stealth primaries
> behind firewalls) and others, but at first look this looks ok.
> I also disgree with them using nslookup for the test (as nslookup has
> a few interesting bugs that sometimes trigger rejections from MyNIC,
> when dig shows the domain to be ok).
> 
> To know better whether this is ok or not, we would know what the template 
> looked like you sent in.  Did it list 216.121.32.12 as nameserver for the 
> domain requested?
> 
> | 
> | Annette
> | 
> 
> Mathias Koerber	  | Tel: +65 / 471 9820    |   mathias at staff.singnet.com.sg
> SingNet NOC	  | Fax: +65 / 475 3273    |            mathias at koerber.org
> Q'town Tel. Exch. | PGP: Keyid: 768/25E082BD, finger mathias at singnet.com.sg
> 2 Stirling Rd     |      1A 8B FC D4 93 F1 9A FC BD 98 A3 1A 0E 73 01 65
> S'pore 148943     | Disclaimer: I speak only for myself
> * Eifersucht ist eine Leidenschaft, die mit Eifer sucht, was Leiden schafft *
> 
>

More information about the bind-users mailing list