Stale MX Records

Brad Knowles brad.knowles at skynet.be
Fri Jun 15 19:37:04 UTC 2001


At 3:16 PM -0400 6/15/01, Kris Haight wrote:

>  PS - where can I get the tool you used to get this information?

	Another way to look at this information is to use "doc", which 
you can get from <ftp://ftp.shub-internet.org/pub/shub/brad/dns/>. 
Here's the results of running the latest version of doc on your 
domain:

% doc -d firespout.com
Doc-2.2.2: doc -d firespout.com
Doc-2.2.2: Starting test of firespout.com.   parent is com.
Doc-2.2.2: Test date - Fri Jun 15 15:32:38 EDT 2001
DEBUG: digging @a.gtld-servers.net. for soa of com.
soa @a.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @b.gtld-servers.net. for soa of com.
soa @b.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @c.gtld-servers.net. for soa of com.
soa @c.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @d.gtld-servers.net. for soa of com.
soa @d.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @e.gtld-servers.net. for soa of com.
soa @e.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @f.gtld-servers.net. for soa of com.
soa @f.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @g.gtld-servers.net. for soa of com.
soa @g.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @h.gtld-servers.net. for soa of com.
soa @h.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @i.gtld-servers.net. for soa of com.
soa @i.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @j.gtld-servers.net. for soa of com.
soa @j.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @k.gtld-servers.net. for soa of com.
soa @k.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @l.gtld-servers.net. for soa of com.
soa @l.gtld-servers.net. for com. has serial: 2001061401
DEBUG: digging @m.gtld-servers.net. for soa of com.
soa @m.gtld-servers.net. for com. has serial: 2001061401
SOA serial #'s agree for com. domain
Found 3 NS and 3 glue records for firespout.com. @a.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @b.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @c.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @d.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @e.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @f.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @g.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @h.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @i.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @j.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @k.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @l.gtld-servers.net. 
(non-AUTH)
Found 3 NS and 3 glue records for firespout.com. @m.gtld-servers.net. 
(non-AUTH)
DNServers for com.
    === 0 were also authoritatve for firespout.com.
    === 13 were non-authoritative for firespout.com.
Servers for com. (not also authoritative for firespout.com.)
    === agree on NS records for firespout.com.
DEBUG: domserv = dns1.nhvt.net. ns.mindsprung.net. voon.fs.mindsprung.net.
NS list summary for firespout.com. from parent (com.) servers
   == dns1.nhvt.net. ns.mindsprung.net. voon.fs.mindsprung.net.
digging @dns1.nhvt.net. for soa of firespout.com.
soa @dns1.nhvt.net. for firespout.com. serial: 2001061501
ERROR: non-authoritative SOA for firespout.com. from dns1.nhvt.net.
digging @ns.mindsprung.net. for soa of firespout.com.
soa @ns.mindsprung.net. for firespout.com. serial: 2001061501
ERROR: non-authoritative SOA for firespout.com. from ns.mindsprung.net.
digging @voon.fs.mindsprung.net. for soa of firespout.com.
soa @voon.fs.mindsprung.net. for firespout.com. serial: 2001061501
ERROR: NS list from firespout.com. authoritative servers does not
   === match NS list from parent (com.) servers
NS list summary for firespout.com. from authoritative servers
   == ns.mindsprung.net. voon.fs.mindsprung.net.
Checking 0 potential addresses for hosts at firespout.com.
   ==
Summary:
    ERRORS found for firespout.com. (count: 3)
Done testing firespout.com.  Fri Jun 15 15:32:44 EDT 2001


	Clearly, dns1.nhvt.net and ns.mindsprung.net are answering 
non-authoritatively.  This may be caused by the fact that the primary 
nameserver for this zone is screwed up, and what they have available 
has now expired from their authoritative copies, and are answering 
exclusively out of their cache.  Fix the primary, and these problems 
may go away.

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'


More information about the bind-users mailing list