DNS probs

Jeremy Gardner jeremy at quetico.net
Mon Mar 5 03:29:52 UTC 2001



I do have one question about this then.

Depending on where mail is being sent from, some goes directly to
pierna.quetico.net, some goes to argo.quetico.net (the backup mail server
for my domain).  

How come some servers are referencing the incorrect entries
in sleepy.giant.net, whereas other servers dont' seem to pick up any
reference to sleepy.giant.net at all?

Thanks!
Jeremy


On Sun, 4 Mar 2001, David Tonhofer wrote:

> 
> Maybe a partial answer (warning: non-DNS-guru):
> 
> 1) Is it confusing for DNS to have SOA records on one machine
>    (pierna.quetico.net) and primary/secondary nameservers 
>    (dns[12].avalon.net) on different machines? Probably not..
> 
> 2) Did you forget to correct dns[34].avalon.net & sleepy.giant.net?
> 
> dig @dns1.avalon.net avalon.net NS
> avalon.net.             43200   IN      NS      dns4.avalon.net.
> avalon.net.             43200   IN      NS      sleepy.giant.net.
> avalon.net.             43200   IN      NS      dns1.avalon.net.
> avalon.net.             43200   IN      NS      dns2.avalon.net.
> avalon.net.             43200   IN      NS      dns3.avalon.net.
> 
> On selene.circadence.com:
> 
> AVALON.net.    80939   IN      NS      dns1.avalon.net.
> AVALON.net.    80939   IN      NS      SLEEPY.GIANT.net.
> AVALON.net.    80939   IN      NS      DNS2.AVALON.net.
> 
> Checking out these machines for the address of pierna:
> 
> dns1.avalon.net:
> pierna.quetico.net.     43200   IN      A       198.76.15.10
> 
> dns2.avalon.net:
> pierna.quetico.net.     43200   IN      A       198.76.15.10
> 
> sleepy.giant.net
> pierna.quetico.net.     172421  IN      A       63.231.71.27
>                        (~2days)
> 
> Sleepy giant would give a wrong authoritative answer. 
> Guess it needs an update? dns[34].avalon.net are ok, though.
> 
> Best regards,
> 
> 	-- David
> 
> 
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Jeremy Gardner
> Sent: Sunday, March 04, 2001 8:59 PM
> To: bind-users at isc.org
> Subject: DNS probs
> 
> 
> 
> 
> Hello,
> 
> I am running BIND 9.1.0 on Linux.  I control the forward 
> mapping for several domains that I host.  My ISP (Solucian) 
> controls the reverse mapping.  Any updates I make to DNS 
> are then forwarded to a second ISP (Avalon), which provides 
> primary and secondary DNS for these domains.
> 
> Last week I switched my ISP from local telco to Solucian.  
> At the time, my DNS server (pierna.quetico.net) was listed 
> as primary DNS for several of the domains, and Avalon was 
> listed as seconary.  Since my IP address was going to change 
> in the ISP switch, my goal was to make Avalon primary and 
> secondary for these domains and thus the "outside world" 
> would always have valid DNS servers for the domains.
> 
> Unfortunately, my ISP switch happened sooner than expected 
> and I was unable to update my listed primary/secondary DNS 
> servers with the registered companies.  This meant that the
> primary DNS server for the domains was unavailable for a
> couple of days.  I have since been able to make these changes, 
> but it appears that several DNS servers out there aren't 
> picking up the changes completely.
> 
> The domain is quetico.net.  My main server's hostname is 
> pierna.quetico.net.  Its old IP address was 63.231.71.27.  
> Its new IP address is 198.76.15.10.  It handles any
> requests for quetico.net.
> 
> The primary and secondary DNS servers for the domain are
> dns1.avalon.net (204.71.106.8) and dns2.avalon.net 
> (204.71.106.2).
> 
> An example of a DNS server is selene.circadence.com.  When
> I run dig against this server on pierna.quetico.net, I get 
> the following output:
> 
> =====
> ; <<>> DiG 8.2 <<>> pierna.quetico.net @selene.circadence.com 
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;;      pierna.quetico.net, type = A, class = IN
> 
> ;; ANSWER SECTION:
> pierna.quetico.net.     1d23h22m13s IN A  63.231.71.27
> 
> ;; AUTHORITY SECTION:
> quetico.net.            1d23h22m13s IN NS  DNS1.AVALON.net.
> quetico.net.            1d23h22m13s IN NS  DNS2.AVALON.net.
> 
> ;; ADDITIONAL SECTION:
> DNS1.AVALON.net.        1d1h3m53s IN A  204.71.106.8
> DNS2.AVALON.net.        1d1h3m53s IN A  204.71.106.2
> 
> ;; Total query time: 92 msec
> ;; FROM: pierna to SERVER: selene.circadence.com  206.246.40.50
> ;; WHEN: Sun Mar  4 12:50:23 2001
> ;; MSG SIZE  sent: 36  rcvd: 140
> =====
> 
> I'm not an authority on dig, but my understanding is this means
> that my record will be cached for 1d, 23h, 22m, 13s.  It seems
> to have a time-out value (TTL) of 2d.  I just watched it count 
> down to 0 (zero) this morning, and it never got the new IP 
> address.
> 
> When I run dig against the same server for quetico.net, 
> everything looks good:
> 
> =====
> ; <<>> DiG 8.2 <<>> quetico.net @selene.circadence.com 
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;;      quetico.net, type = A, class = IN
> 
> ;; ANSWER SECTION:
> quetico.net.            10h49m36s IN A  198.76.15.10
> 
> ;; AUTHORITY SECTION:
> quetico.net.            1d23h7m28s IN NS  DNS1.AVALON.NET.
> quetico.net.            1d23h7m28s IN NS  DNS2.AVALON.NET.
> 
> ;; ADDITIONAL SECTION:
> DNS1.AVALON.NET.        1d49m8s IN A    204.71.106.8
> DNS2.AVALON.NET.        1d49m8s IN A    204.71.106.2
> 
> ;; Total query time: 94 msec
> ;; FROM: pierna to SERVER: selene.circadence.com  206.246.40.50
> ;; WHEN: Sun Mar  4 13:05:10 2001
> ;; MSG SIZE  sent: 29  rcvd: 125
> =====
> 
> My intention was to configure the time-out value (TTL) for my 
> domain to be 12h.  Here is my local zone file:
> 
> =====
> $TTL 12h
> @       IN SOA  pierna.quetico.net. jeremy.quetico.net. (
>                 2001030100      ; Serial
>                 3h              ; Refresh 3 hours
>                 1h              ; Retry 1 hour
>                 1w              ; Expire 1 week (168 hours)
>                 12h )           ; minimum 12 hours
> 
>                 IN      A       198.76.15.10
> 
>                 IN      NS      dns1.avalon.net.
>                 IN      NS      dns2.avalon.net.
> 
>                 IN      MX      10      pierna.quetico.net.
>                 IN      MX      20      argo.quetico.net.
>       
> localhost       IN      A       127.0.0.1
> 
> argo            IN      A       204.71.106.169
> www             IN      CNAME   pierna.quetico.net.
> pierna          IN      A       198.76.15.10
> darky           IN      A       198.76.15.11
> shade           IN      A       198.76.15.12
> =====
> 
> When I run dig against the primary DNS server (dns1.avalon.net), 
> I get the following output:
> 
> =====
> ; <<>> DiG 8.2 <<>> pierna.quetico.net @dns1.avalon.net 
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;;      pierna.quetico.net, type = A, class = IN
> 
> ;; ANSWER SECTION:
> pierna.quetico.net.     12H IN A        198.76.15.10
> 
> ;; AUTHORITY SECTION:
> quetico.net.            12H IN NS       dns1.avalon.net.
> quetico.net.            12H IN NS       dns2.avalon.net.
> 
> ;; ADDITIONAL SECTION:
> dns1.avalon.net.        12H IN A        204.71.106.8
> dns2.avalon.net.        12H IN A        204.71.106.2
> 
> ;; Total query time: 124 msec
> ;; FROM: pierna to SERVER: dns1.avalon.net  204.71.106.8
> ;; WHEN: Sun Mar  4 13:03:20 2001
> ;; MSG SIZE  sent: 36  rcvd: 129
> =====
> 
> Am I doing something wrong?  I thought that once I updated 
> master records so that dns1 and dns2 were primary, any
> DNS server out there would be able to talk to them and
> get the updated IP address for pierna.quetico.net.
> 
> Is it because pierna.quetico.net was a registered DNS server?
> I updated its IP address with the registrar (netwizards.net).
> 
> Is it because pierna was the primary DNS server, and then 
> became unavailable with the IP address change?  And thus DNS
> servers out there keep trying the old IP address?
> 
> Any idea why are the DNS servers getting the correct DNS 
> information for quetico.net, but not pierna.quetico.net?
> 
> It looks like my old ISP (telco company) is still providing
> reverse mapping for my old IP address, if that matters.
> 
> Thanks for any help!
> Jeremy
> 
> 
> 
> 


____________________________

 "All of life's riddles are 
   answered in the movies"

 Steve Martin, GRAND CANYON
____________________________ 




More information about the bind-users mailing list