DNS ISSUES WITH QWEST

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Thu Oct 17 14:47:52 UTC 2002 

Billy J. Mayberry <webmaster at thecomputercorner.net> wrote:
> Dear whomever,

> I have dns box setup and running

> IP= 65.221.79.32

> Nameservers:

> ns0.thecomputercorner.com
> ns1.thecomputercorner.com


> Here is my problem:

> Using this command:

> dig @205.171.3.65 secure.thecomputercorner.com a
> dig @205.171.3.65 freemail.thecomputercorner.com a
> dig @205.171.3.65 buy.thecomputercorner.com a
> dig @205.171.3.65 phpsys.thecomputercorner.com a
> dig @205.171.3.65 freemail.ohioisonline.com a
> dig @205.171.3.65 phpsys.ohioisonline.com a

> Sometimes one works and the other doesn't or neither work or all
> sorts of wierd stuff.

> What I do know:

> Same registration company
> Same Web Server
> Same Zones (we have been trying to change stuff so the attached zones
> for both domains may be a little off but still don't work)
> Same DNS box and everything is identical
> (AND REMEMBER IT WORKS EVERYWHERE ELSE EXCEPT WITH THIS DNS BOX FROM
> QWEST)

> The ip that I am using with dig is the qwest dns server that I get
> when logged in with my dial-up account.  I have checked with other
> people all around the world and it works fine to all of them and
> never breaks.

> If I point my dialup connection directly to MY dns server
> (65.221.79.32) it works great.  If I log in with my other dialup
> which uses a UUNET dns server it works fine.

> I have been in touch with my isp and they seem to think it's dns but
> I don't think that it is and that they are just beating around the
> bush.

> Attached is named.conf, thecomputercorner.com zone, ohioisonline.com
> zone

> - ----------------------------------------------------------------------
> - ----
> named.conf

> - ----------------------------------------------------------------------
> - ----


> // generated by named-bootconf.pl

> options {
>  directory "/var/named"; 

> // forward first;
>  forwarders {
>   204.192.96.18;
>   204.192.96.20; 
>  };
>  
>  /*
>   * If there is a firewall between you and nameservers you want
>   * to talk to, you might need to uncomment the query-source
>   * directive below.  Previous versions of BIND always asked
>   * questions using port 53, but BIND 8.1 uses an unprivileged
>   * port by default.
>   */
>  // query-source address * port 53;
> };

> // 
> // a caching only nameserver config
> // 

> zone "." IN {
>         type hint;
>         file "named.ca";
> };

> zone "thecomputercorner.com" {
>         type master;
>         file "thecomputercorner.com";
>  also-notify {
>   192.168.0.105;
>   };
>  notify yes;
>         };

> zone "mtgileadonline.com" {
>  type master;
>  file "mtgileadonline.com";
>  also-notify {
>   192.168.0.105;
>   };
>  notify yes;
>  };

> zone "uppersanduskyonline.com" {
>  type master;
>  file "uppersanduskyonline.com";
>  also-notify {
>   192.168.0.105;
>   };
>  notify yes;
>  };

> zone "ohioisonline.com" {
>  type master;
>  file "ohioisonline.com";
>  also-notify {
>   192.168.0.105;
>   };
>  notify yes;
>  };

> zone "marioncouponsonline.com" {
>  type master;
>  file "marioncouponsonline.com";
>  also-notify {
>   192.168.0.105;
>   };
>  notify yes;
>  };


> server 192.168.0.105 {
>  transfers 100;
>  };


> - ----------------------------------------------------------------------
> - ----
> thecomputercorner.com zone
> - ----------------------------------------------------------------------
> - ----

> $ttl 1h
> @ IN SOA ns0.thecomputercorner.com. hostmaster.thecomputercorner.com.
> (
>    1015452701
>    28800
>    7200
>    604800
>    86400 )
>     IN NS ns0.thecomputercorner.com.
>     IN NS ns1.thecomputercorner.com.
>     IN MX 10 mail.thecomputercorner.com.
> ;
> ; DEFINE LOCALHOST
> ;

> localhost   IN  A 127.0.0.1

> ;
> ; DEFINE HOST IN ZONE FILE
> ;

> thecomputercorner.com.   IN A 65.221.79.32
> www    IN A 65.221.79.32
> ftp    IN A 65.221.79.32
> mail    IN A 65.221.79.32

> ;
> ; DEFINE SUB-DOMAINS FOR HOST
> ;

> mysql    IN A 65.221.79.32
> secure    IN A 65.221.79.32
> freemail   IN      A       65.221.79.32
> buy    IN      A 65.221.79.32
> phpsys     IN      A       65.221.79.32
> weather     IN      A       65.221.79.32

> - ----------------------------------------------------------------------
> - ----
> ohioisonline.com zone
> - ----------------------------------------------------------------------
> - ----

> $ttl 1h
> @ IN SOA  ns0.thecomputercorner.com.
> hostmaster.thecomputercorner.com. (
>    1015452702
>    28800
>    7200
>    604800
>    86400 )
>     IN NS ns0.thecomputercorner.com.
>     IN NS ns1.thecomputercorner.com.
>     IN MX 10 mail.ohioisonline.com.
> ;
> ; DEFINE LOCALHOST
> ;

> localhost.ohioisonline.com   IN  A 127.0.0.1

> ;
> ; DEFINE HOST IN ZONE FILE
> ;

> ohioisonline.com.   IN A 65.221.79.32
> www    IN A 65.221.79.32
> ftp    IN A 65.221.79.32
> mail    IN A 65.221.79.32

> ;
> ; DEFINE SUB-DOMAINS FOR HOST
> ;

> freemail   IN      A       65.221.79.32
> phpsys    IN A 65.221.79.32
> - --------------------------------------------------------------------------

> Thank You,

> Billy J. Mayberry
> Owner/Partner/Webmaster
> The Computer Corner
> www.thecomputercorner.net

Well, the setup is broken ( or BROKEN if you preffer)

1/ you have two gluerecords for two nameservers both with the same address.
  what kind of redundadcy do you think you get from this ?
2/ in your zone you don't even have 'A' records for the "two" servers.

in addition you messed it up with rfc2308

Why don't you get at least one slave outside your net ( you can still 
run the master if you like) cost is low to zero.




-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.

More information about the bind-users mailing list