strage Non-existent host/domain
RYAN vAN GINNEKEN
maillist at computerking.ca
Tue Jan 4 21:30:36 UTC 2005
Barry Margolin wrote:
>In article <crd1jp$2nus$1 at sf1.isc.org>,
> RYAN vAN GINNEKEN <maillist at computerking.ca> wrote:
>
>
>
>>>It's coming from the glue record on the GTLD servers, due to the host
>>>registration of NS1.SHOEMASTERS.COM:
>>>
>>>$ whois -h whois.internic.net ns1.shoemasters.com
>>>
>>>Whois Server Version 1.3
>>>
>>>Domain names in the .com and .net domains can now be registered
>>>with many different competing registrars. Go to http://www.internic.net
>>>for detailed information.
>>>
>>> Server Name: NS1.SHOEMASTERS.COM
>>> IP Address: 68.144.231.38
>>> Registrar: TUCOWS INC.
>>> Whois Server: whois.opensrs.net
>>> Referral URL: http://domainhelp.tucows.com
>>>
>>>
>>>
>>>
>>>
>>My interface for nameservers seems to be at telushosting.com rather than
>>TUCOWS. That is what i have a username and password for also a dialog
>>
>>
>
>Lots of registrars seem to be fronts for TUCOWS behind the scenes.
>
>
Sound like a drug deal gone wrong or something, funny thing is that this
is a friend of mine's domain and he
knows even less about dns than me. He is really lost when i tell him he
is registered at TUCOWS when he gave
telus his money oh well that is why i am trying to get this to go for him..
>
>
>>to enter nameservers. However their interface is sucky and does not
>>allow you to enter ip's only names i have waited for 10 days and every
>>time i enter the name ns1.shoemasters.com it adds the old 68.144.231.38
>>address. So i have removed it and am running shoemasters.com on only
>>one nameserver ns1.computerking.ca seems that shoemasters.com has the
>>right address but ns1.shoemasters.com does not. I have emailed telus
>>hosting and they assure me that the ip will update and i should just
>>wait longer (more than 10 days???).
>>
>>
>
>The point is that you need to update a HOST object, not a DOMAIN object.
>All you did was remove ns1.shoemasters.com as a nameserver for the
>DOMAIN, but the host still remained in their registration system
>(waiting for you to add it as a server for other domains). You need to
>find that host object and update it. If you can't figure out how to do
>this, call the technical support people at your registrar.
>
>
>
Thank you for this explanation it seems very clear to me know what i
need to do.
>>>A client can only access the zones that are listed in the view that it
>>>matches. So if you want internal clients to be able to see the public
>>>zones, you need to include them in both views.
>>>
>>>
>>>
>>>
>>>
>>Knowing these are dumb questions please do not be to upset with me for
>>asking. How come the domains worked before internally without adding
>>them to the internal view? If shoemasters.com is hosted from a
>>different ip does it not make it external or is it still considered
>>internal should my local name server not query external names servers
>>like when i lookup google.ca, yahoo.com, or any other address on the
>>web that i look up?
>>
>>
>
>If you have recursion enabled in the internal view, then it can look up
>external domains for its clients by forwarding to external servers. But
>it won't resolve any domains that are delegated to itself if they're not
>in the internal view.
>
>
>
I do have recursion turned on for my internal view and off for my
external view still a bit confused on
this topic. Should i not be able to do a dig for shoemasters.com
without adding it to the internal view.
The host for shoemasters.com is in a different location with a different
ip address is that not delegated to a different server??
here is the named.conf bit about recursion
acl "internal" { 192.168/16; };
view "internal" {
match-clients { "internal"; };
recursion yes;
.........here is a dig of shoemasters.com without being added to the
internal view
; <<>> DiG 8.3 <<>> shoemasters.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51720
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; shoemasters.com, type = A, class = IN
;; Total query time: 8 msec
;; FROM: tokyo.computerking.ca to SERVER: 192.168.0.202
;; WHEN: Tue Jan 4 14:17:57 2005
;; MSG SIZE sent: 33 rcvd: 33
........here is a dig on shoemasters.com after i have added it to the
internal view.
; <<>> DiG 8.3 <<>> shoemasters.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45479
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; shoemasters.com, type = A, class = IN
;; ANSWER SECTION:
shoemasters.com. 1H IN A 68.144.196.18
;; AUTHORITY SECTION:
shoemasters.com. 1H IN NS ns1.computerking.ca.
shoemasters.com. 1H IN NS ns1.shoemasters.com.
;; ADDITIONAL SECTION:
ns1.shoemasters.com. 1H IN A 68.144.196.18
ns1.computerking.ca. 1H IN A 192.168.0.202
;; Total query time: 30 msec
;; FROM: tokyo.computerking.ca to SERVER: 192.168.0.202
;; WHEN: Tue Jan 4 14:09:11 2005
;; MSG SIZE sent: 33 rcvd: 132
........here is a dig on the ybotstudios.com domain that is hosted
locally from the computerking.ca server it is not in the internal view
but seems to work ok anyway
; <<>> DiG 8.3 <<>> ybotstudios.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29190
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; ybotstudios.com, type = A, class = IN
;; ANSWER SECTION:
ybotstudios.com. 1H IN A 68.146.204.152
;; AUTHORITY SECTION:
ybotstudios.com. 1H IN NS ns1.shoemasters.com.
ybotstudios.com. 1H IN NS ns1.computerking.ca.
;; ADDITIONAL SECTION:
ns1.shoemasters.com. 1H IN A 68.144.196.18
ns1.computerking.ca. 1H IN A 192.168.0.202
;; Total query time: 4323 msec
;; FROM: tokyo.computerking.ca to SERVER: 192.168.0.202
;; WHEN: Tue Jan 4 14:13:47 2005
;; MSG SIZE sent: 33 rcvd: 144
As you may notice the FROM section has the server name
tokyo.computerking.ca. I have named my computeking.ca host
tokyo.computerking.ca and had A records for tokyo.computerking.ca,
ns1.computerking.ca and mail1.computerking.ca all pointing to the same
machine/ip address. When i did a dlint it gave errors about this so i
have since removed the A record for tokyo.computerking.ca since it is
not a nameserver or mailserver as dlint suggests for this type of record.
More information about the bind-users
mailing list