Relevant RFC on A records for NS's

Thu Apr 30 09:38:37 UTC 2009

On Apr 30, 2009, at 1:43 AM, Kal Feher wrote:

> When I clicked on that link the only error was an MNAME error. Did  
> you see
> another error? (I wonder if it was a transient error you observed,  
> because
> it appears different to yours).
> The error according to the report (run against isc.org):
>
> "ERROR: Your SOA (Start of Authority) record states that your master
> (primary) name server is: ns-int.isc.org. That server is not listed  
> at the
> parent servers, which is not correct."

I knew I should have taken a screen shot :)
I consistently get a "No NS A Records at nameservers"

Here is what I see:
http://dl.getdropbox.com/u/340087/Drops/04.30.09/isc.org-report-64e3ad8b-022856.jpg

For the sake of being thorough, here is mine, same error:
http://dl.getdropbox.com/u/340087/Drops/04.30.09/newgeo.com-report-53486995-022950.jpg

> $ dig soa isc.org +short

Well hey, that +shore option is pretty nice, thanks!

> Checking your domain: newgeo.com (did you mean this one or  
> another?). The

No, that one is relevant, though I suspect since this comes back to a  
NS, it is going to say that for all my zones.

> error is a different one.
> Your name servers:
> $ dig ns newgeo.com +short
> ns1.nacio.com.
> ns1.hostwizard.com.
>
> Now the report wants to check each name server:
>
> $ dig ns1.hostwizard.com @ns1.nacio.com +short
> 64.84.37.14
> That worked.
>
> $ dig ns1.nacio.com @ns1.hostwizard.com
>
> ; <<>> DiG 9.4.2-P2 <<>> ns1.nacio.com @ns1.hostwizard.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 24774
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;ns1.nacio.com.                 IN      A
> This one didnt
>
> So to answer your question "what is this error asking of me?". It  
> wants
> ns1.hostwizard.com to reply as ns1.nacio.com did. Specifically to  
> answer an
> A record query for ns1.nacio.com.

To make sure I understand, as I am finding the No A record error on  
average 80% of the random domains I am comparing against...

In my zone for hostwizard.com I would add in
ns1.nacio.com. IN A 64.84.0.18

I am not sure I understand this.  I am not in any way in control of  
ns1.nacio.com.  They merely slave my server.  They obviously have an A  
record for ns1.nacio.com, and can maintain and control that.

I would be adding in an A record, pointing to an IP address, and now  
have to watch and maintain their IP space, to be sure that IP does not  
ever change.  If it does change, and I am not on top of that, things  
are going to get a little wonky.

* Please refer to the screen shots in this email, I am going to toss  
in some test records now, so your results may not match up well if you  
do live testing.
-- 
Scott * If you contact me off list replace talklists@ with scott@ *