Cannot resolve DNS off public dns, but can via nameserver ip

Mike Mackintosh mike.mackintosh at angrystatic.com
Fri Aug 13 22:05:41 UTC 2010


That is correct. I made the change like that to get it working  
temporarily. The registrar is pointing to the angrystatic.com  
nameservers, which the zone file is referencing the  
dns.angryserver.net host. I then had dns.angrystatic.com point to the  
same IP address as dns.angryserver.net, so the domain could be  
resolved. What would the side effects be leaving the NS in the zone  
file to angryserver, but the registrar pointing to angrystatic?

It looks as if the root cause of the problem is that the registrar is  
not handling the glue record correctly, and causing the nameservers to  
be unresolvable.

Thanks,

Mike


On Aug 13, 2010, at 5:53 PM, Lyle Giese wrote:

> Mike Mackintosh wrote:
>> Hi All,
>>
>> I recently set up a new web server for a group of hosts, and mirrored
>> the setup of bind off a working system. For some reason, the DNS is
>> not resolving off public dns server when the nameservers for these
>> domains are directed to this server, and i cannot resolve any of the
>> zones off public DNS but i can if i direct dig to resolve off the
>> server's IP.
>>
>> The major difference is the registrar for the new domains. I am using
>> Site5.Com, and have directed the domains to the new nameservers.
>>
>> Example, the domain is angrserver.net
>>
>> Digging angryserver.net returns a timeout. I registered the name
>> servers below to the correct ip's, 205.186.156.125 and  
>> 205.186.156.124
>> on SIte5.
>>
>> Primary Nameserver: dns.angryserver.net
>> Secondary Nameserver: dns2.angryserver.net
>>
>> Dig angryserver.net @205.186.156.125 returns the correct results.  
>> Bind
>> successfully started.
>>
>> How will the registrar be able to resolve the host name
>> dns.angryserver.net if dns is not propagating? I understand that when
>> you register a domain, the registrar will send the nameserver
>> information to the root servers, which are then queried for your
>> domain when you do a lookup. If dns.angryserver.net and
>> dns2.angryserver.net is not propagated to the root servers, how can  
>> it
>> be resolved to the correct nameserver? Do i need to create an A  
>> record
>> for another domain and point that to the nameservers, and then update
>> my NS records for angryserver.net to use the other domain?
>>
>> Bind is running and the zones are working, its just the whole working
>> across the internet that's getting me confussed.
>>
>> Thanks,
>>
>> Mike
>> ________________
> Mike,
> I notice that if I ask the root servers, it tells me that the
> authorative name servers are dns.angrystatic.com and dns2.angrystatic.com 
> .
>
> But when I ask the servers at ip address 205.186.156.124 and
> 205.186.156.125, they tell me the names of the name servers for that
> domain are dns.angryserver.net and dns2.angryserver.net.
>
> The zone files do not match what the root servers are telling me.
>
> Lyle
>
> ncc1701b:~ # dig @192.5.6.30 angryserver.net
>
> ; <<>> DiG 9.7.1 <<>> @192.5.6.30 angryserver.net
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47316
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;angryserver.net. IN A
>
> ;; AUTHORITY SECTION:
> angryserver.net. 172800 IN NS dns.angrystatic.com.
> angryserver.net. 172800 IN NS dns2.angrystatic.com.
>
> ;; ADDITIONAL SECTION:
> dns.angrystatic.com. 172800 IN A 205.186.156.124
> dns2.angrystatic.com. 172800 IN A 205.186.156.125
>
> ;; Query time: 98 msec
> ;; SERVER: 192.5.6.30#53(192.5.6.30)
> ;; WHEN: Fri Aug 13 16:47:21 2010
> ;; MSG SIZE rcvd: 117
>
> ncc1701b:~ # dig @205.186.156.124 angryserver.net
>
> ; <<>> DiG 9.7.1 <<>> @205.186.156.124 angryserver.net
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2057
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;angryserver.net. IN A
>
> ;; ANSWER SECTION:
> angryserver.net. 3600 IN A 205.186.156.119
>
> ;; AUTHORITY SECTION:
> angryserver.net. 3600 IN NS dns.angryserver.net.
> angryserver.net. 3600 IN NS dns2.angryserver.net.
>
> ;; ADDITIONAL SECTION:
> dns.angryserver.net. 3600 IN A 205.186.156.125
> dns2.angryserver.net. 3600 IN A 205.186.156.124
>
> ;; Query time: 72 msec
> ;; SERVER: 205.186.156.124#53(205.186.156.124)
> ;; WHEN: Fri Aug 13 16:47:41 2010
> ;; MSG SIZE rcvd: 118
>
> ncc1701b:~ # dig @205.186.156.125 angryserver.net
>
> ; <<>> DiG 9.7.1 <<>> @205.186.156.125 angryserver.net
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52826
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;angryserver.net. IN A
>
> ;; ANSWER SECTION:
> angryserver.net. 3600 IN A 205.186.156.119
>
> ;; AUTHORITY SECTION:
> angryserver.net. 3600 IN NS dns2.angryserver.net.
> angryserver.net. 3600 IN NS dns.angryserver.net.
>
> ;; ADDITIONAL SECTION:
> dns.angryserver.net. 3600 IN A 205.186.156.125
> dns2.angryserver.net. 3600 IN A 205.186.156.124
>
> ;; Query time: 72 msec
> ;; SERVER: 205.186.156.125#53(205.186.156.125)
> ;; WHEN: Fri Aug 13 16:47:54 2010
> ;; MSG SIZE rcvd: 118




More information about the bind-users mailing list