[Smaug] Eric, David, Paul, and Mox: Problem at your nameservers

Rick Moen rick at linuxmafia.com
Wed May 18 11:36:23 PDT 2011

[Guys who are CCd:  Your nameservice for scruz.org is broken.  Please
advise.  Thanks.  See below.]

Quoting Peter Belew (peterbe at sonic.net):

> Right now, our http://scruz.org / http://scruz.got.net web site seems
> to be down - in fact got.net seems to be down. Anyone know about that?

First, no.  I pulled up a Web browser and got it immediately.

~ $ lynx -dump www.scruz.org | more
         [1]Smaug - Technology Enthusiasts of Santa Cruz, California

   Meetings and Events

   Mail List

   In order to post on the mail list, it is necessary to join the list.
   Click on "Mail List for SMAUG" below for instructions.

   Smaug Meetings

   We are now meeting at [2]Mr Toots in Capitola Village, at 7:30 pm on
   Thursday evenings.

However, looks like a bunch of our five nameservers are flaking out on

$ whois scruz.org | grep 'Name Server'
Name Server:NS1.SCRUZ.ORG
Name Server:NS2.SCRUZ.ORG
Name Server:NS3.SCRUZ.ORG
Name Server:NS4.SCRUZ.ORG
Name Server:NS5.SCRUZ.ORG
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 
Name Server: 

And, by the way, checking the rest of the 'whois' results confirms that
the domain's still registered and in current, unexpired status:

Domain Name:SCRUZ.ORG
Created On:30-Dec-2001 09:10:30 UTC
Last Updated On:17-May-2006 16:46:17 UTC
Expiration Date:30-Dec-2013 09:10:30 UTC
Sponsoring Registrar:TierraNet Inc. dba DomainDiscover (R86-LROR)
Registrant ID:TNTN-0000311033
Registrant Name:The Linux ETC Company

Querying each of the five nameservers for the 'SOA' record, which
includes the zonefile S/N subfield and the (subfield that by social
convention is) location of the master nameserver:

$ dig -t soa scruz.org +short @NS1.SCRUZ.ORG
ns1.scruz.org. rick.deirdre.NET. 2008072800 10800 3600 2419200 86400
$ dig -t soa scruz.org +short @NS2.SCRUZ.ORG
;; connection timed out; no servers could be reached
$ dig -t soa scruz.org +short @NS3.SCRUZ.ORG
$ dig -t soa scruz.org +short @NS4.SCRUZ.ORG
;; connection timed out; no servers could be reached
$ dig -t soa scruz.org +short @NS5.SCRUZ.ORG
;; connection timed out; no servers could be reached

ns1.scruz.org is identified in the first return result as the master
nameserver.  It, as a reminder, is _my_ nameserver, IP,
better known as linuxmafia.com.  The other four you can identify by a
couple of uses of the 'dig' command, but I happen to have a cheatsheet
in my /etc/bind/named.conf.local file's stanza for scruz.org:

//For the Smaug group
zone "scruz.org" {
        type master;
        file "/etc/bind/scruz.org.zone";
        allow-query { any; };
        allow-transfer {
        //Eric Cain <ecain at phosphor.net>, 408-293-3829
        //ns2.scruz.org aka ns1.phosphor.net is:;
        //David A. Gatwood <dgatwood at gatwood.net>, 408-974-7347
        //ns3.scruz.org aka ns.infiniteloopfilms.com is:;
        //Paul Hall <paul at csumb.edu>, 831 402 2311 cell
        //ns4.scruz.org is:;
        //Max Baker, max at warped.org, maxbaker at gmail.com
        //ns5 aka ns.portalpotty.net is:;

Wow, guys:  Four out of five nameservers flaking out is disappointing.
I hope y'all fix that.

I neglected to add a comment line to /etc/bind/named.conf.local with 
contact information for Crawford Rainwater of Linux Etc Company, who
kindly picks up the tab for the domain renewals and is owner of the
domain.  I'll go find his contact information and remedy that omission.  

I think I'll need to write him to add an additional nameserver --
possibly more than one if our four misbehaving nameservers aren't fixed,
but I have in mind to add SVLUG's nameserver.

And, Peter?  Above shows how to meaningfully diagnose connectivity
problems.  You start with:  Is the domain still registered?  Good.
What are its nameservers?  Do each of the nameservers respond with the
correct data, e.g., serve up the same zonefile S/N in the SOA record?
Do they serve up the correct IP for 'www', etc.?  Finally, does the IP
respond to ping, and can you pull down the desired content from port 80
(HTTP), e.g., with lynx?

Those data are meaningful.  Just saying 'the site is down' doesn't
actually say anything specific.  It just lets other people know that
_you_ had a problem, but not anything about why or how, which is
probably not what you want.

Finally, it's obvious that some sort of periodic checking of the
nameservice will be necessary going forward.  Here's a cron script I've
written to send me a weekly report every Sunday about the six
nameservers for my _own_ domain, linuxmafia.com:


# mydomains     Cron script to sanity-check my domain's SOA records at
#               all of its authoritative nameservers, as a quick and 
#               dirty way of making sure (1) they're all online and
#               (2) they're all serving up the same data (or at least
#               data with the same zonefile serial number).
#               The script queries all five nameservers for their current
#               SOA value (for linuxmafia.com), and then uses awk to parse 
#               out of that verbose record just the S/N field, which is 
#               field #3.  The point is that you can visually spot offline 
#               or aberrant nameservers by their S/Ns being (respectively) 
#               missing or an out-of-step value.
#		Written by Rick Moen (rick at linuxmafia.com)
#		$Id: cron.weekly,v 1.02 2009/11/17 17:04:05 rick

set -o errexit  #aka "set -e": exit if any line returns non-true value
set -o nounset  #aka "set -u": exit upon finding an uninitialised variable

test -x /usr/bin/mail || exit 0

dig -t soa linuxmafia.com. @NS.PRIMATE.NET. +short | awk {'print $3'}
dig -t soa linuxmafia.com. @NS.TX.PRIMATE.NET. +short | awk {'print $3'}
dig -t soa linuxmafia.com. @NS3.LINUXMAFIA.COM. +short | awk {'print $3'}
dig -t soa linuxmafia.com. @NS1.THECOOP.NET. +short | awk {'print $3'}
dig -t soa linuxmafia.com. @NS1.LINUXMAFIA.COM. +short | awk {'print $3'}
} |
/usr/bin/mail -s "Domain linuxmafia.com SOA check" rick at linuxmafia.com

That's trivial and I don't think it even is entitled to copyright, but
if it is, consider this line included:

Copyright (C) Rick Moen, 2011.  Do anything you want with this work.

How about a few of you who run Linux or some other *ix on something
(including Mac OS X) step forward and say 'Good idea.  I'll be running
that as a cronjob from now on, to monitor Smaug's DNS'?  Anyone?

More information about the Smaug mailing list