[svlug] DNS still driving me nuts

Rafael raffi at linwin.com
Wed Aug 9 10:58:01 PDT 2000
Previous message: [svlug] DNS still driving me nuts
Next message: [svlug] ftpd - which one?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Warning: I do not possess whole DNS gravitas unless paid to say otherwise!
But you did not provide much info. Logs are very important if you can get
your hands on!

However, we can use Unix tools and poke around ...

On Wed, 9 Aug 2000, Robert L. Harris wrote:

> 
> 
> It's a follow up of sorts. 
> 
> Basicaly,
>   From my domain, rnd-consulting.com I loose dns to sunline.net until
> bind is restarted.  My wife and I have family down there and send quite
> a few emails every few days down there.  It's a small paper in florida
> that also is the local ISP.
> 
>   In order to get any kind of reliable resolves, I have to cron a bind
> restart for every 6 hours.  It's driving me nutz to have this.  i'm not
> running windows here...

6 hours looks like a default timeout of kind for me. Another words, DNS
records expire in 6 hours. I assume that 

SUNLINE.NET     nameserver = DNS1.SUNLINE.NET
SUNLINE.NET     nameserver = DNS1.UTELFLA.COM

are primary DNS servers. All others get the info from them. I do not
understand why would you have a problem? Are you trying to be a secondary
of some sort and your records expire because they don't get pulled from
the primary? Primary servers would not allow to pull records by an
unauthorized secondary if they are setup correctly.

If I can get to the SUNLINE.NET domain then you should also, without any
timeout unless your resolver is looking to the wrong place, like the
unauthorized secondary as I mentioned above. I would look into
/var/log/messages to see what is in there in regards to DNS depending on
your syslog setup. Your DNS might be using separate log files, check for
that.

Your server seem to be serving the correct info:
server NS1.RND-CONSULTING.COM
Default Server:  NS1.RND-CONSULTING.COM
Address:  208.37.210.162

> SUNLINE.NET.
Server:  NS1.RND-CONSULTING.COM
Address:  208.37.210.162

Non-authoritative answer:
SUNLINE.NET     nameserver = DNS1.SUNLINE.NET
SUNLINE.NET     nameserver = DNS1.UTELFLA.COM

Authoritative answers can be found from:
DNS1.SUNLINE.NET        internet address = 207.30.56.2
DNS1.UTELFLA.COM        internet address = 138.210.81.3

but in reverse order compared to WHOIS records.

The only other possibility is that the primary might be setup incorrectly.
That would be DNS1.SUNLINE.NET according to whois records. However, your
server lists DNS1.UTELFLA.COM. Which one is it? I assume the admin makes
changes to one system and the other one is a secondary. Make sure ISP is a
true secondary, my first choice because you have complete control of the
domain. I had to walk into local ISP best.com NOC (they were in the next
building :-) about a year ago to convince the guys that their server
pointed "our domain" to an abondened virtual domain. Forward record was OK
feeding from our primary DNS, the reverse was bad, pointing to IP that was
not ours and the email went nuts.

dig -x 
; <<>> DiG 8.2 <<>> -x
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      2.56.30.207.in-addr.arpa, type = ANY, class = IN

;; ANSWER SECTION:
2.56.30.207.in-addr.arpa.  1D IN PTR  dns.sunline.net.

;; AUTHORITY SECTION:
56.30.207.in-addr.arpa.  1D IN NS  dns.sunline.net.
56.30.207.in-addr.arpa.  1D IN NS  dns1.utelfla.com.

;; ADDITIONAL SECTION:
dns.sunline.net.        3h29m12s IN A   207.30.56.2
dns1.utelfla.com.       1D IN A         138.210.81.3

;; Total query time: 664 msec
;; FROM: krpan to SERVER: default -- 204.247.91.11
;; WHEN: Wed Aug  9 17:40:31 2000
;; MSG SIZE  sent: 42  rcvd: 169

======== Notice the difference:
from dig
  dns.sunline.net.        3h29m12s IN A   207.30.56.2

from server NS1.RND-CONSULTING.COM
  SUNLINE.NET     nameserver = DNS1.SUNLINE.NET

 NSI - WHOIS Search Results (p3 of 4)
   Domain servers in listed order:

   DNS1.SUNLINE.NET             207.30.56.2
                                           

from NSI - WHOIS Search Results (p3 of 4)

   Domain servers in listed order:

   NS1.RND-CONSULTING.COM       208.37.210.162
   NS2.RND-CONSULTING.COM       208.37.210.163

Sorry could not be of more help but that's what you get for free :-)

Oh, don't forget to read DNS and BIND from O'Reilly if you happen to be
the sysadmin for the domain.

>   I can't find any kind of expiriation irregularities.  And I've had some
> friends look at both domains, no go.  We've got to be missing something
> really weird.
> 
> If anyone can help, I'd really appreciate it.
> 
> Robert
> 
> 

   O__  ---- Rafael Skodlar
  c/ /'_ --- Linux Imagineer since 1994
 (*) \(*) -- There is a tunnel at the end of light.
Previous message: [svlug] DNS still driving me nuts
Next message: [svlug] ftpd - which one?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the svlug mailing list