DNS probs
Jeremy Gardner
jeremy at quetico.net
Sun Mar 4 23:55:51 UTC 2001
David,
That explains everything. I guess I assumed that I only needed to worry
about dns1 and dns2, since they were listed as the servers for the domain,
but I obviously assumed wrong.
Always more to learn about DNS...
Thanks for the help!
Jeremy
On Sun, 4 Mar 2001, David Tonhofer wrote:
>
> Maybe a partial answer (warning: non-DNS-guru):
>
> 1) Is it confusing for DNS to have SOA records on one machine
> (pierna.quetico.net) and primary/secondary nameservers
> (dns[12].avalon.net) on different machines? Probably not..
>
> 2) Did you forget to correct dns[34].avalon.net & sleepy.giant.net?
>
> dig @dns1.avalon.net avalon.net NS
> avalon.net. 43200 IN NS dns4.avalon.net.
> avalon.net. 43200 IN NS sleepy.giant.net.
> avalon.net. 43200 IN NS dns1.avalon.net.
> avalon.net. 43200 IN NS dns2.avalon.net.
> avalon.net. 43200 IN NS dns3.avalon.net.
>
> On selene.circadence.com:
>
> AVALON.net. 80939 IN NS dns1.avalon.net.
> AVALON.net. 80939 IN NS SLEEPY.GIANT.net.
> AVALON.net. 80939 IN NS DNS2.AVALON.net.
>
> Checking out these machines for the address of pierna:
>
> dns1.avalon.net:
> pierna.quetico.net. 43200 IN A 198.76.15.10
>
> dns2.avalon.net:
> pierna.quetico.net. 43200 IN A 198.76.15.10
>
> sleepy.giant.net
> pierna.quetico.net. 172421 IN A 63.231.71.27
> (~2days)
>
> Sleepy giant would give a wrong authoritative answer.
> Guess it needs an update? dns[34].avalon.net are ok, though.
>
> Best regards,
>
> -- David
>
>
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Jeremy Gardner
> Sent: Sunday, March 04, 2001 8:59 PM
> To: bind-users at isc.org
> Subject: DNS probs
>
>
>
>
> Hello,
>
> I am running BIND 9.1.0 on Linux. I control the forward
> mapping for several domains that I host. My ISP (Solucian)
> controls the reverse mapping. Any updates I make to DNS
> are then forwarded to a second ISP (Avalon), which provides
> primary and secondary DNS for these domains.
>
> Last week I switched my ISP from local telco to Solucian.
> At the time, my DNS server (pierna.quetico.net) was listed
> as primary DNS for several of the domains, and Avalon was
> listed as seconary. Since my IP address was going to change
> in the ISP switch, my goal was to make Avalon primary and
> secondary for these domains and thus the "outside world"
> would always have valid DNS servers for the domains.
>
> Unfortunately, my ISP switch happened sooner than expected
> and I was unable to update my listed primary/secondary DNS
> servers with the registered companies. This meant that the
> primary DNS server for the domains was unavailable for a
> couple of days. I have since been able to make these changes,
> but it appears that several DNS servers out there aren't
> picking up the changes completely.
>
> The domain is quetico.net. My main server's hostname is
> pierna.quetico.net. Its old IP address was 63.231.71.27.
> Its new IP address is 198.76.15.10. It handles any
> requests for quetico.net.
>
> The primary and secondary DNS servers for the domain are
> dns1.avalon.net (204.71.106.8) and dns2.avalon.net
> (204.71.106.2).
>
> An example of a DNS server is selene.circadence.com. When
> I run dig against this server on pierna.quetico.net, I get
> the following output:
>
> =====
> ; <<>> DiG 8.2 <<>> pierna.quetico.net @selene.circadence.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; pierna.quetico.net, type = A, class = IN
>
> ;; ANSWER SECTION:
> pierna.quetico.net. 1d23h22m13s IN A 63.231.71.27
>
> ;; AUTHORITY SECTION:
> quetico.net. 1d23h22m13s IN NS DNS1.AVALON.net.
> quetico.net. 1d23h22m13s IN NS DNS2.AVALON.net.
>
> ;; ADDITIONAL SECTION:
> DNS1.AVALON.net. 1d1h3m53s IN A 204.71.106.8
> DNS2.AVALON.net. 1d1h3m53s IN A 204.71.106.2
>
> ;; Total query time: 92 msec
> ;; FROM: pierna to SERVER: selene.circadence.com 206.246.40.50
> ;; WHEN: Sun Mar 4 12:50:23 2001
> ;; MSG SIZE sent: 36 rcvd: 140
> =====
>
> I'm not an authority on dig, but my understanding is this means
> that my record will be cached for 1d, 23h, 22m, 13s. It seems
> to have a time-out value (TTL) of 2d. I just watched it count
> down to 0 (zero) this morning, and it never got the new IP
> address.
>
> When I run dig against the same server for quetico.net,
> everything looks good:
>
> =====
> ; <<>> DiG 8.2 <<>> quetico.net @selene.circadence.com
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; quetico.net, type = A, class = IN
>
> ;; ANSWER SECTION:
> quetico.net. 10h49m36s IN A 198.76.15.10
>
> ;; AUTHORITY SECTION:
> quetico.net. 1d23h7m28s IN NS DNS1.AVALON.NET.
> quetico.net. 1d23h7m28s IN NS DNS2.AVALON.NET.
>
> ;; ADDITIONAL SECTION:
> DNS1.AVALON.NET. 1d49m8s IN A 204.71.106.8
> DNS2.AVALON.NET. 1d49m8s IN A 204.71.106.2
>
> ;; Total query time: 94 msec
> ;; FROM: pierna to SERVER: selene.circadence.com 206.246.40.50
> ;; WHEN: Sun Mar 4 13:05:10 2001
> ;; MSG SIZE sent: 29 rcvd: 125
> =====
>
> My intention was to configure the time-out value (TTL) for my
> domain to be 12h. Here is my local zone file:
>
> =====
> $TTL 12h
> @ IN SOA pierna.quetico.net. jeremy.quetico.net. (
> 2001030100 ; Serial
> 3h ; Refresh 3 hours
> 1h ; Retry 1 hour
> 1w ; Expire 1 week (168 hours)
> 12h ) ; minimum 12 hours
>
> IN A 198.76.15.10
>
> IN NS dns1.avalon.net.
> IN NS dns2.avalon.net.
>
> IN MX 10 pierna.quetico.net.
> IN MX 20 argo.quetico.net.
>
> localhost IN A 127.0.0.1
>
> argo IN A 204.71.106.169
> www IN CNAME pierna.quetico.net.
> pierna IN A 198.76.15.10
> darky IN A 198.76.15.11
> shade IN A 198.76.15.12
> =====
>
> When I run dig against the primary DNS server (dns1.avalon.net),
> I get the following output:
>
> =====
> ; <<>> DiG 8.2 <<>> pierna.quetico.net @dns1.avalon.net
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> ;; QUERY SECTION:
> ;; pierna.quetico.net, type = A, class = IN
>
> ;; ANSWER SECTION:
> pierna.quetico.net. 12H IN A 198.76.15.10
>
> ;; AUTHORITY SECTION:
> quetico.net. 12H IN NS dns1.avalon.net.
> quetico.net. 12H IN NS dns2.avalon.net.
>
> ;; ADDITIONAL SECTION:
> dns1.avalon.net. 12H IN A 204.71.106.8
> dns2.avalon.net. 12H IN A 204.71.106.2
>
> ;; Total query time: 124 msec
> ;; FROM: pierna to SERVER: dns1.avalon.net 204.71.106.8
> ;; WHEN: Sun Mar 4 13:03:20 2001
> ;; MSG SIZE sent: 36 rcvd: 129
> =====
>
> Am I doing something wrong? I thought that once I updated
> master records so that dns1 and dns2 were primary, any
> DNS server out there would be able to talk to them and
> get the updated IP address for pierna.quetico.net.
>
> Is it because pierna.quetico.net was a registered DNS server?
> I updated its IP address with the registrar (netwizards.net).
>
> Is it because pierna was the primary DNS server, and then
> became unavailable with the IP address change? And thus DNS
> servers out there keep trying the old IP address?
>
> Any idea why are the DNS servers getting the correct DNS
> information for quetico.net, but not pierna.quetico.net?
>
> It looks like my old ISP (telco company) is still providing
> reverse mapping for my old IP address, if that matters.
>
> Thanks for any help!
> Jeremy
>
>
>
>
____________________________
"All of life's riddles are
answered in the movies"
Steve Martin, GRAND CANYON
____________________________
More information about the bind-users
mailing list