Odd Root Server Issue?

Cricket Liu cricket at menandmice.com
Wed Nov 14 20:27:44 UTC 2001 

> I have the domain 'northroute.net' with DNS of icewall.vianet.ca
> (209.91.128.10) and gwn.vianet.ca (204.187.88.10).  The MX for this domain
> pointed to mail.northroute.net (209.91.181.2).
>
> There is a domain 'ottawahostel.com' with DNS of ***mail.northroute.net
> (207.210.113.4)*** and another server of no relevance.
>
> Now here's the issue.  When I had northroute.net MX pointed to
> mail.northroute.net with a local IP, my name servers reported the correct
> IP, so did the rest of the 'net.  But then all of sudden, name
> server after
> name server started picking up the mail.northroute.net as being the
> 207.210.113.4 which was the old server!  But why?  I had my A record for
> mail.northroute.net pointing to 209.91.181.2!  It WAS working?  When I
> created a new A record it would appear, but mail.northroute.net is
> constantly poisoned.
>
> Here's my assumption.  I think for some reason the ottawahostel.com name
> server entries on the root servers of the 'net were causing bind
> on caching
> servers of the 'net to be poisoned with the wrong IP.  This barely makes
> sense to me since the root servers - a.gtld-servers.net for example showed
> icewall and gwn as the authoritive servers for northroute.net. <sigh>
>
> Ok so here's my fix.  I changed the A record on my servers
> (icewall and gwn)
> to a CNAME (I know that's VERY bad to do for mail!) and pointed it to
> mailhost.northroute.net (209.91.181.2).  This worked, until I took out the
> CNAME yesterday.  It started to break again today.  I've since changed the
> MX to mailbox.northroute.net and killed mail.northroute.net altogether.
>
> Any ideas?  It works now, but I think there's a fundamental flaw
> somewhere.
> Just because a registrar has a name server entry that differs the actual
> authoritive answer, why does this happen??

You've got it right, more or less.  Someone registered mail.northroute.net
with VeriSign GRS at some point, so the gTLD name servers have the wrong (?)
address for mail.northroute.net:

# dig @a.gtld-servers.net. mail.northroute.net. +pfmin
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5450
;; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUERY SECTION:
;;      mail.northroute.net, type = A, class = IN

;; ANSWER SECTION:
mail.northroute.net.    2D IN A         207.210.113.4

You can update that address through Network Solutions or, if that host
isn't running a name server any more, delete it.

cricket

Men & Mice
DNS Software & Services
www.menandmice.com

Attend our next DNS and BIND class!  See
http://www.menandmice.com/8000/8000_dns_training.html
for the schedule and to register for upcoming classes

More information about the bind-users mailing list