Locating bogus DNS info?

Sam Leffler sam at errno.com
Sat Oct 27 18:00:16 UTC 2001 

I've got a problem with the domain errno.com.  I changed providers and
updated my info at NSI on 9/5/01. Everything seemed ok, but now the
top-level servers show an old address for a host in my domain. I'm trying to
understand who's supplying the bogus info.

Here's a top-level server:

gw% dig gw.errno.com @b.gtld-servers.net

; <<>> DiG 8.3 <<>> gw.errno.com @b.gtld-servers.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      gw.errno.com, type = A, class = IN

;; ANSWER SECTION:
gw.errno.com.           2D IN A         209.212.166.34

;; AUTHORITY SECTION:
errno.com.              2D IN NS        BOOG.BUBBLES.com.
errno.com.              2D IN NS        NS.errno.com.

;; ADDITIONAL SECTION:
BOOG.BUBBLES.com.       2D IN A         206.169.163.1
NS.errno.com.           2D IN A         66.124.149.177

;; Total query time: 19 msec
;; FROM: gw.errno.com to SERVER: b.gtld-servers.net  192.33.14.30
;; WHEN: Sat Oct 27 10:39:18 2001
;; MSG SIZE  sent: 30  rcvd: 122

However if you query either NS for the domain you get the right info:

gw% dig gw.errno.com @ns.errno.com

; <<>> DiG 8.3 <<>> gw.errno.com @ns.errno.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;;      gw.errno.com, type = A, class = IN

;; ANSWER SECTION:
gw.errno.com.           1H IN A         66.124.149.177

;; AUTHORITY SECTION:
errno.com.              1H IN NS        ns.errno.com.
errno.com.              1H IN NS        boog.bubbles.com.

;; ADDITIONAL SECTION:
ns.errno.com.           1H IN A         66.124.149.177
boog.bubbles.com.       3h35m38s IN A   206.169.163.1

;; Total query time: 6 msec
;; FROM: gw.errno.com to SERVER: ns.errno.com  66.124.149.177
;; WHEN: Sat Oct 27 10:44:13 2001
;; MSG SIZE  sent: 30  rcvd: 122

gw% dig gw.errno.com @boog.bubbles.com

; <<>> DiG 8.3 <<>> gw.errno.com @boog.bubbles.com
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      gw.errno.com, type = A, class = IN

;; ANSWER SECTION:
gw.errno.com.           1H IN A         66.124.149.177

;; Total query time: 60 msec
;; FROM: gw.errno.com to SERVER: boog.bubbles.com  206.169.163.1
;; WHEN: Sat Oct 27 10:44:28 2001
;; MSG SIZE  sent: 30  rcvd: 46

So where is the old info for gw.errno.com coming from?  I previously was
connected to rhythms.net.  Now my service is through pbi.net. Whois info at
network solutions shows the correct/updated info.  Could they be propagating
the wrong data to the root servers?  If so, how do I get this corrected (I
already tried going through the 1st level tech service but they were
clueless)?

    Sam

More information about the bind-users mailing list