subdomain has intermitant problems
Brad Knowles
brad.knowles at skynet.be
Sun Sep 30 16:52:20 UTC 2001
At 1:28 AM +0000 9/30/01, Studio 51 wrote:
> DNS was recently set up for the subdomain games.webflasher.com. Since that
> time (1 week ago), it has worked intermittantly, i.e. it was up ... and now
> it's down. It's resolveable occasionally by some resolvers, and at the same
> time unresolveable by others.
Well, the parent zone has some problems -- one of the two
nameservers for webflasher.com is not answering:
% doc -v webflasher.com.
Doc-2.2.3: doc -v webflasher.com.
Doc-2.2.3: Starting test of webflasher.com. parent is com.
Doc-2.2.3: Test date - Sun Sep 30 12:41:55 EDT 2001
soa @a.gtld-servers.net. for com. has serial: 2001093000
soa @b.gtld-servers.net. for com. has serial: 2001093000
soa @c.gtld-servers.net. for com. has serial: 2001093000
soa @d.gtld-servers.net. for com. has serial: 2001093000
soa @e.gtld-servers.net. for com. has serial: 2001093000
soa @f.gtld-servers.net. for com. has serial: 2001093000
soa @g.gtld-servers.net. for com. has serial: 2001093000
soa @h.gtld-servers.net. for com. has serial: 2001093000
soa @i.gtld-servers.net. for com. has serial: 2001093000
soa @j.gtld-servers.net. for com. has serial: 2001093000
soa @k.gtld-servers.net. for com. has serial: 2001093000
soa @l.gtld-servers.net. for com. has serial: 2001093000
soa @m.gtld-servers.net. for com. has serial: 2001093000
SOA serial #'s agree for com. domain
Found 2 NS and 2 glue records for webflasher.com.
@a.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@b.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@c.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@d.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@e.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@f.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@g.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@h.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@i.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@j.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@k.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@l.gtld-servers.net. (non-AUTH)
Found 2 NS and 2 glue records for webflasher.com.
@m.gtld-servers.net. (non-AUTH)
DNServers for com.
=== 0 were also authoritatve for webflasher.com.
=== 13 were non-authoritative for webflasher.com.
Servers for com. (not also authoritative for webflasher.com.)
=== agree on NS records for webflasher.com.
NS list summary for webflasher.com. from parent (com.) servers
== ns1.conepuppy.com. ns2.conepuppy.com.
DIGERR (NOT_AUTHORIZED): dig @ns1.conepuppy.com. for SOA of
webflasher.com. failed
soa @ns2.conepuppy.com. for webflasher.com. serial: 200108311
NS list from webflasher.com. authoritative servers matches list from
=== parent (com.) servers not authoritative for webflasher.com.
Checking 0 potential addresses for hosts at webflasher.com.
==
Summary:
No errors or warnings issued for webflasher.com.
Incomplete test for webflasher.com. (1)
Done testing webflasher.com. Sun Sep 30 12:42:11 EDT 2001
% dig @ns1.conepuppy.com. webflasher.com. any
; <<>> DiG 9.2.0rc3 <<>> @ns1.conepuppy.com. webflasher.com. any
;; global options: printcmd
;; connection timed out; no servers could be reached
The fact that one of these two nameservers is not answering means
that you could be easily subject to periodic overloads of the one
nameserver that is answering, or anything else that may cause this
one machine to periodically disappear (especially including network
routing problems, etc...). If you had an off-site secondary/slave
server for this zone (and the subdomains), then if the primary/master
happened to be unreachable for a period of time, the slack could be
taken up by the secondary/slave. I'd suggest that you talk to the
folks at secondary.com to see about setting up an off-site
secondary/slave nameserver for your zones.
Furthermore, DNS for the subdomain games.webflasher.com has some
problems, too:
% doc -v games.webflasher.com
Doc-2.2.3: doc -v games.webflasher.com
Doc-2.2.3: Starting test of games.webflasher.com. parent is webflasher.com.
Doc-2.2.3: Test date - Sun Sep 30 12:46:18 EDT 2001
soa @ns1.conepuppy.com. for webflasher.com. has serial: 200108311
soa @ns2.conepuppy.com. for webflasher.com. has serial: 200108311
SOA serial #'s agree for webflasher.com. domain
Found 2 NS and 2 glue records for games.webflasher.com.
@ns1.conepuppy.com. (AUTH)
Found 0 NS and 0 glue records for games.webflasher.com.
@ns2.conepuppy.com. (AUTH)
DNServers for webflasher.com.
=== 2 were also authoritatve for games.webflasher.com.
=== 0 were non-authoritative for games.webflasher.com.
ERROR: Found 2 diff sets of NS records
=== from servers authoritative for games.webflasher.com.
NS list summary for games.webflasher.com. from parent (webflasher.com.) servers
== ns1.conepuppy.com. ns2.conepuppy.com.
soa @ns1.conepuppy.com. for games.webflasher.com. serial: 200109241
soa @ns2.conepuppy.com. for games.webflasher.com. serial:
ERROR: no SOA record for games.webflasher.com. from ns2.conepuppy.com.
ERROR: NS list from games.webflasher.com. authoritative servers does not
=== match NS list from parent (webflasher.com.) servers
NS list summary for games.webflasher.com. from authoritative servers
== ns1.conepuppy.com. ns2.conepuppy.com.
Checking 0 potential addresses for hosts at games.webflasher.com.
==
Summary:
ERRORS found for games.webflasher.com. (count: 3)
Done testing games.webflasher.com. Sun Sep 30 12:46:20 EDT 2001
Now, let's look at these same domains using another DNS debugging
tool, namely DNS Expert Professional 1.6 (see
<http://www.menandmice.com/2000/2100_dns_expert.html>):
DNS Expert
Detailed Report for webflasher.com.
9/30/01, 6:50 PM, using the analysis setting "Everything"
======================================================================
Information
----------------------------------------------------------------------
Serial number: 200108311
Primary name server: ns1.conepuppy.com.
Primary mail server: mail.conepuppy.com.
Number of records: 7 (2 NS, 2 MX, 2 A, 1 CNAME, 0 PTR, 0 Other)
Errors
----------------------------------------------------------------------
No errors
Warnings
----------------------------------------------------------------------
o All name servers for the zone are on the same subnet.
All name servers for the zone are on the same subnet
(66.154.0.*). If the connection to the network breaks, your
domain will become inaccessible.
o Lame delegation received from "ns2.conepuppy.com." for
"56.154.66.in-addr.arpa."
The server "ns2.conepuppy.com." is listed by "buchu.arin.net." as
being authoritative for "56.154.66.in-addr.arpa.", but
"ns2.conepuppy.com." does not contain authoritative data for the
zone.
----------------------------------------------------------------------
end of report
DNS Expert
Detailed Report for games.webflasher.com.
9/30/01, 6:50 PM, using the analysis setting "Everything"
======================================================================
Information
----------------------------------------------------------------------
Serial number: 200109241
Primary name server: ns1.conepuppy.com.
Primary mail server: mail.conepuppy.com.
Number of records: 7 (2 NS, 2 MX, 2 A, 1 CNAME, 0 PTR, 0 Other)
Errors
----------------------------------------------------------------------
o "games.webflasher.com." does not seem to be registered anywhere
A message was received, saying that the domain
"games.webflasher.com." does not exist. This may be because the
domain has not been registered, or because the domain name has
been incorrectly entered.
o Non-authoritative data received from the server "ns2.conepuppy.com."
The server "ns2.conepuppy.com." is listed as being authoritative
for the domain, but it does not contain authoritative data for it.
o Only one of your name servers has autoritative data for the zone.
The server "ns1.conepuppy.com." is the only server that has
authoritaive data for the zone. If this server becomes
unavailable, your domain will become inacessible.
o The secondary mail server "mail2.conepuppy.com." does not respond
The mail server "mail2.conepuppy.com.", which is a secondary mail
server for "games.webflasher.com.", does not seem to be working.
o The hostmaster name "hostmaster.conepuppy." is invalid.
The hostmaster name "hostmaster.conepuppy." that is specified in
the SOA record has invalid syntax.
Warnings
----------------------------------------------------------------------
o The server "ns2.conepuppy.com." claims that the host or domain
"games.webflasher.com." does not exist
When queried, the server "ns2.conepuppy.com." responded with a
message saying that the host or domain "games.webflasher.com."
did not exist.
o Lame delegation received from "ns2.conepuppy.com." for
"59.154.66.in-addr.arpa."
The server "ns2.conepuppy.com." is listed by
"arrowroot.arin.net." as being authoritative for
"59.154.66.in-addr.arpa.", but "ns2.conepuppy.com." does not
contain authoritative data for the zone.
----------------------------------------------------------------------
end of report
> Me=confused - can anyone shed some light on this situation for me?
I hope that the above information is sufficiently detailed.
--
Brad Knowles, <brad.knowles at skynet.be>
H4sICIFgXzsCA2RtYS1zaWcAPVHLbsMwDDvXX0H0kkvbfxiwVw8FCmzAzqqj1F4dy7CdBfn7
Kc6wmyGRFEnvvxiWQoCvqI7RSWTcfGXQNqCUAnfIU+AT8OZ/GCNjRVlH0bKpguJkxiITZqes
MxwpSucyDJzXxQEUe/ihgXqJXUXwD9ajB6NHonLmNrUSK9nacHQnH097szO74xFXqtlbT3il
wMsBz5cnfCR5cEmci0Rj9u/jqBbPeES1I4PeFBXPUIT1XDSOuutFXylzrQvGyboWstCoQZyP
dxX4dLx0eauFe1x9puhoi0Ao1omEJo+BZ6XLVNaVpWiKekxN0VK2VMpmAy+Bk7ZV4SO+p1L/
uErNRS/qH2iFU+iNOtbcmVt9N16lfF7tLv9FXNj8AiyNcOi1AQAA
More information about the bind-users
mailing list