How to force root servers to update cached host record (Long post)

Lee M Dobson ldobson at alabanza.com
Tue May 28 18:23:58 UTC 2002 


Eric,

Having checked the registary I found that the following host record has
been registered with the NIC:

Server Name: WWW.INFINITYPORTALS.COM
   IP Address: 65.163.172.131
   Registrar: NETWORK SOLUTIONS, INC.
   Whois Server: whois.networksolutions.com
   Referral URL: http://www.networksolutions.com

This appears to be the center of your problem, You will need to have
this host record removed at your registrar.

---------------------------------------------------------
Sincerely,
Lee M Dobson,
Alabanza Corp.


-----Original Message-----
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Eric Richbourg
Sent: Monday, May 27, 2002 11:47 PM
To: comp-protocols-dns-bind at isc.org
Subject: How to force root servers to update cached host record (Long
post)


Greetings.

I've got a fairly interesting, but difficult problem. Be warned, this
post is kind of long.

A client of my registered the domain name 'infinityportals.com' with
NetSol. Originally, the nameservers registered for this domain were
dns1.crosslogic.com (65.163.172.131) and dns2.crosslogic.com
(65.163.172.132). Dns1.crosslogic.com, acting as the primary
nameserver, is a Windows 2000 DNS Server, while dns2.crosslogic.com,
thought to be acting as secondary, is a Debian Linux box running BIND
9.1.3. Turns out, zone transfers were never fully configured between
the Win2k and Debian boxes, so only dns1.crosslogic.com (Win2k) had
authoritative knowledge of this zone. Actually, BIND is no longer even
running on dns2.crosslogic.com.

The infinityportals.com zone was then added to dns1.crosslogic.com
(Win2k). Here's a copy of the original zone file:

<Win2k zone file>

;
;  Database file infinityportals.com.dns for infinityportals.com zone.
;      Zone version:  1
;

@                       IN  SOA dns1.crosslogic.com.  admin.dmz.com. (
                        	1            ; serial number
                        	900          ; refresh
                        	600          ; retry
                        	86400        ; expire
                        	3600       ) ; minimum TTL

;
;  Zone NS records
;

@                       NS	dns1.crosslogic.com.
dns1.crosslogic.com.    A	65.163.172.131

;
;  Zone records
;

demo                    A	65.163.172.231
www                     A	65.163.172.131
www2                    A	65.163.172.231

</Win2k zone file>

Note that the IP for the 'www' host record is 65.163.172.131. This was
a mistake. It should have been 65.163.172.231. Please keep in mind
that the IP of dns1.crosslogic.com is also 65.163.172.131 (I don't
know if this complicate matters at all).

Seemed simple enough, change the 'www' host record to .231, flush the
cache, and restart the DNS service. This seemed to clear things up for
a few hours to a about a day, but then the change seemed to be
overridden somehow by the mistaken record. Even rebooting this
machine, wouldn't force the host record change to propagate out to the
root servers, much less other DNS servers. I created many test host
records, let them propagate out, and then changed the IP's with
success. I'm not understanding why this single host record will
change.

Any time I did an nslookup against any server other than
dns1.crosslogic.com on the www.infinityportals.com record, I'd still
get the old IP of .131 with a TTL of 2 days. This TTL returned by the
root servers always matched exactly the TTL that was given for dns1
and dns2.crosslogic.com. However, the same nslookup on other hosts
within this zone would always return the correct IP/TTL no matter what
changes I made to them.

I removed the infinityportals.com zone from the Win2k server for at
least 5 days, and then recreated the zone with the correct host
records--no luck.

I even removed the zone from the Win2k box, registered (with NetSol)
ns1.prism-tech.net and ns2.prism-tech.net as the nameservers for the
zone, loaded the zone on ns1.prism-tech.net, which is running BIND
8.2.3, dropped the TTL for the zone to 1 hour, restarted BIND, and
waited. It's been close to a week now and, while querying ns1 and
ns2.prism-tech.net for the www.infinityportals.com host returns the
correct info, querying any other nameserver still somehow returns the
originally assigned IP of 65.163.172.131!

It seems that the root servers are holding on to this stale
information and not letting go. How can I force this change to
propagate?

Any assistance will be greatly appreciated!

Thanks,
Eric

More information about the bind-users mailing list