Problems Resolving mdswim.org

[Jonathan de Boyne Pollard]

SWEJ> I'm at a loss now as to what the problem is.

There are at least three problems.

First:

The set of intermediate domain names that are used in the delegation
information published by a subdomain's content DNS servers should be the
same as or a superset of the set of intermediate domain names that are
used in the delegation information published by the superdomain's content
DNS servers.

This is not the case for "mdswim.org.".  The "org." content DNS servers use
the intermediate domain names "ns1.annapolisinternet.net." and
"ns2.annapolisinternet.net." in the delegation of "mdswim.org.".  But the
"mdswim.org." content DNS servers use the intermediate domain names
"ns5.mewebdns.com." and "ns6.mewebdns.com." in the delegation information.

Second:

Good practice is for delegations of subdomains of "org." to use intermediate
domain names that are themselves subdomains of "org.".  (Best practice is
for the intermediate domain names to be subdomains of the delegation point
itself, rather than merely subdomains of the enclosing superdomain.)

This is not the case for "mdswim.org.".  For _both_ sets of published
delegation information, the delegation is effectively glueless because the
intermediate domain names are not subdomains of "org.".  (The names in one
set are subdomains of "com." and the names in the other set are subdomains
of "net.".)  Best practice is for these names to be names such as
"a.ns.mdswim.org." and "b.ns.mdswim.org.".

Third:

The intermediate domain names used in delegation information must actually
exist, in order to be useful.

Whether the intermediate domain names used in the delegation of "mdswim.org."
exist depends both from who one asks and what delegation information one is
happening to use.  Not everyone agrees on the actual existence of the names
"ns1.annapolisinternet.net." and "ns2.annapolisinternet.net.".  The "net."
content DNS servers report both those names as existing and publish mappings
from them to IP addresses.  The "annapolisinternet.net." content DNS servers
report that those names do not exist at all.

All three of these problems are with what is being published by the various
content DNS servers involved, not with you when your server is trying to
perform query resolution.  Tell your user that the DNS administrator for
"mdswim.org." has mucked up the DNS data that are being published, causing
query resolution to fail intermittently, and that their complaint should be
directed at him/her.