ignoring incorrect nameservers in authority section

Matus UHLAR - fantomas uhlar at fantomas.sk
Wed Dec 22 12:18:06 UTC 2010 

> Quoting from Matus UHLAR - fantomas's mail on Wed, Dec 22, 2010:
> > > Is there any solution to this problem without contacting the DNS
> > > administrator of that domain? I have seen this problem for many
> > > domains on the internet.
> > 
> > Well, first find which is the real problem - domain delegated to invalisd
> > servers, server providing invalid data, and than you have to fix what is
> > broken.
> > 
> > Give us a real example if we have to provider real solution.

On 22.12.10 16:53, Sunil Shetye wrote:
> Case 1:
> 
> Domain: e-nxt.com
> Real Nameservers: ns1.webpresenceworld.com. ns2.webpresenceworld.com.
> Fake Nameservers: ns5.zenexpress.com. ns6.zenexpress.com.

Why fake? 

Both ns1.webpresenceworld.com and ns2.webpresenceworld.com - the delegated
nameservers for e-nxt.com provide the same records for a domain, including
NS records for ns5.zenexpress.com and ns6.zenexpress.com.

The fact that ns5.zenexpress.com and ns6.zenexpress.com do not provide the
has nothing to do with this. 

Blame the person who added those NS records to e-nxt.com, someone at
webpresenceworld.com whould know where they get the zone.

> Case 2:
> 
> Domain: imagesystems.co.in
> Real Nameservers: ns1.servershost.net. ns2.servershost.net.
> Fake Nameservers: ns1.cyberasiantrade.com. ns2.cyberasiantrade.com.

Exactly the same applies here, just different domain and servers.


Both domains are delegated to servers that provide DNS for the domain, which
is correct. But both domains themselves contain NS Records to different
servers that do not provide those domains.

In both cases, someone has put a wrong NS records to the domain, causing
their unreachability.

Note that the NS records in the domains always prevail over those in
delegation - the DNS master should always know best which servers are
authoritative for it.


The NS records are not fake, they are misconfigured. Admins of mentioned
nameservers may even now know about the problem, since anyone can point his
domain to their servers.

And there is nothing in DNS protocol that would prevent misconfigurations
like that one to appear, and there should not be. It's the domain master who
misconfigured it and has to fix it.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640 MB ought to be enough for anybody

More information about the bind-users mailing list