[Gllug] DNS question

Ian Northeast ian at house-from-hell.demon.co.uk
Tue Jul 4 18:52:27 UTC 2006

Nix wrote:

> but your customer *cannot* manage worse screwups than some of those I've
> seen (and some of those others have seen, too).

An associated company whose DNS I do not manage, but who I provide a bit 
of technical advice to from time to time as they have no real IT 
knowledge had this:

ISP#1 were hosting their DNS and managing the registration, and hosting 
their web site.

They asked ISP#1 to change the MX records. They did, but made a typo on 
the second preference one. No real problem, the first preference was 
working fine.

When ISP#1 were asked to correct this, they deleted all the MX records 
from the domain. So all the mail started failing.

When asked to correct this, they did so, but *decremented* the serial 
number (even though it was in YYYYMMDDNN format) so the slave, hosted by 
a third party, continued to insist there were no MX records. So now half 
of the mail was failing.

I had to call ISP#1 and speak to their "technician" and tell him how to 
fix it.

So I advised the IT director of this company to switch to an alternate 
provider as this lot are useless (we are not in a position to provide 
this service as we are winding our systems down following a takeover).

So they started discussions with ISP#2 with a view to hosting their 
domain. ISP#2 created it on their servers but didn't configure it, they 
left it with what was evidently their defaults including 24 hour TTLs. 
The MX records pointed to a server of theirs which wasn't accepting the 
mail. I don't think this was an error on their part; it wasn't supposed 
to be used yet. At the same time, they were moving their web site to ISP#2.

According to said IT director's account, he asked ISP#1 to update the 
www record to point to ISP#2's web server. What happened was that they 
changed the delegation to point to ISP#2's nameservers, with their 
incorrect MX records with 24 hour TTL. I am not sure I actually believe 
the IT director here, ISP#1 must have got the names of ISP#2's 
nameservers from somewhere.

ISP#2 were cooperative enough and changed the MX records, but this 
didn't help much because of the 24 hour TTL on the old ones. This 
company are using mail for EDI transactions, fortunately only with 3 
partners. They said they couldn't tolerate their EDI being down for more 
than 24 hours, and the TTLs weren't going to expire fast enough. So I 
had to provide a temporary email address on our systems, forwaded into 
theirs, which worked because I flushed the cache on our nameservers, and 
they told these 3 partners to use this alternate address for a day or two.

But I dare say you've seen worse..

> DNS is remarkably easy to get right --- and remarkably easy to get
> *wrong*.

Well I find it easy enough to get right (touches nearest piece of wood), 
I've never made a serious error in the public DNS (yet:). And you 
presumably do too. But a lot of people seem to have trouble with it. It 
is a bit picky I suppose.

Regards, Ian

Gllug mailing list  -  Gllug at gllug.org.uk

More information about the GLLUG mailing list