[Gllug] DNS question

Ian Northeast ian at house-from-hell.demon.co.uk
Sun Jul 2 19:31:14 UTC 2006 

Adrian McMenamin wrote:
> I am trying to get a domain registered with discountdomains to point to
> a particular IP, but it seems they will only get it to point at the
> subnet and expect me to have DNS running - at least that is my
> interpretation.
> 
> I logged in and changed the A record for @ to the appropriate IP...
> 
> But querying the authoritative DNS seems to show its only pointed to the
> subnet - though no longer pointed towards discountdomains so it has
> updated the record in some way.
> 
> adrian at bossclass:~$ dig @ns0.ddomains.co.uk somedomain.co.uk
> 
> ; <<>> DiG 9.3.2 <<>> @ns0.ddomains.co.uk somedomain.co.uk
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57830
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> 
> ;; QUESTION SECTION:
> ;somedomian.co.uk.         IN      A
> 
> ;; ANSWER SECTION:
> somedomain.co.uk.  14400   IN      A       212.69.38.255

That's not the subnet, that's the broadcast address. 212.68.38.0 is 
delegated as a /24 according to the RIPE whois. Even if it's been 
further subdivided that has to be one of the broadcast addresses. I 
can't think of any case where it makes sense to point an A record at a 
broadcast address.

 > ;; AUTHORITY SECTION:
 > somedomain.co.uk.  14400   IN      NS      ns0.ddomains.co.uk.
 > somedomain.co.uk.  14400   IN      NS      ns2.ddomains.co.uk.

So they don't expect you to have DNS running, those appear to be their 
nameservers. And "delegating to a subnet" and expecting you to have DNS 
running doesn't make sense. If you were expected to have DNS running the 
NS records would point to your servers, and their servers wouldn't be 
holding the domain at all. If you want this, most registrars require you 
to set it up explicitly.

> I haven't seen this behaviour elsewhere - is it common? 

As you state it, no. It's nonsensical.

> Have I got something wrong?

Either that or they have.

BTW obfuscating names when asking a question like this is not helpful 
and rarely aids security. DNS is by its nature in the public domain. You 
didn't obfuscate that IP address too did you? If so my statement that it 
is a broadcast could be wrong.

Regards, Ian

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list