[Gllug] DNS question
Ian Northeast
ian at house-from-hell.demon.co.uk
Sun Jul 2 19:31:14 UTC 2006
Adrian McMenamin wrote:
> I am trying to get a domain registered with discountdomains to point to
> a particular IP, but it seems they will only get it to point at the
> subnet and expect me to have DNS running - at least that is my
> interpretation.
>
> I logged in and changed the A record for @ to the appropriate IP...
>
> But querying the authoritative DNS seems to show its only pointed to the
> subnet - though no longer pointed towards discountdomains so it has
> updated the record in some way.
>
> adrian at bossclass:~$ dig @ns0.ddomains.co.uk somedomain.co.uk
>
> ; <<>> DiG 9.3.2 <<>> @ns0.ddomains.co.uk somedomain.co.uk
> ; (1 server found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57830
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;somedomian.co.uk. IN A
>
> ;; ANSWER SECTION:
> somedomain.co.uk. 14400 IN A 212.69.38.255
That's not the subnet, that's the broadcast address. 212.68.38.0 is
delegated as a /24 according to the RIPE whois. Even if it's been
further subdivided that has to be one of the broadcast addresses. I
can't think of any case where it makes sense to point an A record at a
broadcast address.
> ;; AUTHORITY SECTION:
> somedomain.co.uk. 14400 IN NS ns0.ddomains.co.uk.
> somedomain.co.uk. 14400 IN NS ns2.ddomains.co.uk.
So they don't expect you to have DNS running, those appear to be their
nameservers. And "delegating to a subnet" and expecting you to have DNS
running doesn't make sense. If you were expected to have DNS running the
NS records would point to your servers, and their servers wouldn't be
holding the domain at all. If you want this, most registrars require you
to set it up explicitly.
> I haven't seen this behaviour elsewhere - is it common?
As you state it, no. It's nonsensical.
> Have I got something wrong?
Either that or they have.
BTW obfuscating names when asking a question like this is not helpful
and rarely aids security. DNS is by its nature in the public domain. You
didn't obfuscate that IP address too did you? If so my statement that it
is a broadcast could be wrong.
Regards, Ian
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list