[Gllug] DNS verification (slightly OT)

Henrik Morsing henrik at morsing.cc
Sat Apr 18 11:44:20 UTC 2009 


Ok, wow, thanks for the responses and sorry for the delay, took a wrong turn leaving work and ended up in Wales and didn't get back home till 3am!

Right, here's what happened yesterday afternoon and evening:

Rummaging around the Enom site in desparation I found under the "Advanced" section a form to add, delete adn change IPs of name servers! Blimey, could the "help" center guy not have told me that? All he did was keep insisting that Gustav was registered as a name server and everything was fine and dandy which it clearly wasn't. I messed around a bit and managed to delete emil and add ns and ns2. Then when back to the DNS server control panel which is in a completely different location and doesn't mention at all that you need to add your name servers first or you just get a weird error! I cleared all records and added ns and ns2 and to make things simple I went to Widge and closed down services for morsing.cc which is why they're no longer responding.

Set off down the M4 and about an our later decided to check my email from my phone except it couldn't connect to either of my servers just said "Host not found". Trouble already. Got a text ten minutes later from a friend in Texas who uses my servers who couldn't connect either, just got "Cannot resolve hostname". Problem spreading. Some hours later I checked again and yay, the Verisign TLDs had now picked up my changes finally and everything works now :)

A couple of comments below:

Simon Wilcox said:

> Our office DNS servers should have done the full query. Let me try that from somewhere else that definitely won't have you locally cached:              
                                                                                > simonw at svr02:~$ host ns.morsing.cc
> ns.morsing.cc           A    93.93.131.95
                                                                                
> Actually that uses an upstream nameserver that might have cached it. Let's use our own primary resolving DNS server                                  
                                                                                
> simonw at svr10:~$ host ns.morsing.cc
> Nameserver not responding
> ns.morsing.cc A record not found, try again
                                                                                
> OK, it looks like you do have a problem of some sort.

First of all, I don't agree with the way you do this. The way DNS works is by the TLD to have a glue NS record to the authoritative name server. The only way to be sure you're getting the correct, up-to-date information is to ask the TLD where to go for your DNS queries. Hence the name authoritative. Your host commands can get it's responses from all sorts of cached records and is technically invalid.

> Having said that, ns1.widge.net and ns2.widge.net which whois thinks are authoritative for your domain are not responding at all.
                                                                                
> Fixing this might be a good idea.

I did fix it. I shut the zones on Widge down because I'm phasing them out in favour of gustav and the only reason you are told that they're authoritative is because Enom has screwed up and won't listen to me. The Widge servers are quite correctly no longer resopnding to morsing.cc requests

[...]


> If the glue record for ns.morsing.cc is somehow set incorrectly you'll get no results.

Indeed but try getting that through to Enom.
       
> BTW, host thinks that you have different name servers to the whois record: 

> host80:~ simonw$ host -t ns morsing.cc
> morsing.cc name server ns.morsing.cc.                   
> morsing.cc name server ns2.morsing.cc.

Tell Enom, if you can get them to listen...

Actually, I only changed to ns and ns2 as a work-around for Enom refusing to fix emil's duff glue record.

[...]

> One solution/workaround to this may be to move the DNS away somewhere altogether different. e.g. dyndns.org or any number of other providers. If you don't have self-referencing name servers you won't need glue records and all this will go away.   

Sounds like an overly complicated solution to a simple problem. I've been running this domain and DNS for a decade now and have moved IP address 2-3 times before and it's quite simple. Only thing that's happened here is that the DNS servers IP address changed. Enom has always been shit but never messed up like this before.

> To answer your actual question - I don't think you're mad, there's definitely a problem but I'm not convinced it's where you think it is.

It was, changing the glue record for emil on Verisign's servers fixed the problem and everything is well now. All I need now is to have words with that un-believably useless "help" desk person.

[...]

> host80:~ simonw$ host ns.morsing.cc
> ns.morsing.cc has address 93.93.131.95                   

> Which is what you want isn't it?

Yes but I'm guessing you got that from Emil's old IP or Widge but that's too late to verify now. Also, the TLD didn't have this address so back to my not agreeing with how you use 'host' :)  Although, when did you check this? If yesterday evening, it might have been after I finally fixed it.

[...]


Robert McKay said:

> That is what's wanted, but the only reason you can see that is because of ns1.widge.net, ns2.widge.net. If those go away (which it appears they now have) it will stop working entirely.

Spot on!

[...]

> You are quite correct - ns.morsing.cc is configured as a glue record(nameserver) with an IP address of 62.79.45.155 (some Denmark ADSL).            

I think this is because 8+ years ago I had the DNS server ns.morsing.cc at the end of a DSL line in Denmark. Enom still has the record apparently.
                                                                                
> I have no idea why it's set to that either - maybe enom's tech support did it when you talked to them. There should be a way to add/modify/change nameservers (glue records) in your enom account - you *should* be able to fix this there. I don't have an enom account so I can't really guide you but look for something called "register nameserver" or "register glue" or something.

It happened when I changed emil to ns in the DNS list, see above. As explained at the top of this post, registering a name server and using it for a domain happens at wildly different and compleetly und-documented places on Enom's website. I shall have words.
                                                                      
> If you can't figure out how to change ns.morsing.cc, here's a couple of other ideas;

> a) configure two new name server/glue records - say ns3.morsing.cc and ns4.morsing.cc or something else that doesn't exist - using the correct IPs. You *would* still need to register these as glue/nameservers with enom.

That's what I attempted with ns and ns2 but did it wrong.

[...]

> b) configure two new nameservers on some other domain in a better understood tld such as .com/.net/.org and point your morsing.cc there. (if you get really stuck and don't want to pay www.za.org gives out free .org subdomains, you could register one of those and setup nameservers in there).

Overly complicated solution to a simple problem. Enom must have IP moves hundreds of times a day and it's quite a simple thing to do. The "help" center person was being a useless twat by continuing to claim that everything was right and emil and gustav were correctly registered as DNS for morsing.cc.

Anyway, working now, thanks for all the suggestions!

Henrik
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list