[Techtalk] dns issue

Wim De Smet kromagg at gmail.com
Thu Jan 12 16:23:12 UTC 2012


Hmm,

On Thu, Jan 12, 2012 at 4:58 PM, TraceyC <grrliegeek at elenari.net> wrote:
> Re-sending to the list....
>
>
> On 01/12/2012 08:04 AM, Wim De Smet wrote:
>>
>> Hi Tracey,
>>
>> Are you sure ns1 needs an A-record for dns.shadlen.org?
>
> I'm 100% sure that what the registrar reports via whois needs to match what
> the nameservers report for nameserver hostnames. I'm also 100% sure the
> proper nameservers all need A records. If a client is told "the ns servers
> for domain.com are ns.domain.com and dns.otherdomain.com" and those
> nameservers can't be resolved, there will be problems. Having stealth and /
> or lame nameservers cause problems, for more information, you can see:
> http://corpocrat.com/2009/10/01/troubleshooting-common-dns-misconfiguration-errors/

It's more subtle than that. dns.shadlen.org is authorative for
dns.shadlen.org, so that's where the A-record should be. Your dig
query is akin to querying for google.com from one of the .com
nameservers, which will also not give you any output (not with the
short format anyway).

Anyway, obviously having the nameservers not know about
dns.shadlen.org is a problem, but the bigger problem is that somehow
the servers one step above that do know that dns.shadlen.org is
authorative (which is good) but have the wrong IP for it (which is
bad). I have no idea how that could have happened though, probably a
misconfiguration on the name service provider's side.

regards,
Wim


More information about the Techtalk mailing list