Friday, November 6, 2015

domain name system - DNS Configuration issues



I recently started using entrydns.net as my domain's DNS Manager. I have hosting from another webhost and they provided me with 



NS: ns01.domain.com, ns02.domain.com

A : x.x.x.x


Now in my domain (mydomain.com), I set the following NS Records:



ns1.entrydns.net, ns2.entrydns.net, ns3.entrydns.net


Now, in entrydns.net I set up the following only :




NS : ns01.domain.com, ns02.domain.com
A : x.x.x.x


Then I checked with Pingdom DNS Checker and found some strange errors. Can you please suggest ways to correct the problem.



http://dnscheck.pingdom.com/?domain=srijit.com




  1. Superfluous name server listed at parent: ns1.entrydns.net


  2. Superfluous name server listed at parent: ns2.entrydns.net

  3. Superfluous name server listed at parent: ns3.entrydns.net

  4. Total parent/child glue mismatch.

  5. Name server ns01.000webhost.com (31.170.167.6) does not answer queries over TCP.

  6. 2 different serials found.

  7. different SOA records found.


Answer



By setting NS records within your zone on entrydns.net, you're performing a delegation from their servers. This confuses things a bit because the entrydns.net nameservers consider themselves authoritative for the domain. Remove the NS records pointing to the other nameservers.




You should be hosting these zones exclusively on entrydns.net and making your changes there. If you want them to get the data from a different source (i.e. ns01.000webhost.com.), this should be accomplished with zone transfers.





Extra info:



# dig +norecurse @ns1.entrydns.net. srijit.com A | awk '{print "    " $0}'

; <<>> DiG 9.7.3 <<>> +norecurse @ns1.entrydns.net. srijit.com A
; (1 server found)

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59730
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;srijit.com.                        IN      A

;; ANSWER SECTION:
srijit.com.         3600    IN      A       31.170.160.100


;; Query time: 111 msec
;; SERVER: 213.229.74.106#53(213.229.74.106)
;; WHEN: Sat Mar  2 14:00:59 2013
;; MSG SIZE  rcvd: 44


If this nameserver didn't consider itself authoritative, it should be serving up an AUTHORITY section with no ANSWER to perform a delegation. Yet if we look at the NS records it returns...



# dig +norecurse @ns1.entrydns.net. srijit.com NS | awk '{print "    " $0}'


; <<>> DiG 9.7.3 <<>> +norecurse @ns1.entrydns.net. srijit.com NS
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33331
;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;srijit.com.                        IN      NS


;; ANSWER SECTION:
srijit.com.         3600    IN      NS      ns01.000webhost.com.
srijit.com.         3600    IN      NS      ns02.000webhost.com.

;; Query time: 113 msec
;; SERVER: 213.229.74.106#53(213.229.74.106)
;; WHEN: Sat Mar  2 14:00:41 2013
;; MSG SIZE  rcvd: 77



...we're being sent to different nameservers entirely.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...