Results 1 to 11 of 11
  1. #1
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320

    DNS issue: Rootservers respond with wrong nameservers for all domains

    Ive always thought that I knew the DNS principles, but now something really strange is going on. Advice would be appreciated

    I have one domain (hosting.com), which runs the nameservers:
    ns1.hosting.com = server1
    ns2.hosting.com = server2
    ns3.hosting.com = server3
    ns4.hosting.com = server4

    And a lot of normal domains: client1.com and client2.com. These domains have ns1.hosting.com, and ns2.hosting.com configured as nameserver. Hosting.com also had these configured.

    The situation above worked well. Server3 and 4 were not used at all.

    The problems started when I migrated hosting.com to use server3 and server4. I transfered the zonefiles of hosting.com to these servers, and edited the WHOIS info to reflect these changes. This worked: hosting.com was working from server3 and server4.

    10 mins later the first downtime-message came in. Client1.com could not resolve. A quick check using dig showed why:
    l.gtld-servers.net [192.41.162.30] ns3.hosting.com. ns4.hosting.com.

    Somehow the root servers think that the client1.com and client2.com domain also have changed nameservers. But those are not changed, the wois info still points to ns1 and ns2.

    So in some strange way the root servers now return ns3 and ns4 for all domains that use ns1.hosting.com & ns2.hosting.com in their WHOIS. I alway thought that the root servers got their info from the whois info of the domain. (Or better said: the registar). Why do the root servers return ns3 & ns4, while ns1 and ns2 are configured?

    Am I missing something?

  2. #2
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,842
    Quote Originally Posted by Xandrios
    The problems started when I migrated hosting.com to use server3 and server4. I transfered the zonefiles of hosting.com to these servers, and edited the WHOIS info to reflect these changes. This worked: hosting.com was working from server3 and server4.
    So you registered ns3 and ns4 as nameservers. Did you keep ns1 and ns2 registered as well?
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  3. #3
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320
    No, I removed ns1 and ns2 from the hosting.com whois.

    Would it be required to keep those in the hosting.com whois? They were still listed in the client1.com and client2.com whois. Those are the only domains that use them. Hosting.com only uses ns3 and ns4.

    The strangest thing is that if I query client1.com from the rootservers, they return ns3 and ns4. While the whois info says ns1 and ns2. I dont see where those come from. But maybe that is where i'm missing something...

  4. #4
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,842
    If client.com uses ns1.hosting.com then:
    1. ns1.hosting.com must be registered at your registrar
    2. ns1.hosting.com must have an A record in the hosting.com zone
    3. client.com must have an NS record to ns1.hosting.com in the client.com zone
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  5. #5
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320
    Yes, those are the case.

    1. client1.com has ns1.hosting.com registered at the registar whois
    2. ns1.hosting.com had a zone on all 4 nameservers
    3. Yes, it had always used ns1.hosting.com, so the NS record was still active.

    However the root servers do not reflect point 1. They return ns3&4. Somehow the root servers are updated with wrong information. I always though that only the registar could do so, but it seems it has changed due to some other reason.

  6. #6
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,842
    No, you're missing point 1.
    Quote Originally Posted by Xandrios
    No, I removed ns1 and ns2 from the hosting.com whois.
    In the control panel for hosting.com at your registrar you need to register ns1 and ns2 as well as ns3 and ns4. You can't do this through client.com - registering nameservers is not the same as delegating to them. Who's your registrar?
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  7. #7
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320
    Ah, I see. That must have been it then. My registrar is ev1 by the way

    I have quickly returned everything to the old state when it went wrong, I will try again tomorrow morning when the least people are using the servers. Hopefully this does solve the issue

    Thanks a lot for you help, its greatly appreciated!

  8. #8
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,842
    No problem. This page has info for registering nameservers with various registrars - including ev1.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  9. #9
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320
    Ive talked to somebody at ev1, and something strange is happening.
    When I register the nameservers ns3 & ns4 at the domain hosting.com, all domains that use ns1&ns2 as nameservers start using ns3&ns4.
    The WHOIS info still returns the right ns1&ns2, however the rootservers return any two of ns1/ns2/ns3/ns4.

    On top of this the EV1 control panel won't allow me to remove two (registrations) of nameservers, supposingly because they are in use @ other domains.

    To give some actual domains of unused domains:

    icecoldcomputing.com:
    Domain servers in listed order:
    NS1.XANDRIOS.NET
    NS2.XANDRIOS.NET

    xandrios.net
    Domain servers in listed order:
    NS1.XANDRIOS.NET
    NS2.XANDRIOS.NET

    However, when querying icecoldcomputing.com:
    d.gtld-servers.net [192.31.80.30] ns2.xandrios.net. ns3.xandrios.net. 31ms

    Which makes the domain unresolvable, since ns3 does not have a zone for that domain. As last-resort I have now changed the IP of ns3 to that of ns2, hopefully that will bring things back online for now...
    Last edited by Xandrios; 01-14-2007 at 09:28 PM.

  10. #10
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,842
    Strange indeed. ns3 and ns2 have the same IP address, which could cause some interesting issues if they're supposed to be on different servers...
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  11. #11
    Join Date
    Jun 2004
    Location
    Bay Area
    Posts
    1,320
    Hypothetical question:

    ns1.xandrios.net and ns2.xandrios.net are registered nameservers. ('glue records'). The domain xandrios.net, as well as 30 other domains use them as nameservers.

    Glue records ns3.xandrios.net and ns4.xandrios.net are added. ns1.xandrios.net and ns2.xandrios.net are removed as glue records.

    What would this mean for the 30 domains that have ns1.xandrios.net and ns2.xandrios.net configured as nameserver? could it be that this causes those domains to start using ns3.xandrios.net and ns4.xandrios.net?

    I'm not saying that this happened by the way, I did not remove the glue records as far as I know. However it could be that somehow this situation existed due to the buggy ev1 domain interface. Right now for example its impossible to remove the ns3 glue record...the ev1 people dont know how to do it. :-X

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •