Re: problem domains host in ns1/ns2.planetdomain.com (Eric Yiu)
In message, Eric Yiu writes: > Hi, > > The thing I try to solve is, our users use our caching dns servers cannot > send emails to those domains which this planetdomain.com is currrently > hosting as the MX of these domains expired. But google dns work properly > after expired. Although I know it is the normal behavior as the > netregistry does not hold anything of those domains, but I tried myself a > few hours to load the google dns servers 8.8.8.8 with these domains cached, > wait the MX expired of the problem domain and all google dns would indeed > refresh the right MX record. Our user argued why google dns can perform > properly but not our cache only dns. Users are somehow the idiot on tech > things. They know a few of the dns flow, but they know they can compare, > you know... So I am asking if any miss of the bind dns config if I can fix > these domains at our side. > > Eric When you have different servers returning different data for the same names you get problems like this. Named learns the other set of NS records then all future lookups get NOERROR no data. Garbage In Garbage Out. Planet Domain / Netregistry need to fix up this stuff up. Mark > On Thu, Dec 29, 2016 at 10:23 PM, MURTARI, JOHN wrote: > > > Eric, > > Thanks for the complete example below, but I'm not sure what you > > are trying to solve? > > > > It looks like the netregistry.net servers don't have zone data > > loaded even though they are supposed to be authoritative. Your best bet > > would be to contact them and point out it appears some zone data was lost > > when service was transferred. Trying to use Google isn't going to help if > > the data isn't on the designated authoritative servers. > > > > Hope this helps. > > John > > > > - > > Date: Thu, 29 Dec 2016 18:27:47 +0800 > > From: Eric Yiu > > To: bind-users@lists.isc.org > > Subject: problem domains host in ns1/ns2.planetdomain.com > > > > Someday ago netregistry.com bought planetdomain.com. And there are a > > number of domains (not sure if all) host at ns1/ns2.planetdomain.com > > ns point to ns1/ns2/ns3.netregistry.net. However these netregistry.net do > > not host these domain. Then if the records of these domain expired and > > refresh from these netregistry name server, they will get error. For > > example: domain "carlajohnson.com.au": > > > > $ dig +trace ns carlajohnson.com.au > > > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6 <<>> +trace ns > > carlajohnson.com.au > > ;; global options: +cmd > > . 399916 IN NS e.root-servers.net. > > . 399916 IN NS j.root-servers.net. > > . 399916 IN NS i.root-servers.net. > > . 399916 IN NS h.root-servers.net. > > . 399916 IN NS b.root-servers.net. > > . 399916 IN NS c.root-servers.net. > > . 399916 IN NS d.root-servers.net. > > . 399916 IN NS a.root-servers.net. > > . 399916 IN NS m.root-servers.net. > > . 399916 IN NS l.root-servers.net. > > . 399916 IN NS g.root-servers.net. > > . 399916 IN NS k.root-servers.net. > > . 399916 IN NS f.root-servers.net. > > ;; Received 492 bytes from 10.68.201.185#53(10.68.201.185) in 9 ms > > > > au. 172800 IN NS v.au. > > au. 172800 IN NS w.au. > > au. 172800 IN NS a.au. > > au. 172800 IN NS b.au. > > au. 172800 IN NS x.au. > > au. 172800 IN NS y.au. > > au. 172800 IN NS u.au. > > au. 172800 IN NS z.au. > > ;; Received 489 bytes from 192.36.148.17#53(192.36.148.17) in 71 ms > > > > carlajohnson.com.au.14400 IN NS ns1.planetdomain.com. > > carlajohnson.com.au.14400 IN NS ns2.planetdomain.com. > > ;; Received 89 bytes from 37.209.194.5#53(37.209.194.5) in 304 ms > > > > carlajohnson.com.au.3600IN NS ns2.netregistry.net. > > carlajohnson.com.au.3600IN NS ns1.netregistry.net. > > carlajohnson.com.au.3600IN NS ns3.netregistry.net. > > ;; Received 106 bytes from 203.55.142.5#53(203.55.142.5) in 327 ms > > > > > > > > $ dig @ns1.planetdomain.com soa carlajohnson.com.au > > > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6 <<>> @ns1.planetdomain.com > > soa carlajohnson.com.au > > ; (1 server found) > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY,
Re: problem domains host in ns1/ns2.planetdomain.com (Eric Yiu)
Hi, The thing I try to solve is, our users use our caching dns servers cannot send emails to those domains which this planetdomain.com is currrently hosting as the MX of these domains expired. But google dns work properly after expired. Although I know it is the normal behavior as the netregistry does not hold anything of those domains, but I tried myself a few hours to load the google dns servers 8.8.8.8 with these domains cached, wait the MX expired of the problem domain and all google dns would indeed refresh the right MX record. Our user argued why google dns can perform properly but not our cache only dns. Users are somehow the idiot on tech things. They know a few of the dns flow, but they know they can compare, you know... So I am asking if any miss of the bind dns config if I can fix these domains at our side. Eric On Thu, Dec 29, 2016 at 10:23 PM, MURTARI, JOHNwrote: > Eric, > Thanks for the complete example below, but I'm not sure what you > are trying to solve? > > It looks like the netregistry.net servers don't have zone data > loaded even though they are supposed to be authoritative. Your best bet > would be to contact them and point out it appears some zone data was lost > when service was transferred. Trying to use Google isn't going to help if > the data isn't on the designated authoritative servers. > > Hope this helps. > John > > - > Date: Thu, 29 Dec 2016 18:27:47 +0800 > From: Eric Yiu > To: bind-users@lists.isc.org > Subject: problem domains host in ns1/ns2.planetdomain.com > > Someday ago netregistry.com bought planetdomain.com. And there are a > number of domains (not sure if all) host at ns1/ns2.planetdomain.com > ns point to ns1/ns2/ns3.netregistry.net. However these netregistry.net do > not host these domain. Then if the records of these domain expired and > refresh from these netregistry name server, they will get error. For > example: domain "carlajohnson.com.au": > > $ dig +trace ns carlajohnson.com.au > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6 <<>> +trace ns > carlajohnson.com.au > ;; global options: +cmd > . 399916 IN NS e.root-servers.net. > . 399916 IN NS j.root-servers.net. > . 399916 IN NS i.root-servers.net. > . 399916 IN NS h.root-servers.net. > . 399916 IN NS b.root-servers.net. > . 399916 IN NS c.root-servers.net. > . 399916 IN NS d.root-servers.net. > . 399916 IN NS a.root-servers.net. > . 399916 IN NS m.root-servers.net. > . 399916 IN NS l.root-servers.net. > . 399916 IN NS g.root-servers.net. > . 399916 IN NS k.root-servers.net. > . 399916 IN NS f.root-servers.net. > ;; Received 492 bytes from 10.68.201.185#53(10.68.201.185) in 9 ms > > au. 172800 IN NS v.au. > au. 172800 IN NS w.au. > au. 172800 IN NS a.au. > au. 172800 IN NS b.au. > au. 172800 IN NS x.au. > au. 172800 IN NS y.au. > au. 172800 IN NS u.au. > au. 172800 IN NS z.au. > ;; Received 489 bytes from 192.36.148.17#53(192.36.148.17) in 71 ms > > carlajohnson.com.au.14400 IN NS ns1.planetdomain.com. > carlajohnson.com.au.14400 IN NS ns2.planetdomain.com. > ;; Received 89 bytes from 37.209.194.5#53(37.209.194.5) in 304 ms > > carlajohnson.com.au.3600IN NS ns2.netregistry.net. > carlajohnson.com.au.3600IN NS ns1.netregistry.net. > carlajohnson.com.au.3600IN NS ns3.netregistry.net. > ;; Received 106 bytes from 203.55.142.5#53(203.55.142.5) in 327 ms > > > > $ dig @ns1.planetdomain.com soa carlajohnson.com.au > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6 <<>> @ns1.planetdomain.com > soa carlajohnson.com.au > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18145 > ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 > ;; WARNING: recursion requested but not available > > ;; QUESTION SECTION: > ;carlajohnson.com.au. IN SOA > > ;; ANSWER SECTION: > carlajohnson.com.au.3600IN SOA ns1.netregistry.net. > dmain.netregistry.net. 2014051416 86400 7200 360 172800 > > ;; Query time: 312 msec > ;; SERVER: 203.55.143.4#53(203.55.143.4) > ;; WHEN: Thu Dec 29 18:26:37 2016 > ;; MSG SIZE rcvd: 98 > > > > $ dig @ns1.netregistry.net soa carlajohnson.com.au > > > I
RE: problem domains host in ns1/ns2.planetdomain.com (Eric Yiu)
Eric, Thanks for the complete example below, but I'm not sure what you are trying to solve? It looks like the netregistry.net servers don't have zone data loaded even though they are supposed to be authoritative. Your best bet would be to contact them and point out it appears some zone data was lost when service was transferred. Trying to use Google isn't going to help if the data isn't on the designated authoritative servers. Hope this helps. John - Date: Thu, 29 Dec 2016 18:27:47 +0800 From: Eric YiuTo: bind-users@lists.isc.org Subject: problem domains host in ns1/ns2.planetdomain.com Someday ago netregistry.com bought planetdomain.com. And there are a number of domains (not sure if all) host at ns1/ns2.planetdomain.com ns point to ns1/ns2/ns3.netregistry.net. However these netregistry.net do not host these domain. Then if the records of these domain expired and refresh from these netregistry name server, they will get error. For example: domain "carlajohnson.com.au": $ dig +trace ns carlajohnson.com.au ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6 <<>> +trace ns carlajohnson.com.au ;; global options: +cmd . 399916 IN NS e.root-servers.net. . 399916 IN NS j.root-servers.net. . 399916 IN NS i.root-servers.net. . 399916 IN NS h.root-servers.net. . 399916 IN NS b.root-servers.net. . 399916 IN NS c.root-servers.net. . 399916 IN NS d.root-servers.net. . 399916 IN NS a.root-servers.net. . 399916 IN NS m.root-servers.net. . 399916 IN NS l.root-servers.net. . 399916 IN NS g.root-servers.net. . 399916 IN NS k.root-servers.net. . 399916 IN NS f.root-servers.net. ;; Received 492 bytes from 10.68.201.185#53(10.68.201.185) in 9 ms au. 172800 IN NS v.au. au. 172800 IN NS w.au. au. 172800 IN NS a.au. au. 172800 IN NS b.au. au. 172800 IN NS x.au. au. 172800 IN NS y.au. au. 172800 IN NS u.au. au. 172800 IN NS z.au. ;; Received 489 bytes from 192.36.148.17#53(192.36.148.17) in 71 ms carlajohnson.com.au.14400 IN NS ns1.planetdomain.com. carlajohnson.com.au.14400 IN NS ns2.planetdomain.com. ;; Received 89 bytes from 37.209.194.5#53(37.209.194.5) in 304 ms carlajohnson.com.au.3600IN NS ns2.netregistry.net. carlajohnson.com.au.3600IN NS ns1.netregistry.net. carlajohnson.com.au.3600IN NS ns3.netregistry.net. ;; Received 106 bytes from 203.55.142.5#53(203.55.142.5) in 327 ms $ dig @ns1.planetdomain.com soa carlajohnson.com.au ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6 <<>> @ns1.planetdomain.com soa carlajohnson.com.au ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18145 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;carlajohnson.com.au. IN SOA ;; ANSWER SECTION: carlajohnson.com.au.3600IN SOA ns1.netregistry.net. dmain.netregistry.net. 2014051416 86400 7200 360 172800 ;; Query time: 312 msec ;; SERVER: 203.55.143.4#53(203.55.143.4) ;; WHEN: Thu Dec 29 18:26:37 2016 ;; MSG SIZE rcvd: 98 $ dig @ns1.netregistry.net soa carlajohnson.com.au I check google dns 8.8.8.8 would really able to fresh the correct records after expired. So just wonder bind config is able to bypass this problem except I make the forward only zones to ask 8.8.8.8. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: problem domains host in ns1/ns2.planetdomain.com (Eric Yiu)
On first glance it looks like although the domain registration points to the DNS servers at planetdomain.com., the actual domain has NS records (and an MNAME entry in the SOA) which point to DNS servers at netregistry.net. Anyone else have different results? Regards, Bob ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users