Hi there.
I own a domain, denterprises.org. On August 21st, one of my slave name servers was freeloader.its.stpatricks.tas.edu.au (a.k.a. freeloader). The serial number it had for my zone was 2003082100 or 2003082101, I forget which. This zone file contained RRs that are now quite outdated, including:
beryllium.denterprises.org. IN A 66.250.108.50
Also on August 21st, I got some new IPs from one of my upstream providers and changed the IP for my master DNS server, which happened to be beryllium.denterprises.org. The new IP is 38.118.136.194.
So, I changed the IP of my server, updated my master zone file, waited for DNS to sort itself out, and everything was good. Later, I observed freeloader giving out the old IP for beryllium.denterprises.org. Great. I got the guy who owns the machine to change the masters{} section of his named.conf (since I had forgotten about that bit when changing my IP) and re-hup. At this point, and we can't figure out why, freeloader was still serving the old IP. Freeloader's owner even deleted the slave zone file, re-hupped again, and it was still serving the old IP.
I removed freeloader from my zone NS records and from the WHOIS registry entry for denterprises.org.
Eventually, I decided to wait for freeloader's copy of my zone file to expire. Which it did on August 29th or 30th. Now, freeloader gives this sort of thing:
So, that's dandy. However, some server out there is still serving the old IP for beryllium, even now, on September 7th, as you can see here:
That's my problem. What is serving this, what is making it think it has that authority, and how do I stop it? Sometimes, my local name server caches the old and incorrect address, sometimes the new and correct one. However, both current authoritative name servers have proper serial numbers:
(Note that ns1.purplehost.net is beryllium.denterprises.org.)
The only other time I saw this sort of thing happen was when I, long ago and when I was new to DNS, registered a name server with a WHOIS registry when it sat on a dynamic IP. When my IP changed, the WHOIS entry didn't, and half the lookups anyone did were wrong. But, that's not the case this time:
(Although, why does beryllium say NOT FOUND and ns1 not say anything?)
Anyway, that's it. If you have any thoughts about this phantom name server, I'd love to know.
Thanks a bunch.
Colin
I own a domain, denterprises.org. On August 21st, one of my slave name servers was freeloader.its.stpatricks.tas.edu.au (a.k.a. freeloader). The serial number it had for my zone was 2003082100 or 2003082101, I forget which. This zone file contained RRs that are now quite outdated, including:
beryllium.denterprises.org. IN A 66.250.108.50
Also on August 21st, I got some new IPs from one of my upstream providers and changed the IP for my master DNS server, which happened to be beryllium.denterprises.org. The new IP is 38.118.136.194.
So, I changed the IP of my server, updated my master zone file, waited for DNS to sort itself out, and everything was good. Later, I observed freeloader giving out the old IP for beryllium.denterprises.org. Great. I got the guy who owns the machine to change the masters{} section of his named.conf (since I had forgotten about that bit when changing my IP) and re-hup. At this point, and we can't figure out why, freeloader was still serving the old IP. Freeloader's owner even deleted the slave zone file, re-hupped again, and it was still serving the old IP.
I removed freeloader from my zone NS records and from the WHOIS registry entry for denterprises.org.
Eventually, I decided to wait for freeloader's copy of my zone file to expire. Which it did on August 29th or 30th. Now, freeloader gives this sort of thing:
Code:
^ cww@char:~$ host beryllium.denterprises.org freeloader.its.stpatricks.tas.edu.au
Using domain server:
Name: freeloader.its.stpatricks.tas.edu.au
Address: 203.14.54.7#53
Aliases:
Host beryllium.denterprises.org not found: 2(SERVFAIL)
So, that's dandy. However, some server out there is still serving the old IP for beryllium, even now, on September 7th, as you can see here:
Code:
^ cww@char:~$ host beryllium.denterprises.org
beryllium.denterprises.org has address 66.250.108.50
That's my problem. What is serving this, what is making it think it has that authority, and how do I stop it? Sometimes, my local name server caches the old and incorrect address, sometimes the new and correct one. However, both current authoritative name servers have proper serial numbers:
Code:
^ cww@char:~$ host -C denterprises.org
Nameserver ns1.purplehost.net:
denterprises.org SOA ns1.purplehost.net. hostmaster.purplehost.net. 2003090700 7200 480 604800 7200
Nameserver ns6.gandi.net:
denterprises.org SOA ns1.purplehost.net. hostmaster.purplehost.net. 2003090700 7200 480 604800 7200
(Note that ns1.purplehost.net is beryllium.denterprises.org.)
The only other time I saw this sort of thing happen was when I, long ago and when I was new to DNS, registered a name server with a WHOIS registry when it sat on a dynamic IP. When my IP changed, the WHOIS entry didn't, and half the lookups anyone did were wrong. But, that's not the case this time:
Code:
^ cww@char:~$ whois beryllium.denterprises.org
NOT FOUND
^ cww@char:~$ whois ns1.purplehost.net
^ cww@char:~$
(Although, why does beryllium say NOT FOUND and ns1 not say anything?)
Anyway, that's it. If you have any thoughts about this phantom name server, I'd love to know.
Thanks a bunch.
Colin