[dns-operations] Resolver operation an expired domain

Frank Bulk frnkblk at iname.com
Thu Jan 27 05:28:19 UTC 2011


Any A record you query against that NS returns 209.62.105.19. =)

It's 14 hours after we fixed things up, and a mass DNS query tool
(http://www.mob.net/~ted/tools/dns.php3) still shows two NS servers in that
list that have wrong (cached) information.  Our TTL is 24 hours, so I'm
guess it could another 10 hours before all the collateral damage is
resolved.  

Frank

-----Original Message-----
From: George Barwood [mailto:george.barwood at blueyonder.co.uk] 
Sent: Wednesday, January 26, 2011 12:31 PM
To: frnkblk at iname.com; dns-operations at dns-oarc.net
Subject: Re: [dns-operations] Resolver operation an expired domain


----- Original Message ----- 
From: "Frank Bulk" <frnkblk at iname.com>
To: <dns-operations at dns-oarc.net>
Sent: Wednesday, January 26, 2011 4:37 PM
Subject: [dns-operations] Resolver operation an expired domain


> Our main domain, mtcnet.net, inadvertently expired this morning with
Network
> Solutions and was assigned NS entries of ns1.pendingrenewaldeletion.com
and
> ns2.pendingrenewaldeletion.com.  We have clients with their own domains
and
> two of their three NS entries point to ns1.mtcnet.net and ns2.mtcnet.net;
> the third is ns1.netins.net.

Ah. I think I see the problem. 

>dig mypremieronline.com @ns1.pendingrenewaldeletion.com

mypremieronline.com.    7200    IN      A       209.62.105.19

Ug, I think that's pretty bad. It should not return an incorrect
authoritative answer.
Unless I'm missing something here.

George


> The mtcnet.net domain is renewed now, but we're still working through the
> fallout.
> 
> The question is: if a resolver outside our network would encounter a
client
> domain name (e.g. mypremieronline.com) with NS entries that themselves
> respond with "no answer", do they try successive NS entries until they
find
> one that works?  i.e. resolver queries the root for mypremieronline.com,
> gets the three NS entries previously mentioned, of which two don't resolve
> themselves.  From our customers' calls, it appears that generally does not
> happen.  
> 
> If the resolver would happen to query one of the working NS records,
> ns1.netins.net, everything would resolve just fine, of course.
> 
> Frank
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations




More information about the dns-operations mailing list