[kwlug-disc] Our DNS has gone crazy

John Sellens jsellens at syonex.com
Wed Apr 15 14:17:36 EDT 2020 

It looks like the DNS server settings for theworkingcentre.org
are inconsistent.

First:
    % host -t ns theworkingcentre.org
    theworkingcentre.org name server ns1.boltonsmith.com.
    theworkingcentre.org name server ns2.boltonsmith.com.

Currently, both those DNS servers say
    www.theworkingcentre.org has address 50.116.60.156

But whois says the nameservers for theworkingcentre.org are
    Name Server: NS10.BOLTONSMITH.COM
    Name Server: NS11.BOLTONSMITH.COM

If you ask them who the DNS servers are, they both say ns1 and ns2
    % host -t ns theworkingcentre.org  NS10.BOLTONSMITH.COM
    Using domain server:
    Name: NS10.BOLTONSMITH.COM
    Address: 69.90.54.20#53
    Aliases:

    theworkingcentre.org name server ns1.boltonsmith.com.
    theworkingcentre.org name server ns2.boltonsmith.com.

If you ask NS10 and NS11 for the address, they give you a different
answer then ns1 and ns2 do
    % host -t a theworkingcentre.org NS10.BOLTONSMITH.COM
    Using domain server:
    Name: NS10.BOLTONSMITH.COM
    Address: 69.90.54.20#53
    Aliases:

    theworkingcentre.org has address 172.104.10.158

twc58.dyn.theworkingcentre.org has address 99.250.122.149


So - make sure the domain registration has the correct DNS servers.
Should they be ns1/ns2 or ns10/ns11?

Next make sure the NS records in the DNS servers match what's
supposed to happen.  Currently NS10/NS11 tell you they aren't
authoritative.

Then, make sure the A records are correct.

Hope that helps!

John



On Wed, 2020/04/15 02:02:52PM -0400, Paul Nijjar via kwlug-disc <kwlug-disc at kwlug.org> wrote:
| 
| Is there a tool that can do a website query against many different
| public DNS servers in parallel?
| 
| Today all of a sudden users are reporting that
| www.theworkingcentre.org is down. The site resolves correctly (to a
| CNAME for twc58.dyn.theworkingcentre.org) on Google DNS, but is
| inconsistent on others. Some report NXDOMAIN. My DNS (206.248.154.22,
| which is teksavvy) sometimes gives me NXDOMAIN and sometimes gives me
| a record (that does not look like a CNAME) for an OLD IP for the site
| (50.116.60.156). That IP address has not been active for months!
| 
| Man. I have no idea what is going on or how to go about fixing this,
| but I also have no idea how widespread the problem is. I checked the
| official DNS entries on our DNS servers and they seem okay. I did
| reduce the TTL on one domain yesterday, but that was in response to
| (in retrospect) something that seems like the same problem. 
| 
| Help?
| 
| - Paul

More information about the kwlug-disc mailing list