GoDaddy DNS How To and ISPConfig

[wiremeister]

I get the same information with one important difference. Ns3 and ns4 will resolve from outside the Comcast network (using another nameserver other than those assigned to us by Comcast). However, from a Linux machine here we get:

dig ns3.sheltiehosting.net
;; Got SERVFAIL reply from 68.87.85.98, trying next server

; <<>> DiG 9.3.2 <<>> ns3.sheltiehosting.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41810
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ns3.sheltiehosting.net. IN A

;; Query time: 1048 msec
;; SERVER: 68.87.69.146#53(68.87.69.146)
;; WHEN: Fri Jan 12 20:43:37 2007
;; MSG SIZE rcvd: 40

dig ns4.sheltiehosting.net gets the same result.

Using the same nameserver that you did (213.191.92.84) I get the identical results that you did today.


A dig @ns1.comcastbusiness.net within the Comcast network gets us this information:

dig @ns1.comcastbusiness.net any sheltiehosting.net

; <<>> DiG 9.3.2 <<>> @ns1.comcastbusiness.net any sheltiehosting.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9177
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;sheltiehosting.net. IN ANY

;; ANSWER SECTION:
sheltiehosting.net. 172800 IN NS ns3.sheltiehosting.net.
sheltiehosting.net. 172800 IN NS ns4.sheltiehosting.net.

;; AUTHORITY SECTION:
sheltiehosting.net. 172800 IN NS ns4.sheltiehosting.net.
sheltiehosting.net. 172800 IN NS ns3.sheltiehosting.net.

;; ADDITIONAL SECTION:
ns3.sheltiehosting.net. 172800 IN A 74.92.214.65
ns4.sheltiehosting.net. 172800 IN A 74.92.214.66

;; Query time: 2111 msec
;; SERVER: 208.39.158.1#53(208.39.158.1)
;; WHEN: Fri Jan 12 21:09:32 2007
;; MSG SIZE rcvd: 132

A Dig @ns2.comcastbusiness.net gets the same result.


Now a Dig @(IP):

dig @74.92.214.66 any sheltiehosting.net

; <<>> DiG 9.3.2 <<>> @74.92.214.66 any sheltiehosting.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34636
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;sheltiehosting.net. IN ANY

;; ANSWER SECTION:
sheltiehosting.net. 86400 IN SOA ns3.sheltiehosting.net. webmaster.sheltiehosting.net. 2007010702 28800 7200 604800 86400
sheltiehosting.net. 86400 IN A 74.92.214.65
sheltiehosting.net. 86400 IN NS ns4.sheltiehosting.net.
sheltiehosting.net. 86400 IN NS ns3.sheltiehosting.net.

;; ADDITIONAL SECTION:
ns3.sheltiehosting.net. 86400 IN A 74.92.214.65
ns4.sheltiehosting.net. 86400 IN A 74.92.214.66

;; Query time: 3 msec
;; SERVER: 74.92.214.66#53(74.92.214.66)
;; WHEN: Fri Jan 12 20:49:47 2007
;; MSG SIZE rcvd: 166

dig @74.92.214.65 any sheltiehosting.net

; <<>> DiG 9.3.2 <<>> @74.92.214.65 any sheltiehosting.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63260
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;sheltiehosting.net. IN ANY

;; ANSWER SECTION:
sheltiehosting.net. 86400 IN SOA ns3.sheltiehosting.net. webmaster.sheltiehosting.net. 2007010702 28800 7200 604800 86400
sheltiehosting.net. 86400 IN NS ns3.sheltiehosting.net.
sheltiehosting.net. 86400 IN NS ns4.sheltiehosting.net.
sheltiehosting.net. 86400 IN A 74.92.214.65

;; ADDITIONAL SECTION:
ns3.sheltiehosting.net. 86400 IN A 74.92.214.65
ns4.sheltiehosting.net. 86400 IN A 74.92.214.66

;; Query time: 0 msec
;; SERVER: 74.92.214.65#53(74.92.214.65)
;; WHEN: Fri Jan 12 20:50:26 2007
;; MSG SIZE rcvd: 166

I understand your assumption, that it would certainly look like named is down, and port 53 on both ns3 and ns4 are blocked. However, named is running, and port 53 is open as evidenced. Both ns3 and ns4 have the same information.

I haven't heard back from Comcast DNS as of yet, though I've tried to reach them (It will be Monday before I can try again. They work M-F 9-5 only). After the traceroutes I have done, and one other done by a Comcast Tech Support person, it would appear that something in one particular server enroute to us here has a problem. All traceroutes stop (time out) at the same server two hops before arriving here (originating outside the Comcast network). This is what we've asked them to look at.

One interesting thing is that sheltiehosting.org and .com will resolve from inside and outside the Comcast network. Where .net will not. I'm almost to the point of changing the nameservers to a .com just to see if it makes a difference. I'm beginning to believe it just might.

Thanks for the clarification on the glue records.

[falko]

Quote:

Originally Posted by wiremeister

One interesting thing is that sheltiehosting.org and .com will resolve from inside and outside the Comcast network. Where .net will not. I'm almost to the point of changing the nameservers to a .com just to see if it makes a difference. I'm beginning to believe it just might.

Are they also using ns3 and ns4.sheltiehosting.net as nameservers? In that case no glue record is needed because sheltiehosting.net is different from sheltiehosting.org and sheltiehosting.com. That seems to be the reason these domains are resolving.

[wiremeister]

That makes sense. Still waiting on a response from Comcast. It would appear there are at least one, possibly two servers enroute to us blocking udp and/or tcp packets. I'm looking forward to actually getting up and running here.....

[falko]

Have you thought about buying a technical domain, i.e. a domain that you don't use for web hosting, emails, etc.? You could then use that for your nameservers (e.g. ns1.technicaldomain.com and ns2.technicaldomain.com). Thus you don't need that glue record anymore.

[wiremeister]

Problem solved! Finally managed to talk to the correct group at Comcast today. It was a five minute fix on thier end to one of thier network routers. We can now get through to our nameservers, and all sites are resolving. Everything works.

Thanks for all your help Falko!

I hadn't though of a technical domain, but I will keep that in the back of my mind should the need come up in the future. This was frustrating tracing all the various things down, but a good learning experience. I've got one windows machine left...... May get rid of it now. Linux I think is actually easier to deal with!

[fycserv]

Hi All,

By Request of my ISP I had to change the IP address of my NS1. I went to godaddy and changed the NS1 and the @ IPs in the A registers. I did this last saturday and waited for propagation as suggested. In this moment I´m in France and the IspConfig server is in Colombia. Well the fact is that I can see the sites from here ( sometimes ) but the people in Colombia can not see them (never) It could sound weird but the description is right, sometimes I see the sites, sometimes I can´t. I must add that there are sites in that server that I have not seen since I did the change. My dig test seems to be ok. Last thing I did was to check the ns1 propagation with an online tool, some of the servers still list my ns1 with the old Ip.

In this moment I don't know what to do, as usual I came to you to find some light.

Thanks in advance.

ps. Falko, regarding your howto about having our own nameserver with goodady, the servernames of our ns1 and ns2 must be in the parked option or hosted here option ?

[falko]

Did you change the glue records as well?
Did you check your records on www.intodns.com ?

Quote:

ps. Falko, regarding your howto about having our own nameserver with goodady, the servernames of our ns1 and ns2 must be in the parked option or hosted here option ?

I don't know the GoDaddy interface, I think it has changed since I wrote the tutorial, so I can't tell anything about it.