Why is my domain failing on some DNS servers?

I'm having some problems with my domains on some DNS servers. For instance, opencraft.org gives a SERVFAIL message on a number of domain servers around the world. It resolves fine from Google's DNS:

dig www.opencraft.org @8.8.8.8  ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> www.opencraft.org @8.8.8.8 ;; global options:  printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41236 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0  ;; QUESTION SECTION: ;www.opencraft.org.             IN      A  ;; ANSWER SECTION: www.opencraft.org.      86400   IN      A       76.74.253.37  ;; Query time: 408 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon Apr 25 10:05:59 2011 ;; MSG SIZE  rcvd: 51 

But with Singtel's DNS (and a number of others around the world), it fails:

# dig www.opencraft.org @165.21.83.88  ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> www.opencraft.org @165.21.83.88 ;; global options:  printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 26216 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0  ;; QUESTION SECTION: ;www.opencraft.org.             IN      A  ;; Query time: 219 msec ;; SERVER: 165.21.83.88#53(165.21.83.88) ;; WHEN: Mon Apr 25 10:05:15 2011 ;; MSG SIZE  rcvd: 35 

Why?

Replay

Verify that your glue records are correct. Without going into a long tutorial, there are reasons why some DNS servers are able to resolve without resorting to the glue records, while others must do so.

I noticed you have two namservers listed for opencraft.org:

$ dig -t ns opencraft.org

; <<>> DiG 9.4.3-P3 <<>> -t ns opencraft.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1394
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2

;; QUESTION SECTION:
;opencraft.org.         IN  NS

;; ANSWER SECTION:
opencraft.org.      86400   IN  NS  ns1.vivitec.com.au.
opencraft.org.      86400   IN  NS  ns2.vivitec.com.

;; ADDITIONAL SECTION:
ns2.vivitec.com.    1685    IN  A   76.74.253.37
ns1.vivitec.com.au. 1685    IN  A   111.223.232.30

;; Query time: 88 msec
;; SERVER: 68.87.76.182#53(68.87.76.182)
;; WHEN: Sun Apr 24 18:11:03 2011
;; MSG SIZE  rcvd: 124

When I query the first nameserver directly for www.opencraft.org, I get: 111.223.232.30, when I hit your second nameserver, I'm told to go to: 76.74.253.37. Looking at the records above, it seems you have made the www host resolve to the same IP address as the DNS server.

This tells me you are not running a master slave DNS configuration and looks like you are attempting some geo-IP based config.

If you've updated these entries recently, you'll need to wait for them to propagate to caching nameservers around the net.

Category: domain name system Time: 2011-04-25 Views: 1

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 0.119 (s). 12 q(s)