Re: [DNS] sa.gov.au domains

Re: [DNS] sa.gov.au domains

From: Ian Smith <smithi§nimnet.asn.au>
Date: Sun, 14 Sep 2003 15:48:52 +1000 (EST)
On Sun, 14 Sep 2003, Tony Owen wrote:

 > I'm getting more confused lol ....
 > 
 > If I ask arnie.systems.sa.gov.au for the ip of www.mountgambier.sa.gov.au i
 > get:
 > 
 > Non-authoritive answer:
 > Name: www.mountgambier.sa.gov.au
 > Address: 203.220.28.5

'Non-authoritive answer' from nslookup just means that the queried
server is not a primary or secondary NS for the queried domain, ie the
result is either cached there and/or obtained from upstream DNS.  I tend
to use dig these days, it's verbose but in cases like this, clearer:

gaia: {301} dig &#167;arnie.systems.sa.gov.au www.mountgambier.sa.gov.au

; <<>> DiG 2.2 <<>> &#167;arnie.systems.sa.gov.au www.mountgambier.sa.gov.au
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd ra; Ques: 1, Ans: 1, Auth: 2, Addit: 2
;; QUESTIONS:
;;      www.mountgambier.sa.gov.au, type = A, class = IN

;; ANSWERS:
www.mountgambier.sa.gov.au.     3600    A       203.220.28.5

;; AUTHORITY RECORDS:
mountgambier.sa.gov.au. 86400   NS      ns.seol.net.au.
mountgambier.sa.gov.au. 86400   NS      ns2.seol.net.au.

;; ADDITIONAL RECORDS:
ns.seol.net.au. 1518    A       203.23.53.7
ns2.seol.net.au.        3600    A       203.220.28.8

;; Total query time: 1071 msec
;; FROM: gaia.nimnet.asn.au to SERVER: arnie.systems.sa.gov.au 203.26.120.3
;; WHEN: Sun Sep 14 14:46:07 2003
;; MSG SIZE  sent: 44  rcvd: 162


Ah so, ns.seol.net.au's A record is back in action now.  That all looks
cool, and your servers are listed as authorit{,at}ive, where it matters,
though there may be a day before expiry of the NS records still there ..
also (not sure with your setup, or whether it matters, or where) but
watch out for proper use of goddam TABs in zone files .. seems that A
record for ns.seol.net.au might lack a tab?  Some systems might care.

In either nslookup or dig you can specify an SOA lookup:

gaia: {302} dig &#167;arnie.systems.sa.gov.au www.mountgambier.sa.gov.au soa

; <<>> DiG 2.2 <<>> &#167;arnie.systems.sa.gov.au www.mountgambier.sa.gov.au soa
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd ra; Ques: 1, Ans: 0, Auth: 1, Addit: 0
;; QUESTIONS:
;;      www.mountgambier.sa.gov.au, type = SOA, class = IN

;; AUTHORITY RECORDS:
mountgambier.sa.gov.au. 3600    SOA     ns2. admin. (
                        12      ; serial
                        900     ; refresh (15 mins)
                        600     ; retry (10 mins)
                        86400   ; expire (1 day)
                        3600 )  ; minimum (1 hour)
[..]

Which still looks like your older (serial# 12) ns2. SOA record?  Maybe
you need to bump the serial(s) and hup/restart/whatever your ns* servers
to propagate all current data to a) your secondary/s and b) upstream?

If in doubt, can't hurt to bump them all to resynch the lot, and wait :) 

 > If I ask ns3.on.net the same I get:
 > 
 > Name: www.mountgambier.sa.gov.au
 > Address: 203.220.28.5

Yep, same result here from ns3.on.net as above.  Encouraging :)

 > >From a search at www.domainname.gov.au site for mountgambier.sa.gov.au I get
 > the following info ...
 > 
 > <snip>
 > 
 > Technical Contact:
 > 
 > user id:   C454
 > ausregistry id:   ARC0966335-AR
 > ugrp id:   tech
 > name:   Internode Hostmaster
 > 
 > </snip>
 > 
 > I would think from this that seol.net.au have not any type of authority for
 > the domain. I really need to have answers for the customers first thing
 > Monday. Any help on how to tell who is actually authoritive would be greatly
 > appreciated.

According to sa.gov.au's SOA (arnie..) and at least one of its
secondaries, your ns. and ns2. are the authoritative servers for
www.mountgambier.sa.gov.au.  In DNS terms that IS authority, ie the
delegated nameservers for the domain.  You should be sweet; whether the
whois and/or other data elsewhere is out of synch is another matter.

As mentioned before, once you've got all your zonefiles synched, you
should be ok to add your ns1 as (initially) another secondary, wait till
that propagates, then later remove references to ns, and once the DNS
everywhere agrees on your new servers (ns1, ns2), then you can pull
ns.seol.net.au, but leave it run till it's gone everywhere.  Fun, eh? 

Meanwhile the other one listed (ns2) should probably be the primary.

Gotta go, will respond to your other interesting mail later.

Cheers, Ian
Received on Fri Oct 03 2003 - 00:00:00 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:07 UTC