Jan 042010
 

When you come across an issue with DNS, it can be very frustrating, to say the least. We will not go in depth regarding bind or how DNS resolution happens, because it would take a large tome, bound in leather, of at least 1200 pages, weighing at least 75 pounds to contain it all. We will simply assume that resolution works the way it should.

Lets define some terms first;

    DNS:

    The Domain Name System is a naming system for computers, services, or any resource connected to the Internet. It translates domain names meaningful to humans into the numerical (binary) identifiers (known as IP addresses) associated with networking equipment for the purpose of locating and addressing these devices worldwide. DNS also stores other types of information, such as the list of mail servers that accept email for a given Internet domain.

    To explain it more simply, If I said I was going to 123 main street and our friend Bob lives at 123 main street, I could also say say I was going to Bob’s house. If I told you I was going to meet you at 123 main street you would know where that address was (assuming we lived in the same city). But if I said I will meet you at bob’s house, and you did not know bob or where he lived, you would not be able to find his house unless you had a way to associate bob’s house with 123 main street.

    DNS operates the same way; bob’s house is the server name and 123 main street is the IP address. everyone can find the 123 main street because it is a concrete location. Only those people who know where bobs house is can find 123 main street.

    Nameserver:

    A nameserver consists of a program or computer server that implements a name-service protocol. It maps a human-recognizable domain name to a numeric identification or addressing component (aka IP addresses).

    Nameservers, also called Domain Name System (DNS) servers are used to translate a hostname or a domain name for example, ‘g33kinfo.com’ to its corresponding binary identifier (the IP address 67.225.242.171) They provide the link between the concrete IP address and the server name via stored dns zone file records that are shared between nameservers all over the world. This is why a client in Singapore can locate and connect to a server in Florida and vice versa.

    BIND:

    Bind is the software installed on the nameserver which implements the default dns standard. Bind is an implementation of the Domain Name System (DNS) protocols. The name BIND stands for “Berkeley Internet Name Domain”, because the software originated in the early 1980s at the University of California at Berkeley. The nameserver does not need to be a standalone server.

    The BIND software distribution contains three parts:

Named. There is is a program called “named”, which is pronounced “name-dee” and stands for “name daemon”. It answers dns requests that are sent to it, following the rules specified in the DNS protocol standards.

Resolver: A “resolver” is a program that resolves questions about domain names by sending dns queries to other dns servers which responding appropriately to the servers’ replies. These replies give the software the ability to resolve domain names.

Testing tools for servers: These are the tools that we use for testing, and we include them in the distribution in case you would like to do your own testing, perhaps to make sure your server configuration is working properly. They include TSIG (Transaction SIGnature), DNS notify, nsupdate, IPv6, rndc flush (remote name daemon control) and views.

DNS Errors

There are usually four types of DNS errors:

    The OS thinks the server name on machine 192.168.x.x is “foo” but DNS (nslookup) thinks it is “bar”

    nslookup g33kinfo.com

    Non-authoritative answer:
    Name: g33kinfo.com
    Address: 67.225.242.171

    DNS maps the server name “foo” to 192.168.x.x but when you run a reverse DNS lookup for 192.168.x.y, it returns a name other than “foo”
    host 67.225.242.171
    171.242.225.67.in-addr.arpa domain name pointer host.g33k4l1f3.com.

    DNS maps the machine name “foo” to 192.168.x.x but there is nothing responding at that address

    nslookup g33kinfo.com
    Server: 69.16.x.x
    Address: 69.16.x.x#53

    ** server can't find g33kinfo.com: NXDOMAIN

    There is a physical machine at the address 192.168.x.x but there is no DNS entry for it


    whois g33kinfo.com

    [Querying whois.internic.net]
    [whois.internic.net]

    No match for domain "G33KINFO.COM".
    >>> Last update of whois database: Mon, 04 Jan 2010 17:23:44 UTC < <<

Commands for resolving DNS errors

To get the information you need to resolve DNS issues, we will be using several commands;

    Dig:

    Dig is a tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried.

    dig google.com

    ; < <>> DiG 9.2.4 < <>> google.com
    ;; global options: printcmd
    ;; Got answer:
    ;; ->>HEADER< <- opcode: QUERY, status: NOERROR, id: 16313 ;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 80 IN A 74.125.95.105 google.com. 80 IN A 74.125.95.106 google.com. 80 IN A 74.125.95.147 google.com. 80 IN A 74.125.95.99 google.com. 80 IN A 74.125.95.103 google.com. 80 IN A 74.125.95.104 ;; Query time: 2 msec ;; SERVER: 69.16.234.115#53(69.16.234.115) ;; WHEN: Mon Jan 4 13:13:26 2010 ;; MSG SIZE rcvd: 124

    You can also query other nameservers with the command: dig @ns domain.com

    Whois

    Whois is a query/response protocol that is used for querying DNS servers to determine the registrant or assignee of a domain name or an IP address block. It will give Administrative, Technical and Administrative contact info, nameserver information, domain creation date and domain expiration date.

    whois google.com
    [Querying whois.internic.net]
    [Redirected to whois.markmonitor.com]
    [Querying whois.markmonitor.com]
    [whois.markmonitor.com]
    (more info here)
    Registrant:
    Dns Admin
    Google Inc.
    Please contact [email protected] 1600 Amphitheatre Parkway
    Mountain View CA 94043
    US
    [email protected] +1.6502530000 Fax: +1.6506188571

    Domain Name: google.com

    Registrar Name: Markmonitor.com
    Registrar Whois: whois.markmonitor.com
    Registrar Homepage: http://www.markmonitor.com

    Administrative Contact:
    DNS Admin
    Google Inc.
    1600 Amphitheatre Parkway
    Mountain View CA 94043
    US
    [email protected] +1.6506234000 Fax: +1.6506188571
    Technical Contact, Zone Contact:
    DNS Admin
    Google Inc.
    2400 E. Bayshore Pkwy
    Mountain View CA 94043
    US
    [email protected] +1.6503300100 Fax: +1.6506181499

    Created on..............: 1997-09-15.
    Expires on..............: 2011-09-13.
    Record last updated on..: 2009-06-21.

    Domain servers in listed order:

    ns4.google.com
    ns3.google.com
    ns1.google.com
    ns2.google.com

    Host

    The Host command performs name resolution. Host uses domain name service to look up names and reverse resolve numeric addresses.

    host google.com
    google.com has address 74.125.95.105
    google.com has address 74.125.95.103
    google.com has address 74.125.95.104
    google.com has address 74.125.95.99
    google.com has address 74.125.95.147
    google.com has address 74.125.95.106

    Ping

    Ping is a system command used to confirm that a remote host is online and responding. Ping is used for verifying connectivity between two hosts on a network. It sends an ICMP echo request packets to a remote IP address and watches for ICMP responses.

    ping google.com
    PING google.com (74.125.95.105) 56(84) bytes of data.
    64 bytes from iw-in-f105.1e100.net (74.125.95.105): icmp_seq=0 ttl=54 time=18.0 ms
    64 bytes from iw-in-f105.1e100.net (74.125.95.105): icmp_seq=1 ttl=54 time=17.9 ms
    64 bytes from iw-in-f105.1e100.net (74.125.95.105): icmp_seq=2 ttl=54 time=18.2 ms
    64 bytes from iw-in-f105.1e100.net (74.125.95.105): icmp_seq=3 ttl=54 time=18.1 ms

    Nslookup


    nslookup 74.125.95.105
    Non-authoritative answer:
    105.95.125.74.in-addr.arpa name = iw-in-f105.1e100.net.

    Resolveip

    The resolveip utility resolves hostnames to IP addresses and vice versa.

    resolveip 209.85.225.103
    Host name of 209.85.225.103 is iy-in-f103.1e100.net

    resolveip google.com
    IP address of google.com is 209.85.225.103
    IP address of google.com is 209.85.225.147
    IP address of google.com is 209.85.225.105
    IP address of google.com is 209.85.225.106
    IP address of google.com is 209.85.225.104
    IP address of google.com is 209.85.225.99

Resolving DNS Errors

Propagation

Ok, now to the meat of resolving these errors. First let me state;
All of the information listed using dig, whois and ping must match the information listed at your registrars nameserver (DNS) information page.

This basically means that the DNS information you listed at your registrar (where you purchased your domain name from) needs to match the information you see using dig and whois.

When you purchase a domain name, the Registrar will assign a set of nameserver to your domain automatically, usually the nameserver associated with the registrars own domain so they can park it.

Domain parking is a process where you register a domain and do not enter the domain name servers (nameservers) of your hosting company. Usually the domain registrar will park your domain by default on their nameservers, which means that if you type your domain name into a web browser you will arrive at a default page provided by the registrar.

If the information stated in dig and whois match the DNS information listed at your registrar, the domain will resolve. If you recently purchased the domain and setup the information and you are not seeing resolution yet, you are experiencing propagation.

Propagation refers to the amount of time it takes for all the DNS servers everywhere around the world to recognize the fact that either a new domain is being registered, a domain name has been changed, or that the authority for that domain has changed.

Your domain registrar is the one responsible for publishing your domain name at the very first (called root) DNS level. When it is published, it is placed into a directory that is broadcast out to primary DNS servers around the world. The primary DNS servers broadcast out to secondary DNS servers and so on and so forth.

Non-Resolving domain names

If the DNS information does not match in dig or whois, you will need to modify either the DNS information listed at the registrar or the DNS information listed on the server . Assuming you have first setup the account in WHM, the DNS record will be present there. When the account is created, WHM will do a whois query to use the existing nameservers associated with the domain by default. If the nameserver information pulled from the registrar is different from the information contained in WHM for the domain, the domain will not resolve. This usually occurs when the domain owner, changes the DNS information in WHM and does not change the DNS information at the registrar.

In WHM you will need to go to Main >> DNS Functions >> Edit DNS Zone and select the domain that is not resolving. Make sure that the information listed there is the same as the registrar information (using whois will provide this information.)

Once this information is correct, time will be needed for propagation to take place. You can modify the TTL (time to live) which should decrease the time for propagation to take place. TTL specifies a certain time frame in seconds that, when exhausted, would cause the packet to be discarded. When the TTL count reaches zero, the router detecting it discards the packet and sends an Internet Control Message Protocol (ICMP) message back to the originating host. A common TTL value for DNS is 86400 seconds, which is 24 hours. A TTL value of 86400 would mean that if a DNS record was changed, DNS servers around the world could still be showing the old value from their cache for up to 24 hours after the change. Lowering this value to 300, will expire the DNS zone file quickly (every 5 minutes) and allow for resolution to occur quicker. Make sure you reset the value back to 86400 seconds when propagation is complete.

You can check for resolution via a cpanel script like so;

/scripts/ipcheck

a null value (no response) means the resolution is correct. If you receive a response to this script, WHM will send you an email immediately if your settings are still incorrect stating something to the effect;
IMPORTANT: Do not ignore this email.
The hostname (host.g33k4l1f3.com) resolves to . It should resolve to 67.225.245.29. Please be sure to correct /etc/hosts as well as the ‘A’ entry in zone file for the domain.

You may be able to resolve this simply be following the direction listed in the email and going to
‘Main >> DNS Functions >> Add an A Entry for your Hostname’
and clicking on the “Add Entry’ button

There are several websites which will check the propagation as well;
http://www.whatsmydns.net/
http://www.preshweb.co.uk/cgi-bin/dns-propagation-tracker.pl
————————————————————————————————–
Other DNS tools:
http://www.iptools.com/
http://www.intodns.com/
http://network-tools.com/
http://www.robtex.com/
http://www.geektools.com/tools.php
http://www.domaintools.com/
http://centralops.net/co/
http://www.freesitestatus.com/en/quicktest.php
————————————————————————————————–
Setup nameservers at different registrars;

Fabulous.com

1) Click on manage -> nameservers > and then “create nameserver” at the very bottom of the page under “Nameserver Edit.”
2) FQDN is ns1 followed by your domain registered at fabulous, followed by its IP address. Click “continue” and repeat for ns2.

Enom.com

login
Click on Registered Domains
Click on the domain name in question
Click on DNS Server Settings
Enter in your DNS Servers here then click save and you are DONE!!!!

domains >> advanced tools >> register a nameserver
http://www.enom.com/domains/RegNameServer.asp
Register a NameServer Name
Note: The domain name must be in
the customer’s account.
(Example: To register NS1.myname.com,
the domain name myname.com
must be registered to you at eNom.)

Update a NameServer IP
Note: The domain name must be in
the customer’s account.

Delete a NameServer
Note: The domain name must be in
the customer’s account.
If there are any domains using this nameserver
the deletion process will fail

1&1

1. Login to your account
2. Click Manage Your Domains
3. Check the domain you want to edit
4. At the top of the list, hit arrow next to DNS, then Edit DNS Settings
5. In the drop down box, hit My Name Server
6. Fill in your custom nameservers

A Small Orange

If you registered your domain through A Small Orange, you’ll need to login to the customer/billing area at https://customers.asmallorange.com.
1. Select My Sites -> Domains
2. Select the Domain from the list on the left by clicking on the link.
3. Select Register Nameserver on the left and enter the ns1.example.com and the IP address. Click Submit
4. Repeat for ns2.example.com
5. Select Change DNS from the menu list on the left.
6. Enter ns1.example.com and ns2.example.com
7. Done!

DirectNIC

1. Login to your account.
2. Click Domain Manager
3. To the right of the domain name, there are three icons: a telephone, and computer and a house (I think). Click the computer (middle icon).
4. Before you enter the Nameservers, you need to click on the link above for “Create Nameserver”.
5. create the ns1 and ns2 with your IP addresses.
6. When you’re done, go back to Domain Manager and select the computer icon next the your domain again.
7. Enter the nameservers you just created and click Modify.

DomainSite

1. Login to your account
2. Select Manage Registered Domain Names.
3. Click on the domain name you wish to add nameservers for.
4. Select Register a Name Server.
5. Type ns1 in the Host Name box
6. Enter the ns1 IP.
7. Click continue.
8. Click Register.
9. Click Continue managing
10. Select Register a Name Server.
11. Enter ns2 in the hostname box.
12. Enter the ns2 ip in the IP Address box.
13. Click continue.
14. Click Register.
15. Change your nameservers to the ones you’ve just created.

GoDaddy

1. Login to your GoDaddy Account.
2. Click on My Account
3. Click on Manage Domains
4. Click on the domain name you want to modify.
5. In the lower left corner of the page, there is a Host Summary. Click Add.
6. Enter the ns1 and ns2 and IP addresses. Then click OK.
7. Click the Nameservers icon across the top.
8. Change the nameservers to the ones you just created.

Ref: http://help.godaddy.com/article.php?article_id=668&topic_id=&prog_id=GoDaddy&

Mydomain

(Also applies to Dotster)

1. Log into your account, and navigate to the “My Domains” page.
2. Under the “STEP 1. CHOOSE …” header, click on the domain you want nameservers under.
3. Under “Name Servers”, click “Register Name Server”
4. Enter “ns1” (no quotes) in the “Host Name” box, and your first nameserver IP.
5. On the success page, click “Back to Domain Information”.
6. Repeat steps 3. to 5., using your second nameserver IP.
7. Under “Name Servers”, click “Update Name Servers”.
8. Change the nameserver to the ones you’ve just created.

Namecheap

1. Login to your account.
2. Click Manage Domains
3. Click on the domain name.
4. On the left, click on Nameserver Registration
5. for the first two (ns1 ns2), enter the IP addresses.
6. click add nameservers
7. Go back to manage domains
8. Select the domain
9. Click Domain Name Server Setup.
10. Change the Nameservers to your custom nameservers

Network Solutions

1. Login to Account Manager
2. Click the check box next to the domain you want to manage, then click “Edit DNS”
3. Ignore the warnings and click the “continue button under “Move DNS to A New Name Server” (do not select DNS Manager Continue)
4. Ignore the warning on the next page, and click Continue
5. Enter your custom nameservers, ns1.example.com and ns2.example.com and click Continue
6. On the next screen, enter the IP addresses for those nameservers and click Continue.
7. Ignore the warnings and click Save DNS.

OpenSRS

1. Login into your domain control panel.
2. Once logged in go to Name servers
3. Scroll down to the bottom of the page and click on the link following If you want to create or modify a name server which is based on yourdomain.com
4. At the bottom of this page type in ns1 then the IP Address provided to you by A Small Orange if you are a VPS Customer in the host name field. If you are shared or a reseller for the host name type in 64.22.96.90. Then click on Create Name Server
5. After that repeat #4 but then use ns2 and use the other IP Address A Small Orange provided of you are a VPS Customer but use 67.19.36.196 if you are a shared or reseller customer.
6. After 72 hours head over back to the Control Panel and go back to nameservers. Now type in ns1.youdomain.com and ns2.yourdomain.com and you are now done.
7. Now Jump up on your desk and say “I did it. I made nameservers.”

Register.com

1. Login to your domain control panel.
2. Click on the domain you wish to change.
3. Scroll all the way to the bottom, and under “Advanced Technical Setting”, click on “Managed Registered Name Servers”
4. On the next screen, look for Register DNS Server.
5. Enter “ns1” for DNS Server, and the IP address (notice the domain name is pre-defined). Click the Continue button.
6. On the next screen (a confirmation screen), click Continue.
7. Repeat steps 3 – 6.
8. Now that the Nameserver IPs are registered, you can look for the section “Domain Name System Servers”
9. Enter ns1.example.com and ns2.example.com.
10. You’re done. Do a victory jig.

Stargate

1. Login to customer control panel
2. Enter your domain name example.com into the Jump to Domain field and use the drop down menu to select Domain Registration Service.
3. In the Domain Management Console, select the button “Manage Child Name Server”.
4. Enter ns1 for hostname field next to your domain example.com and enter the IP address 1.2.3.4 below it.
5. Click on the Modify Name Server button.
6. Change the nameservers to ns1.example.com and ns2.example.com that you created in Step 4.
7. Do a victory jig while the DNS propagates throughout the Internet.

If you can’t find your registrars walkthrough listed above, leave a comment and I will find it and post it for you.

 Posted by at 3:10 pm

 Leave a Reply